In an alert Thursday, U.S. agencies warned that Energetic Bear, a Russian state-backed hacking group, was able to compromise state, local, territorial, and tribal government networks and steal data from at least two servers. In one incident, the group accessed documents about sensitive network configurations and passwords, standard operating procedures, IT instructions, vendor and purchasing information, and access badges.
More from the alert:
- The FBI and Cybersecurity and Infrastructure Security Agency said that there was no evidence that election information was compromised.
- Energetic Bear is also known as Berserk Bear, TeamSpy, Dragonfly, Havex, Crouching Yeti, and Koala.
- The agencies warned that the Russian group might be compromising networks to disrupt operations in the future, to influence U.S. policies and actions, or to delegitimize the government entities.
- In addition to government networks, Energetic Bear also targeted networks of U.S. airports.