Particle.news
Download on the App Store
12 ARTICLES
·
4h ago

Russia’s GRU Cyber Unit Exposed in Ongoing Espionage Targeting Ukraine Aid Networks

Eleven Western nations reveal a sustained Russian cyber campaign compromising defense, transport, and IT firms aiding Ukraine since 2022.

This generic image from 2017 shows a computer exploited by computer hackers.
A computer keyboard lit by a displayed cyber code is seen in this illustration picture taken on March 1, 2017. REUTERS/Kacper Pempel/Illustration/File Photo
Image
Hackers broke into thousands of cameras to gain real-time visibility of transport routes in and out of Ukraine

Overview

  • A joint advisory from eleven Western countries details a Russian cyber-espionage campaign by GRU Unit 26165, also known as Fancy Bear, targeting organizations supporting Ukraine's aid efforts.
  • The campaign, active since February 2022, has infiltrated defense contractors, transport hubs, maritime firms, air traffic systems, and IT service providers across NATO nations and Ukraine.
  • Hackers used techniques such as credential guessing, spear-phishing, and exploiting Microsoft Exchange vulnerabilities to gain access and maintain stealthy operations.
  • The operation included hijacking internet-connected cameras at Ukrainian border crossings, rail stations, and military installations to monitor aid shipments and logistics routes.
  • The advisory urges targeted organizations to implement mitigation measures immediately, including multi-factor authentication and regular security updates, to counter ongoing threats.