The EU has sanctioned three Russians linked to a 2020 cyber espionage operation that targeted Estonian government agencies, breaching several ministries and stealing sensitive documents. The individuals are associated with a military intelligence unit believed to be involved in various destabilization activities across Europe. Affected: Estonia, EU member states, Ukraine
Keypoints :
- Three Russian nationals have been sanctioned by the EU for cyber espionage against Estonia.
- Individuals are members of the GRU’s Unit 29155, responsible for significant cyber-attacks.
- The targeted Estonian ministries included Economic Affairs, Social Affairs, and Foreign Affairs.
- Thousands of sensitive documents, including business secrets and health records, were stolen.
- Unit 29155 has a history of conducting cyber operations against multiple countries, including Ukraine.
- The unit is also linked to attempted assassinations and other destabilization efforts in Europe.
- WhisperGate, a destructive wiper malware, was deployed by DEV-0586, a group associated with Unit 29155, against Ukrainian entities.
- A reward of up to million has been offered by the US for information leading to the capture of certain members of Unit 29155.
MITRE Techniques :
- TA0011: Command and Control – Employing cyber-tools for strategic intelligence gathering against targeted foreign entities.
- TA0007: External Remote Services – Gaining unauthorized access to computer systems of government agencies.
- TA0040: Impact – Using malware (WhisperGate) to disable devices and disrupt operations.
Full Story: https://www.infosecurity-magazine.com/news/eu-sanctions-russians-2020/