Federal law enforcement officials said they have hacked and disabled a complex Russian cyberespionage operation that was used for about 20 years to steal sensitive government materials from the U.S. and its allies. Justice Department officials described the operation as one of Russia's most powerful cyberespionage tools. They said the U.S. has been secretly investigating the network for nearly as long it was in operation but executed a court-authorized search warrant only this week to hamper the Russian malware. Law enforcement personnel had to develop their own cyberinfrastructure to disrupt the malware, which the Russians were constantly updating and changing.
Officials believe their actions this week will make it difficult for Russia to continuing operating this spying network. “Through a high-tech operation that turned Russian malware against itself, U.S. law enforcement has neutralized one of Russia’s most sophisticated cyber-espionage tools, used for two decades to advance Russia’s authoritarian objectives,” said Deputy Attorney General Lisa Monaco. FBI officials said the malware, known as “Snake,” was operated by the Federal Security Service, the Russian government’s main security agency, known as FSB. The Russians used the malware to steal sensitive information from computer systems in at least 50 countries, including members of the NATO alliance, and to spy on journalists and other Russian “targets of interest,” officials said. Russian officials allegedly would stole materials and routed them through U.S. computers that had been infected with malware to avoid detection. The U.S. launched “Operation Medusa” — named for the Greek mythological figure with venomous snakes on her head — to disable Snake.