Report: Russian group suspected of hacking City of Austin network; council members knew since October

Austin

AUSTIN (KXAN/The Intercept) — Apparent Russian hackers have breached the City of Austin’s network and have had access for months, according to a report from The Intercept.

The hack, believed to be carried out by Berserk Bear, is traced back to mid-October, the news outlet reported, and appears to have been used as a jumping-off point for more attacks. Berserk Bear could be part of Russia’s Federal Security Service, The Intercept said.

This is not the first attack linked back to Austin this year. Hackers tied to another group out of Russia were able to gain access to the U.S. Treasury and Commerce departments by planting malware in a SolarWinds software update. Organizations across the globe use SolarWinds, which is based in Austin, including Fortune 500 companies and multiple U.S. federal agencies.

The Intercept reported the City of Austin breach was outlined in documents from the Microsoft Threat Intelligence Center and said the city knew about the attacks since Oct. 9, when an alert was sent out. A few days later, city council had a closed meeting to discuss network security.

“While we are aware of this hacking group we cannot provide information about ongoing law enforcement investigations into criminal activity,” a City of Austin spokesperson said in a statement to KXAN Thursday. “The City follows the measures that the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI recommend for local governments.”

KXAN has also reached out to the FBI on this case. While a spokeswoman said she would look into it, she added the agency typically doesn’t confirm or deny investigations.

A city IP address was part of a list of compromise indicators, MSTIC documents showed. Close to 100 malware samples were found to be communicating with the address, according to The Intercept.

The Intercept said malware is still interfering with the city’s network and was reported as recently as this month.

Biden addresses cybersecurity

President-elect Joe Biden said in a statement Thursday he will make cybersecurity one of his top priorities when he makes the transition into office.

“We will elevate cybersecurity as an imperative across the government, further strengthen partnerships with the private sector, and expand our investment in the infrastructure and people we need to defend against malicious cyber attacks,” the statement read.

Copyright 2021 Nexstar Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Austin-Travis County

More Austin-Travis County News

Tracking the Coronavirus

Coronavirus Cases Tracker

Latest Central Texas COVID-19 Cases

More Coronavirus Live Blogs

Trending Stories

Don't Miss