September 5, 2024 at 02:03PM
The United States and its allies have linked Russian military intelligence hackers to Unit 29155 of Russia’s Main Directorate of the General Staff of the Armed Forces. The hackers have been carrying out sabotage and cyberattacks in Europe and North America since 2020. The U.S. State Department announced a reward for information on five Russian military intelligence officers. Measures to defend against cyberattacks are advised, including system updates and network segmentation. The U.S. also announced a crackdown on Russian disinformation ahead of the 2024 election.
Based on the meeting notes, here are the key takeaways:
1. The United States and its allies have linked a group of Russian military intelligence hackers, known as Cadet Blizzard and Ember Bear, to Unit 29155 of Russia’s Main Directorate of the General Staff of the Armed Forces.
2. The Russian hackers, described as “junior active-duty GRU officers,” have been orchestrating sabotage and assassination attempts throughout Europe and cyberattacks against critical infrastructure sectors of NATO members and countries across North America, Europe, Latin America, and Central Asia.
3. The group has expanded its tradecraft to include offensive cyber operations since at least 2020, with objectives including espionage, reputational harm, and systematic sabotage.
4. The FBI has detected over 14,000 instances of domain scanning targeting at least 26 NATO members and several European Union nations, with hackers associated with Russia’s Unit 29155 defacing websites and leaking stolen data.
5. The U.S. State Department announced a reward of up to $10 million for information on five Russian military intelligence officers believed to be part of GRU’s Unit 29155.
6. Critical infrastructure organizations are urged to take immediate action to defend against GRU-linked cyberattacks, including prioritizing system updates, patching known vulnerabilities, implementing network segmentation, and using phishing-resistant multifactor authentication.
7. CISA and the FBI warned in February 2022 that destructive malware cyberattacks against Ukraine could spread to targets in other countries.
8. The United States announced a crackdown on Russian disinformation, seizing 32 web domains used by a Russian-linked influence operation network to push disinformation and propaganda targeting the American public ahead of the 2024 election.