Optimize IAS
  • Home
  • About Us
  • Free Initiatives
    • Daily Practice Sheets
    • Daily Prelims Notes
    • Prelims Power Play
    • Mains Factly
    • Sunday Essay Sadhna
  • Courses
    • Mains Mentorship
      • Mains Master Notes
      • Daily Answer Writing
      • Essay Master Class
      • Ethics Master Class
    • Prelims Test Series
      • Laqshya 2024
    • Integrated Guidance 2024
      • ARJUNA PRIME 2024
  • Downloads
    • Important Topics List for Prelims 2023
    • Daily Prelims Notes Compilation
    • Daily Practice Sheet Compilation
    • PPP Compilation
    • PSIR Notes
    • General Studies Notes
    • UPSC Mains Previous Year Papers
  • Portal Login
  • Home
  • About Us
  • Free Initiatives
    • Daily Practice Sheets
    • Daily Prelims Notes
    • Prelims Power Play
    • Mains Factly
    • Sunday Essay Sadhna
  • Courses
    • Mains Mentorship
      • Mains Master Notes
      • Daily Answer Writing
      • Essay Master Class
      • Ethics Master Class
    • Prelims Test Series
      • Laqshya 2024
    • Integrated Guidance 2024
      • ARJUNA PRIME 2024
  • Downloads
    • Important Topics List for Prelims 2023
    • Daily Prelims Notes Compilation
    • Daily Practice Sheet Compilation
    • PPP Compilation
    • PSIR Notes
    • General Studies Notes
    • UPSC Mains Previous Year Papers
  • Portal Login

Strontium- a Cyber Espionage Group

  • April 25, 2022
  • Posted by: OptimizeIAS Team
  • Category: DPN Topics
No Comments

 

 

Strontium- a Cyber Espionage Group

Subject: Science and Tech

Section: Cyber Security

Context: Recently,Microsoft said it had disrupted cyber attacks from a Russian nation-state hacking group. The group called ‘Strontium’ by the software company targeted Ukrainian firms, media organisations, government bodies, and think tanks in the U.S. and the EU.

Concept:

What is Strontium?

  • Strontium, also known as Fancy Bear, Tsar Team, Pawn Storm, Sofacy, Sednit or Advanced Persistent Threat 28 (APT28) group, is a highly active and prolific cyber-espionage group.
  • It is one of the most active APT groups and has been operating since at least the mid-2000s, making it one of the world’s oldest cyber-spy groups.
  • It has access to highly sophisticated tools to conduct spy operations, and has been attacking targets in the U.S., Europe, Central Asia and West Asia. The group is said to be connected to the GRU, the Russian Armed Forces’ main military intelligence wing. The GRU’s cyber units are believed to have been responsible for several cyberattacks over the years and its unit 26165 is identified as Fancy Bear.

How does it attack networks?

  • The group deploys diverse malware and malicious tools to breach networks. In the past, it has used X-Tunnel, SPLM (or CHOPSTICK and X-Agent), GAMEFISH and Zebrocy to attack targets.
  • These tools can be used as hooks in system drivers to access local passwords, and can track keystroke, mouse movements, and control webcam and USB drives. They can also search and replace local files and stay connected to the network.
  • APT28 uses spear-phishing (targeted campaigns to gain access to an individual’s account) and zero-day exploits (taking advantage of unknown computer-software vulnerabilities) to target specific individuals and organisations.
  • A watering hole attack compromises a site that a targeted victim visits to gain access to the victim’s computer and network. For high volume attacks, the group has used Zebrocy, which is also primarily deployed through spear-phishing emails.
  • Fancy Bear has also used VPN Filter malware to target hundreds of thousands of routers and network-access storage devices worldwide. The infection allows attackers to potentially control infected devices, make them inoperable and intercept or block network traffic.
  • More recently, APT28 deployed a malware called Drovorub, designed for Linux systems. When deployed on a victim machine, it provides file download and upload capabilities; execution of arbitrary commands; and implements hiding technique to evade detection.

Which organisations have been targeted?

The Democratic National Committee (DNC) hack during the 2016 U.S. presidential election, the global television network TV5Monde cyberattack, the World Anti-Doping Agency (WADA) email leak, and several other high-profile breaches are said to be the work of APT28.

Science and tech Strontium- a Cyber Espionage Group

Recent Posts

  • Prelims Power Play 9 December 2023 December 9, 2023
  • Daily Prelims Notes 9 December 2023 December 9, 2023
  • U.S. FDA approves pair of gene therapies for sickle cell disease December 9, 2023
  • India’s alarming ‘fixed dose combination’ problem December 9, 2023
  • After Mahua expulsion December 9, 2023
  • Clean Ganga mission sign pact with Mississippi river initiative December 9, 2023
  • Rs 5 lakh UPI limit for payment to hospital and educational institution December 9, 2023
  • How Google DeepMind’s AI breakthrough could revolutionise chip, battery development December 9, 2023
  • Global Cooling Pledge at COP28: How refrigerators and ACs contribute to global warming December 9, 2023
  • De-extincting the dodo: Why scientists are planning to bring back the bird to Mauritius December 9, 2023

About

If IAS is your destination, begin your journey with Optimize IAS.

Hi There, I am Santosh I have the unique distinction of clearing all 6 UPSC CSE Prelims with huge margins.

I mastered the art of clearing UPSC CSE Prelims and in the process devised an unbeatable strategy to ace Prelims which many students struggle to do.

Free Initiatives

  • Daily Practice Sheets
  • Daily Prelims Notes
  • Mains Factly
  • Prelims Power Play
  • Sunday Essay Sadhna

My Proven Strategy

  • Interview Strategy
  • Mains Strategy
  • Motivational
  • Prelims Strategy

Contact us

moc.saiezimitpo@tcatnoc

For More Details

Work with Us

Connect With Me

Course Portal
Search