iSight Partners finds Russian cyber-attack linked to Ukraine crisis

A Russian hacking group has been exploiting a previously unknown flaw in Microsoft's Windows operating system to spy on Nato, the Ukrainian government, a US university researcher and other security targets, according to a report.

The group had been active since at least 2009, according to research by iSight Partners, a cybersecurity firm. Its targets in the recent campaign also included a Polish energy firm, a Western European government agency and a French telecoms firm.

"All indicators from a targeting and lures perspective would indicate espionage with Russian national interests," said iSight senior director Stephen Ward.

The Russian government has denied similar allegations of cyber espionage in the past. Current and former US intelligence officials, nonetheless, say the capabilities of Russian hackers are on par with those of the United States and Israel.

"It's possible they've become more active in response to the Ukrainian situation," said a former intelligence official. "And when you become more active, you increase your likelihood of getting caught."

ISight dubbed the hacking group SandWorm because of references embedded in its code to the fictional planet Arrakis in the science fiction novel Dune.

The firm began monitoring the hackers' activity late last year and discovered the vulnerability — known as a "zero-day" — in August, Ward said.