LONDON/BOSTON, (Reuters) – A sophisticated piece of spyware has been quietly infecting hundreds of government computers across Europe and the United States in one of the most complex cyber espionage programmes uncovered to date.
Several security researchers and Western intelligence officers say they believe the malware, widely known as Turla, is the work of the Russian government and linked to the same software used to launch a massive breach on the U.S. military uncovered in 2008.
It was also linked to a previously known, massive global cyber spying operation dubbed Red October targeting diplomatic, military and nuclear research networks.
Those assessments were based on analysis of tactics employed by hackers, along with technical indicators and the victims they targeted.
“It is sophisticated malware that’s linked to other Russian exploits, uses encryption and targets western governments. It has Russian paw prints all over it,” said Jim Lewis, a former U.S. foreign service officer, now senior fellow at the Center for Strategic and International Studies in Washington.
However, security experts caution that while the case for saying Turla looks Russian may be strong, it is impossible to confirm those suspicions unless Moscow claims responsibility. Developers often use techniques to cloud their identity.