Latest news with #GrantGeyer
Euronews
23-05-2025
- Euronews
Report: Russian army hackers target Western aid supply to Ukraine
Hackers linked to Russian military intelligence have targeted Western logistics and technology firms involved in transporting aid to Ukraine, the US National Security Agency (NSA) said. The cyber operation, attributed to the notorious Russian military intelligence agency GRU unit 26165, better known as Fancy Bear, sought to gather information on the types and timing of assistance entering Ukraine. According to the NSA's report published late Wednesday, the campaign aimed to breach companies in the defence, transport and logistics sectors across multiple Western countries, including the US. It also targeted ports, airports and railway infrastructure. As part of the operation, hackers attempted to access footage from more than 10,000 internet-connected cameras — both private and public — situated near strategic transit points such as border crossings, ports and rail hubs. While the majority of these cameras were located in Ukraine, others were based in neighbouring countries including Poland, Romania and elsewhere in eastern and central Europe. The cyber attacks reportedly began in 2022, when Russia launched its full-scale invasion of Ukraine. Authorities have not disclosed how successful the hackers were or how long they remained undetected. The NSA, along with the FBI and cybersecurity agencies from allied nations, warned that Russia is likely to continue its surveillance efforts and advised companies involved in support delivery to remain vigilant. 'To defend against and mitigate these threats, at-risk entities should anticipate targeting,' the NSA said in the advisory. The hackers employed spearphishing tactics — sending deceptive, official-looking messages designed to extract sensitive information or install malware — as well as exploiting vulnerabilities in remote access devices typically used in small or home office networks, which often lack enterprise-level protection. Grant Geyer, chief strategy officer at cybersecurity firm Claroty, said the hackers' methods were not especially sophisticated but were methodically executed. 'They have done detailed targeting across the entire supply chain to understand what equipment is moving, when and how — whether it's by aircraft, ship or rail,' he noted. Geyer warned that the intelligence gathered could help Russia refine its military strategy or potentially plan future cyber or physical disruptions to Ukraine's aid routes. In a related move last autumn, US intelligence agencies issued guidance urging US defence contractors and logistics firms to bolster their cybersecurity, following a series of suspected Russian-linked sabotage incidents in Europe. Evidence gathered by Western countries over the years has shown that FancyBear has been behind a slew of attacks on Ukraine, Georgia and NATO, as well as political enemies of the Kremlin, international journalists and others. The man arrested as the lone suspect in the fatal shooting of two Israeli embassy employees in Washington was charged on Thursday with two counts of first-degree murder and murder of foreign officials. Chicago-born Elias Rodriguez, 31, shouted 'Free, free Palestine' as he was led away after shooting and killing two Israeli embassy employees outside an event in the US capital on Wednesday, according to court documents. US citizen Sarah Milgrim and an Israeli-German national Yaron Lischinsky were killed in the attack. The two were a young couple set to become engaged, according to Israeli ambassador to the US Yechiel Leiter. After his arrest, Rodriguez told police, 'I did it for Palestine, I did it for Gaza,' federal authorities said on Thursday as they announced the charges in what they described as a targeted act of terrorism. Rodriguez appeared in a US federal court in Washington on Thursday but did not enter a plea. Prosecutors said additional charges are likely as they investigate the incident as both a hate crime and an act of terrorism. If convicted, Rodriguez could face the death penalty. According to an FBI affidavit, Rodriguez flew to Washington from Chicago with a handgun in his checked baggage. The document said law enforcement has seen and reviewed security footage showing Rodriguez first walking past the victims — who were part of a group of four people —outside the museum, then turning, pulling a firearm and shooting them in the back. One of the victims fell to the ground, while the other, identified as Milgrim, tried to crawl away from him. He approached both and fired several more times, according to the affidavit. Witnesses say he entered the building visibly distressed after the attack, prompting bystanders to help him before realising he was the alleged perpetrator. The event at the Capital Jewish Museum was dedicated to helping Gazans, organisers said. The killings prompted Israeli embassies around the world to increase their security and lower flags to half-staff and caused a slew of condemnations from world leaders. Israeli Prime Minister Benjamin Netanyahu's office said he was 'shocked' by the 'horrific, antisemitic' shooting.
