Intelligence and cybersecurity companies from 10 international locations has warned in a joint advisory {that a} cyberespionage group operated by the Russian navy intelligence service, the GRU, has been concentrating on logistics and IT corporations for the previous three years. Identified within the safety business as APT28 and Fancy Bear, the risk actor has been launching assaults towards these targets utilizing quite a lot of preliminary entry techniques together with password spraying, spearphishing and exploitation of vulnerabilities in in style software program.
“As Russian navy forces failed to satisfy their navy targets and Western international locations offered assist to help Ukraine’s territorial protection, unit 26165 [of the Russian GRU 85th GTsSS] expanded its concentrating on of logistics entities and expertise corporations concerned within the supply of assist,” the advisory learn. “These actors have additionally focused Web-connected cameras at Ukrainian border crossings to observe and observe assist shipments.”
The targets included dozens of presidency organizations and business entities concerned in items transportation on air, sea and rail. This included protection business corporations, transport and logistics corporations, air site visitors administration companies and IT providers corporations. The international locations focused have been Bulgaria, the Czech Republic, France, Germany, Greece, Italy, Moldova, the Netherlands, Poland, Romania, Slovakia, Ukraine and the US.
