[Ed. – I think I would have gone with Busy Bear. But that’s just me.]
In a joint alert, the FBI and CISA report that a Russian advanced persistent threat (APT) group known in the security community as “Energetic Bear,” among other names, has been attacking U.S. state, local, territorial and tribal (SLTT) government networks among other targets since September.
“The Russian state-sponsored APT actor has targeted dozens of SLTT government and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of October 1, 2020, exfiltrated data from at least two victim servers,” the FBI and CISA wrote in the alert.
The federal agencies noted that in at least one of the successful attacks, the hacking group had been able to access passwords, IT instructions, vendor and purchasing information, and printable access badges.