Russian State-Sponsored Hacking Extends Worldwide

Uploaded on 2024-11-27 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--International, FREE TO VIEW

A Russian cyber-espionage campaign has been hitting human rights groups, private security companies and educational institutions in Central Asia, East Asia, and Europe.

Now, based on the latest statements from its government, it is evident that Russia is ready to carry out cyber attacks on Britain and NATO allies in and effort to intimidate them and  to weaken support for Ukraine.

This week, a senior British government minister, Pat McFadden -  whose role includes responsibility for national security - told a NATO meeting that Russia could target the electric grid and and leave millions of consumers and businesses without power. 

This is the latest in a series of warnings about the cyber-warfare capabilities of Russia, which McFadden called a "hidden war" being waged against Ukraine. McFadden referred to Russian hacking group connected to the GRU military spy agency, known as Unit 29155, which the  says has carried out a number of attacks in the UK and Europe. 

Recorded Future’s Insikt Group has attributed other attacks TAG-110, another Russian threat actor, also  likely linked to the Russian cyber-espionage group APT28, which is also known as Fancy Bear.  

Fancy Bear is believed to act on the orders of the GRU and is thought to be behind several major attacks on Ukraine and its allies in recent years. In 2023 the group hacked the German Social Democratic Party, and was also responsible for large-scale disruption targeting the Polish government

Insikt Group has identified 62 unique TAG-110 victims, primarily in Tajikistan, Kyrgyzstan, Turkmenistan, and Kazakhstan since July 2024. According to Insikt Group, these victims  were infected with the group’s custom malware, including the Hatvibe loader and the Cherryspy  backdoor.

The group used malicious Microsoft Word email attachments to deliver these tools against  targeted systems and exploit vulnerable web-facing services. 

TAG-110 allegedly has been spying for the Russian state since at least 2021, primarily targeting entities in Central Asia, Insikt Group said. The group has also targeted victims in India, Israel, Mongolia and Ukraine. Inskit Group researchers think that TAG-110’s campaigns will continue and likely focusing on post-Soviet Central Asian states, Ukraine and its allies.

The likely objective is to reinforce Russia’s military efforts in Ukraine and gather insights into geopolitical events in neighbouring countries, especially as Moscow’s relations with these nations have suffered following its failed invasion of Ukraine.   

NCSC   |   Recorded Future  |    Recorded Future   |    TEISS  |   Record  |   BBC  |   Guardian  |   

Hacker News    |    Infosecurity Magazine   

Image: Leestat

You Might Also Read: 

The Impact Of Geopolitical Dynamics On The Evolving Cybersecurity Landscape:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible





 

« Meta Deletes 2 Million Fake Social Media Accounts 
From Credentials To Identity: Understanding Digital Identity & Access »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

FireEye

FireEye

FireEye delivers unmatched detection, protection and response technology through an extensible and flexible cloud-based XDR platform.

EclecticIQ

EclecticIQ

EclecticIQ is a global provider of threat intelligence, hunting and response technology and services.

Morphisec

Morphisec

Morphisec's world leading prevention-first software stops ransomware and other advanced attacks from endpoint to the cloud.

Australian Cyber Security Centre (ACSC)

Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location.

CyberSecurityTrainingCourses.com

CyberSecurityTrainingCourses.com

Cyber Security Training Courses is a portal to help candidates find the best courses to progress their career within the IT security industry.

Cyber Struggle

Cyber Struggle

At Cyber Struggle, our aim is training and certifying the special forces of the cyber world.

Fischer Identity

Fischer Identity

Fischer Identity provide identity & access management and identity governance administration solutions.

Conduent

Conduent

Conduent delivers mission-critical technology services and solutions on behalf of businesses and governments. Solution areas include digital risk and compliance.

Tehtris

Tehtris

TEHTRIS XDR Platform was developed to control and improve the IT security of private and public companies against advanced cyber threats such as cyber espionage or cyber sabotage activities.

Cryptoloc

Cryptoloc

Cryptoloc's core business is developing solutions designed to protect businesses from all kinds of security threats using a unique patented cryptography.

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

Xperience

Xperience

Xperience solves our clients’ toughest challenges by delivering business efficiency through digital transformation solutions across cloud, managed IT, CRM and ERP.

Hubify

Hubify

Hubify is an experienced, service-driven technology company specialising in business connectivity across mobile, data, voice, cloud, & cyber security solutions.

Protectt.ai Labs

Protectt.ai Labs

Protectt.ai Labs is India’s first mobile security start up building awareness & providing solutions for mobile app, device & transaction security.

Campus cyber

Campus cyber

A project initiated by the President of the Republic, the Cyber Campus is the totem site of cybersecurity that brings together the main national and international players in the field.

CyberGrape

CyberGrape

CyberGrape is a client centric managed services company, providing enterprise leading security solutions and helping companies through their IT risk and security challenges.