Printed on
23/05/2025 – 11:02 GMT+2
Hackers linked to Russian army intelligence have focused Western logistics and expertise corporations concerned in transporting help to Ukraine, the US Nationwide Safety Company (NSA) stated.
The cyber operation, attributed to the infamous Russian army intelligence company GRU unit 26165, higher often called Fancy Bear, sought to assemble data on the kinds and timing of help getting into Ukraine.
In keeping with the NSA’s report printed late Wednesday, the marketing campaign aimed to breach firms within the defence, transport and logistics sectors throughout a number of Western international locations, together with the US. It additionally focused ports, airports and railway infrastructure.
As a part of the operation, hackers tried to entry footage from greater than 10,000 internet-connected cameras — each personal and public — located close to strategic transit factors similar to border crossings, ports and rail hubs.
Whereas nearly all of these cameras had been positioned in Ukraine, others had been primarily based in neighbouring international locations together with Poland, Romania and elsewhere in jap and central Europe.
The cyber assaults reportedly started in 2022, when Russia launched its full-scale invasion of Ukraine. Authorities haven’t disclosed how profitable the hackers had been or how lengthy they remained undetected.
The NSA, together with the FBI and cybersecurity businesses from allied nations, warned that Russia is prone to proceed its surveillance efforts and suggested firms concerned in assist supply to stay vigilant.
“To defend in opposition to and mitigate these threats, at-risk entities ought to anticipate focusing on,” the NSA stated within the advisory.
The hackers employed spearphishing ways — sending misleading, official-looking messages designed to extract delicate data or set up malware — in addition to exploiting vulnerabilities in distant entry units sometimes utilized in small or residence workplace networks, which frequently lack enterprise-level safety.
Grant Geyer, chief technique officer at cybersecurity agency Claroty, stated the hackers’ strategies weren’t particularly refined however had been methodically executed.
“They’ve carried out detailed focusing on throughout your complete provide chain to know what tools is transferring, when and the way — whether or not it’s by plane, ship or rail,” he famous.
Geyer warned that the intelligence gathered may assist Russia refine its army technique or probably plan future cyber or bodily disruptions to Ukraine’s help routes.
In a associated transfer final autumn, US intelligence businesses issued steering urging US defence contractors and logistics corporations to bolster their cybersecurity, following a collection of suspected Russian-linked sabotage incidents in Europe.
Proof gathered by Western international locations through the years has proven that FancyBear has been behind a slew of assaults on Ukraine, Georgia and NATO, in addition to political enemies of the Kremlin, worldwide journalists and others.
Further sources • AP
