Rare NSA Advisory About Russia-Based Cyberattacks Unlikely to Stop Them
A rare advisory from the US National Security Agency (NSA), warning of attacks by Russian military intelligence on vulnerable e-mail servers, is not likely to dissuade the nation-state cyber-espionage group from attacking targets of interest, cybersecurity experts say.
On Thursday, the NSA told organizations that a remotely exploitable vulnerability in the EXIM mail transfer agent, which comes installed by default on some versions of Linux, is being targeted by "Russian cyber actors from the GRU Main Center for Special Technologies (GTsST), field post number 74455" — otherwise known as the Sandworm group. The Sandworm group is one of two main cyber operations groups for Russian military intelligence.
But aside from convincing targeted organizations to take the appropriate actions to protect their systems, the advisory will likely...