Skip to main content
  1. Home
  2. Computing
  3. News

Russian cybercriminal hacked more than 60 government, education agencies

Add as a preferred source on Google

Studies have shown that millions of internet-connected machines are vulnerable to cyberattack based on a variety of configuration and other issues. One vulnerability that cybercriminals can use to relatively easily attack systems is called “SQL injection,” meaning that a database server that doesn’t carefully check the data submitted on web forms, for example, can be compromised.

One SQL injection, or SQLi, threat is known as “Rasputin,” referring to a Russian-speaking cybercriminal who has been linked to a number of attacks against various government and private agencies. A recent attack by Rasputin targeted over 60 government and educational institutions, and the solution to such attacks is to change the penalties and incentives related to resolving SQLi issues, according to a recent Recorded Future analysis.

Recorded Future
Recorded Future
Recommended Videos

Recorded Future is a threat intelligence company that uses machine learning to reduce online security risks. The company worked with law enforcement in December 2016 to assess the database attack on the United States Election Assistance Commission (EAC) and the eventual sale of information. It’s Recorded Future who gave the actor the name Rasputin, and according to its analysis, Rasputin used SQLi technology to hack into the EAC’s database.

SQLi attacks nothing new, having been around for more than 15 years. Malicious agents don’t need special skills or knowledge to conduct SQLi attacks, given that a number of tools are freely available that automate finding and attacking vulnerable database servers. The tools literally make conducting SQLi attacks a “point and click” affair.

Recorded Future
Recorded Future

Rasputin is a bit more sophisticated, as Recorded Future reports, having created his own proprietary SQLi tool. The reason for investing the time in creating such a tool and carrying out such attacks is purely financial — there’s a significant market for information that can generate real money for cybercriminals.

Recorded Future concludes that a number of steps need to be taking to respond to SQLi attacks and reduce their prevalence and impact. First is to raise awareness among developers, but that’s not enough. Rather, penalties and incentives need to be created to make it worthwhile to maintain database and web form security. Until the issues are addressed, however, agents like Rasputin will have their own incentives to hack into our data, often with serious repercussions.

Mark Coppock
Former Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
How to install macOS 27 Golden Gate public beta on your Mac?
From a smarter Siri to a more reliable Spotlight, here's your full walkthrough for installing macOS 27 Golden Gate's public beta today.
macOS 27 Golden Gate

Along with iOS 27’s public beta, Apple has also released macOS 27 Golden Gate’s public beta build, so that early adopters can get their hands on the new features, including Siri AI, and provide timely feedback to help ensure a stable iOS launch in September. 

If you’re sold on all the new features but don’t want to put your faithful MacBook through developer beta duty, a public beta offers a much more refined experience. To install macOS 27’s public beta, follow the steps given below. 

Read more
Microsoft is finally fixing the worst thing about Windows Search, but you can’t try it just yet
Windows Insiders in the Experimental channel are getting a Search experience that finally feels less of a billboard and more of what users actually need.
Page, Text, Person

Windows Search has been a mess for years, and I do not use that word lightly. Open it to find a file, and you get trending Bing topics, Microsoft Store promotions, and an AI tools tile that just opens a browser. 

That is changing, but not immediately for all users. Microsoft is rolling out a batch of Windows Search improvements to Insiders in the Experimental channel, and for once, this isn't just a fresh coat of paint.

Read more
Apple doesn’t want to share this AirPods feature with Meta, but the EU may force its hand
Spring 2027, EU only, built under DMA pressure.
The front of the Ray-Ban Meta smartglasses.

I’ve been an AirPods user for the last four years, and one of the things that makes it genuinely hard to leave behind is the seamless, almost magical pairing experience across devices. Open an AirPods case near your iPhone, and a pop-up appears within seconds. Switch to your Mac and the audio follows. 

However, the experience is limited only to Apple devices. Doesn’t matter whether you have one of the coolest pieces of tech on the market right now; if it’s not Apple, it won’t get the same treatment. However, that might change for the Meta Quest or the Ray-Ban Meta glasses, thanks to pressure from the EU. 

Read more