The information gathered is unclassified, but offers “significant insight into US weapons platforms development and deployment timelines,” and also covers export-controlled technology, according to the FBI, National Security Agency and US Cybersecurity and Infrastructure Security Agency (CISA).
The intrusions hit contractors supporting every US military branch, including the Air Force, Army, Navy and Space Force, as well as firms that work on defense and intelligence programs, US officials said.
US government agencies have for years regularly released information on state-sponsored hacking threats, and US officials continue to say there is no credible, specific cyber threat to the US homeland tied to the Ukraine crisis.
Contractors targeted by Russian hackers over the last two years have been involved in aircraft design and the development of combat and weapons systems, among other things, the US agencies said.
“By acquiring proprietary internal documents and email communications, adversaries may be able to adjust their own military plans and priorities, hasten technological development efforts, inform foreign policymakers of US intentions, and target potential sources for recruitment,” the advisory says.
The Russian embassy in Washington did not immediately respond to a request for comment on the US advisory. Russia routinely denies allegations that it conducts hacking operations.
US spy agencies have long used cyber tools to collect intelligence on rival powers such as Russia and China.