The UK has exposed what it says is a “malicious cyber campaign” targeting multiple organisations, including those involved in delivering foreign assistance to Ukraine
After a joint investigation with allies including the US, Germany and France, the UK’s National Cyber Security Centre (NCSC) said a Russian military unit had been targeting both public and private organisations since 2022.
These include organisations involved in supplying defence, IT services and logistics support.
The security bodies of 10 NATO countries and Australia said Russian spies had used a combination of hacking techniques to gain access to networks.
Some of the targets were internet-connected cameras at Ukrainian borders which monitored aid shipments going into the country.
The report also says a rough estimate of 10,000 cameras were accessed near “military installations, and rail stations, to track the movement of materials into Ukraine.
It adds the “actors also used legitimate municipal services, such as traffic cams.”
The Russian military unit blamed for the espionage is called GRU Unit 26165 but goes by a number of informal names, including Fancy Bear.
The notorious hacking team is known to have previously leaked World Anti-Doping Agency data, and played a key role in the 2016 cyber-attack on the US’s Democratic National Committee, according to security experts.
“This malicious campaign by Russia’s military intelligence service presents a serious risk to targeted organisations, including those involved in the delivery of assistance to Ukraine,” Paul Chichester, NCSC Director of Operations, said in a statement.
“We strongly encourage organisations to familiarise themselves with the threat and mitigation advice included in the advisory to help defend their networks,” he added.
Leave a Reply