Ukraine government, NATO, targeted by "Sandworm Team" hackers

While its troops battled pro-Russia rebels this summer, the Ukrainian government faced a stealth attack on a separate front.

Hackers apparently breached government computer networks, looking for sensitive intelligence files.

A report from the cyber-security firm iSight Partners blames that attack on Russian hackers who over the last five years have gone after "...policy makers, defense officials and diplomats."

sandworm.png
Screen grab of the iSight web site

iSight said targets in the ongoing cyber blitz range from energy and communications firms to NATO and governments of the EuropeanUnion.

Since all of the victims appear to be adversaries of Russia, it's believed the hackers are working with the backing of Vladimir Putin's government.

The hackers are nicknamed the "Sandworm Team" because references to a science fiction series "Dune" have been found embedded in the code of the malware.

The Sandworm spies exploited a flaw in Microsoft Windows and used a common technique called "spear-phishing." The hackers sent innocent looking emails which, when opened, injected malware into the computer servers of the targets.

In the case of the most recent breach, Sandworm sent Ukrainian government officials tempting emails purporting to contain information about pro-Russian agitators.

Microsoft says it has now issued a fix to plug the vulnerability. And cyber investigators are trying to assess how much damage has been done.

While it's clear the hackers breached multiple systems, we don't know what they took.