GRU special operation. Britain exposed Russia's cyber campaign against foreign support for Ukraine
Category
World
Publication date

GRU special operation. Britain exposed Russia's cyber campaign against foreign support for Ukraine

UK Ministry of Defence
GRU special operation.
Читати українською

The United Kingdom, along with 10 allied countries, announced the exposure of a Russian intelligence cyber campaign targeting organizations, including those involved in providing foreign aid to Ukraine.

Points of attention

  • The British National Cyber Security Center and 10 allied countries have exposed a Russian military intelligence cyber campaign targeting organizations providing foreign aid to Ukraine.
  • Unit 26165 of Russia's GRU, known as APT 28, has been conducting malicious cyber activities since 2022, targeting government, defense, IT, and maritime sector organizations coordinating aid to Ukraine.
  • The exposed campaign involved methods like credential harvesting, phishing, exploiting Microsoft Exchange permissions, and monitoring humanitarian aid shipments by attacking internet-connected cameras.

Britain exposes Russia's cyber campaign against foreign support for Ukraine

This is stated in a statement by the British National Cyber Security Center (NCSC), which is part of the Royal Military and Civilian Command (GCHQ).

This malicious Russian military intelligence campaign poses a serious risk to organizations, including those involved in providing assistance to Ukraine, said Paul Chichester, NCSC Director of Operations.

The report notes that military unit 26165 of Russia's GRU has been conducting a malicious cyber campaign against government and private organizations since 2022.

This included attacks on organizations involved in coordinating, transporting, and providing support to Ukraine, as well as organizations in the defense sector, IT services, the maritime sector, airports, ports, and air traffic control systems in many NATO member countries.

Unit 26165, also known as APT 28, was able to gain access to the networks of cyberattack victims, using a combination of methods including credential harvesting, phishing, and exploiting Microsoft Exchange mailbox permissions.

They also attacked internet-connected cameras at Ukrainian border crossings and near military facilities to monitor and track humanitarian aid shipments to Ukraine.

The NCSC warning was signed by the United States, Germany, the Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France, and the Netherlands.

Countries have called on organizations that may be at risk to take immediate steps to protect themselves.

More on the topic

Category
Ukraine
Publication date
Додати до обраного
Hackers tried to attack defense enterprises of Ukraine
State Special Communications
Hackers tried to attack defense enterprises of Ukraine

Share

How do you like that?

By staying online, you consent to the use of cookies files, which help us make your stay here even better 

Based on your browser and language settings, you might prefer the English version of our website. Would you like to switch?