23-05-2025
- Politics
Russian hackers target Western firms shipping aid to Ukraine, US intelligence says
WASHINGTON -- Hackers working for Russian military intelligence targeted Western technology and logistics companies involved in shipping assistance to Ukraine, the U.S. National Security Agency said. The hackers were trying to obtain details about the type of assistance entering Ukraine and, as part of the effort, sought access to the feeds of internet-connected cameras near Ukrainian border crossings, according to the NSA's report on the cyberattack, which was issued late Wednesday. The cyber campaign sought to penetrate defense, transportation and logistics companies in several Western countries, including the U.S., as well as ports, airports and rail systems. The report didn't specify which types of aid Russia was surveilling, but Ukraine's allies have contributed significant amounts of military and humanitarian assistance since the war began. More than 10,000 internet-connected cameras were targeted, including private devices and public traffic cameras near critical transportation points, such as ports, rail hubs or border crossings. Most were in Ukraine, though some were in Romania, Poland and other eastern or central European countries. Officials did not disclose details about the hackers' success or how long they remained unnoticed. The activity detailed in the report began in 2022, the same year that Russia invaded Ukraine. Russia is expected to continue its efforts to spy on aid shipments, and companies involved in aid logistics or shipments should be on guard, according to the report, which was issued jointly by the NSA, the FBI and security agencies in several allied nations. 'To defend against and mitigate these threats, at-risk entities should anticipate targeting,' the NSA said. Authorities linked the activity to a Russian military intelligence unit dubbed 'Fancy Bear' that is well known for its past campaigns targeting the U.S. and its allies. The hackers used a variety of tactics to gain access, including spearphishing, which involves sending authentic-looking messages to a potential victim that contain links to harmful software or requests for sensitive information. The Russian team also exploited security vulnerabilities in computer devices used at small and in-home offices, networks that often lack the security measures found in larger systems. The hackers didn't use particularly innovative techniques, according to Grant Geyer, chief strategy officer at the cybersecurity company Claroty. Nevertheless, the sprawling yet carefully orchestrated effort gives the Russians a 'granular understanding' of the aid sent to Ukraine, he said. 'They have done detailed targeting across the entire supply chain to understand what equipment is moving, when and how — whether it's by aircraft, ship or rail,' Geyer said. Russia could use the information it obtained to hone its war planning, Geyer said, or to plot further cyber or physical attacks on the supply chain to Ukraine. Last fall, U.S. intelligence officials issued a public bulletin directing American defense companies and suppliers to increase security precautions following several acts of sabotage in Europe that officials have blamed on Russia.
Belfast Telegraph
23-05-2025
- Belfast Telegraph
Russian hackers hit Western firms sending aid to Ukraine, US intelligence says
The hackers were trying to obtain details about the type of assistance entering Ukraine and, as part of the effort, sought access to the feeds of internet-connected cameras near Ukrainian border crossings, according to the NSA's report on the cyberattack, which was issued late on Wednesday. The cyber campaign sought to penetrate defence, transportation and logistics companies in several Western countries, including the US, as well as ports, airports and rail systems. The report did not specify which types of aid Russia was surveilling, but Ukraine's allies have contributed significant amounts of military and humanitarian assistance since the war began. More than 10,000 internet-connected cameras were targeted, including private devices and public traffic cameras near critical transportation points, such as ports, rail hubs or border crossings. Most were in Ukraine, though some were in Romania, Poland and other eastern or central European countries. Officials did not disclose details of the hackers' success or how long they remained unnoticed. The activity detailed in the report began in 2022, the same year that Russia invaded Ukraine. Russia is expected to continue its efforts to spy on aid shipments, and companies involved in aid logistics or shipments should be on guard, according to the report, which was issued jointly by the NSA, the FBI and security agencies in several allied nations. 'To defend against and mitigate these threats, at-risk entities should anticipate targeting,' the NSA said. Authorities linked the activity to a Russian military intelligence unit dubbed 'Fancy Bear' that is well known for its past campaigns targeting the US and its allies. The hackers used a variety of tactics to gain access, including spear phishing, which involves sending authentic-looking messages to a potential victim that contain links to harmful software or requests for sensitive information. The Russian team also exploited security vulnerabilities in computer devices used at small and in-home offices, networks that often lack the security measures found in larger systems. The hackers did not use particularly innovative techniques, according to Grant Geyer, chief strategy officer at the cybersecurity company Claroty. Nevertheless, the sprawling yet carefully orchestrated effort gives the Russians a 'granular understanding' of the aid sent to Ukraine, he said. 'They have done detailed targeting across the entire supply chain to understand what equipment is moving, when and how — whether it's by aircraft, ship or rail,' Mr Geyer said. Russia could use the information it obtained to hone its war planning, Mr Geyer said, or to plot further cyber or physical attacks on the supply chain to Ukraine. Last autumn, US intelligence officials issued a public bulletin directing American defence companies and suppliers to increase security precautions following several acts of sabotage in Europe that officials have blamed on Russia. The Russian Embassy in Washington did not immediately respond requests for comment.
