Intelligence and cybersecurity businesses from 10 international locations has warned in a joint advisory {that a} cyberespionage group operated by the Russian army intelligence service, the GRU, has been concentrating on logistics and IT corporations for the previous three years. Recognized within the safety trade as APT28 and Fancy Bear, the risk actor has been launching assaults in opposition to these targets utilizing quite a lot of preliminary entry ways together with password spraying, spearphishing and exploitation of vulnerabilities in standard software program.
“As Russian army forces failed to satisfy their army goals and Western international locations supplied help to assist Ukraine’s territorial protection, unit 26165 [of the Russian GRU 85th GTsSS] expanded its concentrating on of logistics entities and know-how corporations concerned within the supply of help,” the advisory learn. “These actors have additionally focused Web-connected cameras at Ukrainian border crossings to watch and observe help shipments.”
The targets included dozens of presidency organizations and business entities concerned in items transportation on air, sea and rail. This included protection trade corporations, delivery and logistics corporations, air visitors administration businesses and IT companies corporations. The international locations focused had been Bulgaria, the Czech Republic, France, Germany, Greece, Italy, Moldova, the Netherlands, Poland, Romania, Slovakia, Ukraine and the US.
