Uzbek intelligence officers have used commercially-available computer spying tools to launch a series of cyber attacks against activists and dissidents, researchers at Moscow-based cybersecurity firm Kaspersky said on Thursday, Reuters reports.
Kaspersky researcher Brian Bartholomew named Unit 02616 of Uzbekistan’s National Security Service as the team behind the attacks. The service, also sometimes referred to by acronyms in Russian or Uzbek, changed its name to State Security Service last year but is still often referred to abroad as NSS.
According to two people with knowledge of the attacks, the targets of the NSS have included regional news outlets Fergana News, Eltuz, Centre1 and the Palestine Chronicle, all of which report on the Uzbek government. The publishers did not immediately respond to requests for comment.
The NSS did not respond to questions submitted via the Uzbek Foreign Ministry and Uzbek embassy in London.
Kaspersky said it had detected Unit 02616 carrying out attacks using software from German firm FinFisher. FinFisher did not respond to repeated requests for comment.
Kaspersky’s Bartholomew declined to identify any specific targets of the NSS hacking but said the unit was attacking “human rights activists, journalists and other dissidents. We didn’t see much outside the country, it was internally focused.”
“Uzbekistan’s NSS has been on our radar for some time as an organization that’s been interested in acquiring offensive hacking tools,” he said.
Countries like this want to “advance their hacking capabilities quickly so they turn to outside vendors,” he added. “But the goal is always to eventually become more independent.”