Russian Hackers Targeted Government and Aviation, U.S. Says

Kartikay Mehrotra, Bloomberg News

WASHINGTON, DC - SEPTEMBER 28: An American flag is placed on a fence outside of the U.S. Capitol building on September 28, 2020 in Washington, DC. This week Seventh U.S. Circuit Court Judge Amy Coney Barrett, U.S. President Donald Trump's nominee to the Supreme Court, will begin meeting with Senators as she seeks to be confirmed before the presidential election. (Photo by Al Drago/Getty Images) Photographer: Al Drago/Getty Images North America , Photographer: Al Drago/Getty Images North America

(Bloomberg) -- Russia has been targeting U.S. government agencies since at least September and may be planning more severe attacks in the days leading up to and after Election Day, according to a cybersecurity advisory issued by a pair of U.S. agencies.

Russian state-sponsored operators have been targeting dozens of government and aviation networks, including successful attacks against two unnamed victims whose data was stolen as of Oct. 1, according to the guidance issued jointly by the FBI and the Cybersecurity Infrastructure Security Agency. While the agencies don’t have any evidence that attacks have disrupted victims in aviation, education, elections or government, they raise concerns that the successful compromises could open the door to more malicious attacks in the near future.

“The actor may be seeking access to obtain future disruption options, to influence U.S. policies and actions, or to delegitimize” local government entities, according to the joint cybersecurity advisory issued late Thursday. “There may be some risk to elections information housed on” local government networks.

The Russian state-sponsored group is known by various nicknames, including Berserk Bear and Crouching Yeti.