Russian State-Sponsored Hacking Extends Worldwide

Uploaded on 2024-11-27 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--International, FREE TO VIEW

A Russian cyber-espionage campaign has been hitting human rights groups, private security companies and educational institutions in Central Asia, East Asia, and Europe.

Now, based on the latest statements from its government, it is evident that Russia is ready to carry out cyber attacks on Britain and NATO allies in and effort to intimidate them and  to weaken support for Ukraine.

This week, a senior British government minister, Pat McFadden -  whose role includes responsibility for national security - told a NATO meeting that Russia could target the electric grid and and leave millions of consumers and businesses without power. 

This is the latest in a series of warnings about the cyber-warfare capabilities of Russia, which McFadden called a "hidden war" being waged against Ukraine. McFadden referred to Russian hacking group connected to the GRU military spy agency, known as Unit 29155, which the  says has carried out a number of attacks in the UK and Europe. 

Recorded Future’s Insikt Group has attributed other attacks TAG-110, another Russian threat actor, also  likely linked to the Russian cyber-espionage group APT28, which is also known as Fancy Bear.  

Fancy Bear is believed to act on the orders of the GRU and is thought to be behind several major attacks on Ukraine and its allies in recent years. In 2023 the group hacked the German Social Democratic Party, and was also responsible for large-scale disruption targeting the Polish government

Insikt Group has identified 62 unique TAG-110 victims, primarily in Tajikistan, Kyrgyzstan, Turkmenistan, and Kazakhstan since July 2024. According to Insikt Group, these victims  were infected with the group’s custom malware, including the Hatvibe loader and the Cherryspy  backdoor.

The group used malicious Microsoft Word email attachments to deliver these tools against  targeted systems and exploit vulnerable web-facing services. 

TAG-110 allegedly has been spying for the Russian state since at least 2021, primarily targeting entities in Central Asia, Insikt Group said. The group has also targeted victims in India, Israel, Mongolia and Ukraine. Inskit Group researchers think that TAG-110’s campaigns will continue and likely focusing on post-Soviet Central Asian states, Ukraine and its allies.

The likely objective is to reinforce Russia’s military efforts in Ukraine and gather insights into geopolitical events in neighbouring countries, especially as Moscow’s relations with these nations have suffered following its failed invasion of Ukraine.   

NCSC   |   Recorded Future  |    Recorded Future   |    TEISS  |   Record  |   BBC  |   Guardian  |   

Hacker News    |    Infosecurity Magazine   

Image: Leestat

You Might Also Read: 

The Impact Of Geopolitical Dynamics On The Evolving Cybersecurity Landscape:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible





 

« Meta Deletes 2 Million Fake Social Media Accounts 

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Academic Centres of Excellence in Cyber Security Research

Academic Centres of Excellence in Cyber Security Research

The ACE-CSRs scheme is part of the UK Government’s National Cyber Security Strategy, working with academia and industry to make the UK more resilient to cyber attacks.

Cybercom Group

Cybercom Group

Cybercom offers strategic advice, testing & quality assurance, security solutions, system development, integration, management and operation services.

I-Tracing

I-Tracing

I-TRACING are experts in IT security, specialized in legal compliance of information systems, security of information systems, and the collection of digital evidence and traces.

Kroll

Kroll

Kroll provides clients a way to build, protect and maximize value through our differentiated financial and risk advisory and intelligence.

Fornetix

Fornetix

Fornetix is a cybersecurity platform enabling Zero Trust while delivering critical encryption automation, access controls, authorization services, machine identity, and ICAM solutions,

PrimeKey

PrimeKey

PrimeKey provides organisations with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

Upstream Security

Upstream Security

Upstream Security is the first cloud-based cyber-security solution that protects the technologies and applications of connected and autonomous vehicles.

SecuLution

SecuLution

SecuLution is an Antivirus product using Application Whitelisting which offers much more protection than Virus Scanners ever can.

Kymatio

Kymatio

Kymatio are pioneers in Artificial Intelligence applied to adaptive staff strengthening, cultural change and predictive internal risk analysis.

UPX Technologies

UPX Technologies

UPX Technologies is one of the largest digital security centers in Brazil providing full protection for data, networks and content.

Jump Capital

Jump Capital

Jump provides series A and B capital to data-driven tech companies within the FinTech, IT & Data Infrastructure, B2B SaaS and Media sectors.

OmniCyber Security

OmniCyber Security

Omni is a cyber security firm specialising in Penetration Testing, Managed Security and Compliance.

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startups Association is an umbrella organization that aims to promote, support and represent the interests of tech startups in Romania.

Randaemon

Randaemon

RANDAEMON’s mission is to create True Random Number Generators (TRNG) that are hardware-based and integrated into System-on-Chip.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.

AKIPS

AKIPS

AKIPS develops the world's most scalable network and infrastructure monitoring software, delivered as a turn-key software appliance.