Russian State-Sponsored Hacking Extends Worldwide

Uploaded on 2024-11-27 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--International, FREE TO VIEW

A Russian cyber-espionage campaign has been hitting human rights groups, private security companies and educational institutions in Central Asia, East Asia, and Europe.

Now, based on the latest statements from its government, it is evident that Russia is ready to carry out cyber attacks on Britain and NATO allies in and effort to intimidate them and  to weaken support for Ukraine.

This week, a senior British government minister, Pat McFadden -  whose role includes responsibility for national security - told a NATO meeting that Russia could target the electric grid and and leave millions of consumers and businesses without power. 

This is the latest in a series of warnings about the cyber-warfare capabilities of Russia, which McFadden called a "hidden war" being waged against Ukraine. McFadden referred to Russian hacking group connected to the GRU military spy agency, known as Unit 29155, which the  says has carried out a number of attacks in the UK and Europe. 

Recorded Future’s Insikt Group has attributed other attacks TAG-110, another Russian threat actor, also  likely linked to the Russian cyber-espionage group APT28, which is also known as Fancy Bear.  

Fancy Bear is believed to act on the orders of the GRU and is thought to be behind several major attacks on Ukraine and its allies in recent years. In 2023 the group hacked the German Social Democratic Party, and was also responsible for large-scale disruption targeting the Polish government

Insikt Group has identified 62 unique TAG-110 victims, primarily in Tajikistan, Kyrgyzstan, Turkmenistan, and Kazakhstan since July 2024. According to Insikt Group, these victims  were infected with the group’s custom malware, including the Hatvibe loader and the Cherryspy  backdoor.

The group used malicious Microsoft Word email attachments to deliver these tools against  targeted systems and exploit vulnerable web-facing services. 

TAG-110 allegedly has been spying for the Russian state since at least 2021, primarily targeting entities in Central Asia, Insikt Group said. The group has also targeted victims in India, Israel, Mongolia and Ukraine. Inskit Group researchers think that TAG-110’s campaigns will continue and likely focusing on post-Soviet Central Asian states, Ukraine and its allies.

The likely objective is to reinforce Russia’s military efforts in Ukraine and gather insights into geopolitical events in neighbouring countries, especially as Moscow’s relations with these nations have suffered following its failed invasion of Ukraine.   

NCSC   |   Recorded Future  |    Recorded Future   |    TEISS  |   Record  |   BBC  |   Guardian  |   

Hacker News    |    Infosecurity Magazine   

Image: Leestat

You Might Also Read: 

The Impact Of Geopolitical Dynamics On The Evolving Cybersecurity Landscape:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible





 

« Meta Deletes 2 Million Fake Social Media Accounts 
From Credentials To Identity: Understanding Digital Identity & Access »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cisco Talos

Cisco Talos

Talos is an industry-leading threat intelligence solution that protects your organization’s people, data and infrastructure from active adversaries.

Bureau Veritas

Bureau Veritas

Bureau Veritas are a world leader in Testing, Inspection and Certification. We provide certification and training services in areas including cybersecurity and data protection.

Crypto Quantique

Crypto Quantique

Crypto Quantique's ground-breaking technology radically simplifies the process of generating a hardware root of trust in an IoT device.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub is a non-profit network organization focused on cooperation, information sharing, research and implementation of cutting-edge technologies in cybersecurity.

INVISUS

INVISUS

INVISUS protects businesses against the latest cyber risks – including business and employee identity theft, data breaches, and cybersecurity compliance.

Xscale Accelerator

Xscale Accelerator

Xscale's vision is to create world-class startups out of India by transforming sales and providing access to global markets.

Avalanchio Technologies

Avalanchio Technologies

The Avalanchio platform gives you a complete solution to collect, process, and analyze security data to detect threats in real-time and analyze historical data using security DSL or SQL.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Microminder Cyber Security

Microminder Cyber Security

Microminder Cyber Security are innovators, advisors, strategists committed to solving your cyber security challenges.

SensCy

SensCy

SensCy is a Trusted Guide for Sensible Cybersecurity for small and medium-sized organizations.

Metabase Q

Metabase Q

Metabase Q protects you from financial and reputational losses with more efficient and intelligent cybersecurity, using the best worldwide in technologies, processes and specialists.

Cloudflare

Cloudflare

Cloudflare is a global network designed to make everything you connect to the Internet secure, private, fast, and reliable.

CyberSanctus

CyberSanctus

CyberSanctus provide clients with a variety of pentest plans from the entry level starter plan, which is tailored for personal websites, to enterprise level pentests, tailored for large scale business

Maltego Technologies

Maltego Technologies

Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering. Applications include cybersecurity threat intelligence and incident response.

V3 Cybersecurity

V3 Cybersecurity

V3 Cybersecurity is a unique company focused on contextualization of security programs from a business perspective. Our mission is to provide enterprise IT Risk Management capabilities.

turingpoint

turingpoint

turingpoint GmbH is a tech enabled boutique consultancy. It was founded by security experts with a focus on cyber security and software solutions.