"US Agencies and Allies Partner to Identify Russian Snake Malware Infrastructure Worldwide"
In over 50 countries, the National Security Agency (NSA) and several partner agencies have identified infrastructure for the sophisticated Russian cyber espionage tool known as Snake malware. The agencies are publishing the joint Cybersecurity Advisory (CSA) "Hunting Russian Intelligence 'Snake' Malware" in order to help network defenders in detecting Snake and any associated activity. The agencies link Snake operations to a known unit within Russia's Federal Security Service (FSB) Center 16. Snake malware infrastructure has been discovered in North America, South America, Europe, Africa, Asia, and Australia, including the US and Russia. Rob Joyce, the NSA's Director of Cybersecurity, stated that Russian government actors have used this intelligence-gathering tool for years. The technical details will help many organizations in locating and eliminating malware worldwide. In the US, the FSB has targeted education institutions, small companies, and media organizations. The Snake malware is typically deployed on external-facing infrastructure nodes on a network. From there, it applies more techniques, tactics, and procedures (TTPs) to conduct additional exploitation operations on the internal network. This article continues to discuss the release of the CSA on the Snake malware.