Cybersecurity

Russian Military Intelligence Accused of Malicious Cyber Attacks  

  • Reading time: 3 min
GRU, a cyber group backed by the Russian military intelligence, issuing cyberattacks and targeting EU and NATO member countries.  

On September 9, German domestic intelligence warned the public from GRU, a cyber group backed by the Russian military intelligence, issuing cyberattacks and targeting EU and NATO member countries.  

GRU 29155 Cyber Attempts  

The Bundesamt fur Verfassungsschutz, German Federal Office for the Protection of the Constitution, posted on social media platform x, saying it was issuing the warning against the group known as UNC2589 with the FBI, U.S. cybersecurity agency CISA, the NSA and further international partners.

The cyber actors, assessed to be affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155), are held responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm. 

Western intelligence has reported a surge in GRU cyberattacks since Russia’s invasion of Ukraine in February 2022.  According to the indictment, GRU hackers were part of a conspiracy to breach, steal data from, leak information, and damage computer systems linked to the Ukrainian government before Russian invasion. 

National security authorities are deploying every available tool to counter these malicious Russian cyber espionage campaigns and hold perpetrators accountable for their targeting of NATO critical infrastructure and its allies. 

“The GRU’s WhisperGate campaign, including targeting Ukrainian critical infrastructure and government systems of no military value, is emblematic of Russia’s abhorrent disregard for innocent civilians as it wages its unjust invasion,” said Assistant Attorney General Matthew G. Olsen of the National Security Division.  

The FBI Deputy Director Paul Abbate said that “the FBI and its international partners are relentless in our commitment to thwarting GRU attacks across the globe and bringing justice those responsible for these criminal acts.”  

Abbate also mentioned that their response to cyber threats is evolving including deployment of all tools in their disposal from advanced technologies to investigative measures to defend their infrastructure and impose costs on those who target it. 
 

“Today’s superseding indictment underscores our commitment to using all the tools at our disposal to pursue those who would do us and our allies around the world harm,” said U.S. Attorney Erek L. Barron for the District of Maryland.  

Previous Attempts  

This is not the first time Russia military intelligence has launched cyberattacks against its rivals, but the scale of these activities became more exposed.  

In July 2021, the US Department of State’s Rewards for Justice program, administered by the Diplomatic Security Service, offered a $10 million reward for information on individuals involved in malicious cyber activities against US critical infrastructure.   

The accused hackers have repeatedly attempted to breach computer systems, including those of 26 NATO member countries, in search of sensitive information. 

In 2022, a cyber group backed by Russian military intelligence attempted to use a U.S.-based company’s services to spread the “WhisperGate” malware, designed to appear as ransomware, across dozens of Ukrainian government computer systems. The objective was to destroy critical data and infrastructure ahead of Russia’s invasion of Ukraine. 

Russian cyber-espionage attempts have been more frequent in recent years. One notable incident involved the hacking of the transportation infrastructure of a Central European country supporting Ukraine. In another case, Russian military intelligence targeted health records, defacing a website with the message: “Ukrainians! All information about you has become public, be afraid and expect the worst. This is for your past, present, and future.” These cyberattacks were aimed at instilling fear and destabilizing Ukraine’s allies while compromising critical systems and personal data. 

Final Thoughts 

The Russian military intelligence is very advanced and have threatened many times to conduct cyber operations in response to offensive acts against the Russian government and Russian people. 

 GRU Unit 29155 is known for its focus on vandalizing websites and leaking stolen data especially targeting EU and Nato member countries, and international effort is being put to combat the destructive cyber activities by GRU Unit 29255 and enhance their network defense.  

There is an escalation the world of cyber warfare, after the German domestic intelligence warning about the Russian cyber espionage, which comes in times of geopolitical tension. Therefore, Western intelligence entities, NATO and EU countries should develop a stronger defense system with advanced technologies and investigative measures to protect their critical data from malicious activities.  

Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Intelligent Tech sections to stay informed and up-to-date with our daily articles.

Tags: