**UK Exposes Russian Intelligence Cyber Campaign Targeting Logistics and Technology Organizations**
The United Kingdom has uncovered a sophisticated cyber campaign orchestrated by Russia’s military intelligence agency, the GRU, targeting Western logistics and technology organizations involved in delivering aid to Ukraine. The UK’s National Cyber Security Centre (NCSC) announced this on May 21.
According to the NCSC, the GRU unit, known as APT 28 or Fancy Bear, has been attempting to penetrate secure networks in various sectors across NATO countries, including defense, IT, maritime, airports, ports, and air traffic management systems. The goal is to disrupt logistics deliveries to Ukraine.
This is not the first time Russian hacker groups have engaged in cyber warfare during the full-scale war with Ukraine. They have previously targeted Ukraine itself, civilian infrastructure in Europe, and even interfered with foreign elections.
The GRU unit has been using various tactics since 2022 to gain access to secure networks, including credential guessing, spear-phishing, and exploiting Microsoft Exchange mailbox permissions. They have also targeted internet-connected cameras at Ukrainian border crossings and near military installations.
“This malicious campaign by Russia’s military intelligence service presents a serious risk to targeted organizations, including those involved in the delivery of assistance to Ukraine,” said NCSC Director of Operations Paul Chichester.
The Fancy Bear unit has previously been accused by other NATO allies, including France, which brought charges against them based in Rostov-on-Don in southern Russia. The US, Germany, Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France, and the Netherlands assisted the UK in exposing this cyber campaign.
While details of the specific breaches or classified information obtained by the GRU unit are not publicly available, it is clear that this is a serious threat to Western organizations involved in supporting Ukraine. The exposure of this cyber campaign serves as a warning to these organizations to take necessary precautions and strengthen their cybersecurity measures.
**Read More**
For more information on this story, please visit [kyivindependent.com](http://kyivindependent.com).
