France’s Le Monde reports that a very powerful computer virus has infected computers in Ukraine, where 22 instances of infection has been recorded since 2013, the year that country’s political crisis started, according to a report from BAE Systems.
This virus, baptised Snake, but also known as Ouroboros after the serpent in Greek mythology, is “one of the most sophisticated and persistent threats that we track,” states BAE Systems Applied Intelligence, in a report published on Friday, 7th March.
Although it appeared as early as 2006, Snake appears to have been deployed more aggressively since 2013, according to the same source: of the 56 instances identified since 2010 throughout the world, 44 have been recorded since last year. Ukraine is the main target with 22 instances since 2013, of which 14 alone have been confirmed since the start of 2014 when that country’s political crisis accelerated with the fall of its pro-Russian president at the end of February.
Lithuania, Britain and Georgia are amongst the other countries where Snake has also shown up.
Snake’s operators act on weekdays and operate mainly from a time zone corresponding to Moscow, BAE Systems states. “Our report shows that a technically sophisticated and well-organised group has been developing and using these tools for the last eight years,” said David Garfield, the managing director of cyber security at BAE Systems Applied Intelligence.
“There is some evidence that links these tools to previous breaches connected to Russian threat actors but it is not possible to say exactly who is behind this campaign.”
Snake’s controllers can access all of the computer systems they have infiltrated, in addition to which the virus’ capacity to hibernate by remaining completely inactive for many days makes its detection complex.
According to Saturday’s Financial Times (paywall), the virus has in particular infiltrated the Kiev government’s computer systems and those of major Ukrainian organisations.