Joint Advisory: Russian intelligence ‘Snake’ malware

The National Cyber Security Centre (NCSC) has joined international partners in publishing a technical advisory on malicious cyber activity linked to malware used by Russia’s Federal Security Service (FSB) for long-term intelligence collection on sensitive targets.

The advisory has been published as part of a part of a coordinated effort to raise awareness of this capability being used by sophisticated Russian state actors. The advisory is jointly issued by the Australian Cyber Security Centre(external link) (ACSC), the Canadian Centre for Cyber Security(external link) (CCCS), the United Kingdom’s National Cyber Security Centre(external link) (NCSC-UK), the United States of America’s Cybersecurity and Infrastructure Security Agency(external link) (CISA), the Federal Bureau of Investigation(external link) (FBI), the National Security Agency(external link) (NSA), the United States Cyber Command(external link), and New Zealand’s National Cyber Security Centre (NCSC).  

While the NCSC is not aware of New Zealand organisations currently being impacted by the Snake malware, we are conscious that malicious cyber activity in New Zealand reflects international trends, and alongside international tensions resulting from Russia’s invasion of Ukraine, there is increased potential for cyber attacks.

We are making this advisory publically available to help inform organisations’ cyber defence efforts. We encourage organisations’ information security leaders, technical specialists, security researchers, and those in academia to review this advisory, consider the tactics, techniques and procedures (TTPs) described in it, and to make an assessment of how they can be used to support network defence and resilience building.

If organisations identify malicious activity as a result of reviewing the information in this advisory, they should contact the National Cyber Security Centre.

For queries related to this advisory, please contact: info@ncsc.govt.nz