The US CISA warns of an increased threat from Russia’s APT28 (Fancy Bear) targeting Western logistics and technology companies involved in supplying Ukraine. The campaign involves sophisticated hacking techniques, reconnaissance, and exploitation of vulnerabilities, emphasizing the need for heightened security measures in the affected sectors. #APT28 #FancyBear #UkraineSupplyChain #RailwayCyberattacks
Keypoints
- The CISA alert highlights an ongoing Russian espionage campaign targeting logistics and tech firms supporting Ukraine.
- Unit 26165 (APT28) employs techniques such as password-spraying, spear-phishing, and exploiting software vulnerabilities.
- Victims include shipping brokers, rail operators, port authorities, and defense contractors across NATO countries.
- The hackers focus on stealing shipping manifests, monitoring aid movements, and gaining real-time intelligence via hijacked IP cameras.
- Organizations are urged to strengthen identity controls, deploy multi-factor authentication, and implement threat hunting to mitigate risks.
Read More: https://www.securityweek.com/cisa-says-russian-hackers-targeting-western-supply-lines-to-ukraine/