Russia's largest search engine hacked by Western intelligence agencies
New report reveals Yandex was the victim of Five Eyes espionage
The search engine Yandex, often referred to as Russia's Google, was the target of a cyberattack that occurred late last year which was orchestrated by hackers working for Western intelligence agencies.
The hackers deployed a rare type of malware, called Reign, in an attempt to spy on user accounts according to a new report from Reuters who spoke with four people familiar with the incident. This particular strain of malware is known to be used by the Five Eyes nations as a result of Edward Snowden leaking classified NSA documents.
While cyberattacks against Western organizations and governments receive a great deal of media attention, similar attacks against Russia are rarely acknowledged or discussed openly in public.
- Five Eyes nations want access to your encrypted communications data
- Google and VPN services could be fined $77k by Russia
- Web browser you've never heard of adds cutting-edge security feature
Those familiar with the incident were able to determine that one of the Five Eyes nations orchestrated the cyberattack but they remain unsure as to whether the US, the UK, Australia, New Zealand or Canada was responsible.
Yandex cyberattack
The security breach of Yandex took place between October and November of 2018 and the hackers were able to covertly maintain their access to the company's systems for at least several weeks before they were ultimately detected.
Reuter's sources said that the hackers were searching for technical information that could explain how the Russian company authenticates user accounts. This information could be leveraged by a spy agency to impersonate a Yandex user and access their private messages.
However, the hack of Yandex's research and development unit was an espionage operation as opposed to one aimed at disrupting the company's business or stealing its intellectual property.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Now that the news of the cyberattack on its company is out, Yandex has responded in a press release in which it reassured its users that no customer data was affected by the breach, saying:
“Cyber attacks are a common occurrence throughout the world. This particular attack was detected at an early stage by the Yandex security team. It was fully neutralized before any damage to Yandex customers' data was done. At this point in time we are not disclosing any further details about the attack. The Yandex security team’s response ensured that no user data was compromised by the attack.
“Ensuring the security of user data is of critical importance to us. Following the attempted attack, we took the necessary measures to ensure that we would not be susceptible to such an attack in the future. We continue to employ all relevant cyber defense tools and also cooperate with leading third-party experts and providers to protect our users' privacy.”
- Keep your systems protected from the latest cyber threats with the best antivirus of 2019
Via Reuters
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.