U.S., Allies Dismantle Russia's "Snake" Malware Network

The United States and its allies have dismantled a major cyberespionage system that it said Russia’s intelligence service has been using for years to spy on computers around the world, the Justice Department announced, Charlie Savage reported for The New York Times.

Photo Insert: The Snake system operated as a “peer-to-peer” network that linked together infected computers around the world.

The Cybersecurity and Infrastructure Security Agency (CISA) described the system, known as the “Snake” malware network, as “the most sophisticated cyberespionage tool” in the Federal Security Service (FSB) arsenal.

FSB used Snake to gain access to, and steal, international relations documents and diplomatic communications from a NATO country, CISA said, and deployed it to infect computers in more than 50 countries and a range of US institutions.

Those included “education, small businesses and media organizations, and critical infrastructure sectors including government facilities, financial services, manufacturing, and communications.”

“Through a high-tech operation that turned Russian malware against itself, US law enforcement has neutralized one of Russia’s most sophisticated cyberespionage tools, used for two decades to advance Russia’s authoritarian objectives,” Lisa O. Monaco, the deputy attorney general, said in a statement.

In an unsealed 33-page court filing from a federal judge in Brooklyn, a cybersecurity agent, Taylor Forry, laid out how the effort, called Operation Medusa, would take place.

The Snake system, the court documents said, operated as a “peer-to-peer” network that linked together infected computers around the world.

Leveraging that, the FBI planned to infiltrate the system using an infected computer in the US, overriding the code on every infected computer to “permanently disable” the network.

WEEKLY FEATURE : MVP Group Keeps Lights On During Pandemic