North Wales Chronicle
23-05-2025
- North Wales Chronicle
Russian hackers hit Western firms sending aid to Ukraine, US intelligence says
The hackers were trying to obtain details about the type of assistance entering Ukraine and, as part of the effort, sought access to the feeds of internet-connected cameras near Ukrainian border crossings, according to the NSA's report on the cyberattack, which was issued late on Wednesday. The cyber campaign sought to penetrate defence, transportation and logistics companies in several Western countries, including the US, as well as ports, airports and rail systems. The report did not specify which types of aid Russia was surveilling, but Ukraine's allies have contributed significant amounts of military and humanitarian assistance since the war began. More than 10,000 internet-connected cameras were targeted, including private devices and public traffic cameras near critical transportation points, such as ports, rail hubs or border crossings. Most were in Ukraine, though some were in Romania, Poland and other eastern or central European countries. Officials did not disclose details of the hackers' success or how long they remained unnoticed. The activity detailed in the report began in 2022, the same year that Russia invaded Ukraine. Russia is expected to continue its efforts to spy on aid shipments, and companies involved in aid logistics or shipments should be on guard, according to the report, which was issued jointly by the NSA, the FBI and security agencies in several allied nations. 'To defend against and mitigate these threats, at-risk entities should anticipate targeting,' the NSA said. Authorities linked the activity to a Russian military intelligence unit dubbed 'Fancy Bear' that is well known for its past campaigns targeting the US and its allies. The hackers used a variety of tactics to gain access, including spear phishing, which involves sending authentic-looking messages to a potential victim that contain links to harmful software or requests for sensitive information. The Russian team also exploited security vulnerabilities in computer devices used at small and in-home offices, networks that often lack the security measures found in larger systems. The hackers did not use particularly innovative techniques, according to Grant Geyer, chief strategy officer at the cybersecurity company Claroty. Nevertheless, the sprawling yet carefully orchestrated effort gives the Russians a 'granular understanding' of the aid sent to Ukraine, he said. 'They have done detailed targeting across the entire supply chain to understand what equipment is moving, when and how — whether it's by aircraft, ship or rail,' Mr Geyer said. Russia could use the information it obtained to hone its war planning, Mr Geyer said, or to plot further cyber or physical attacks on the supply chain to Ukraine. Last autumn, US intelligence officials issued a public bulletin directing American defence companies and suppliers to increase security precautions following several acts of sabotage in Europe that officials have blamed on Russia. The Russian Embassy in Washington did not immediately respond requests for comment.
Glasgow Times
22-05-2025
- Glasgow Times
Russian hackers hit Western firms sending aid to Ukraine, US intelligence says
The hackers were trying to obtain details about the type of assistance entering Ukraine and, as part of the effort, sought access to the feeds of internet-connected cameras near Ukrainian border crossings, according to the NSA's report on the cyberattack, which was issued late on Wednesday. The cyber campaign sought to penetrate defence, transportation and logistics companies in several Western countries, including the US, as well as ports, airports and rail systems. The report did not specify which types of aid Russia was surveilling, but Ukraine's allies have contributed significant amounts of military and humanitarian assistance since the war began. More than 10,000 internet-connected cameras were targeted, including private devices and public traffic cameras near critical transportation points, such as ports, rail hubs or border crossings. Most were in Ukraine, though some were in Romania, Poland and other eastern or central European countries. Officials did not disclose details of the hackers' success or how long they remained unnoticed. The activity detailed in the report began in 2022, the same year that Russia invaded Ukraine. Russia is expected to continue its efforts to spy on aid shipments, and companies involved in aid logistics or shipments should be on guard, according to the report, which was issued jointly by the NSA, the FBI and security agencies in several allied nations. 'To defend against and mitigate these threats, at-risk entities should anticipate targeting,' the NSA said. Authorities linked the activity to a Russian military intelligence unit dubbed 'Fancy Bear' that is well known for its past campaigns targeting the US and its allies. The hackers used a variety of tactics to gain access, including spear phishing, which involves sending authentic-looking messages to a potential victim that contain links to harmful software or requests for sensitive information. The Russian team also exploited security vulnerabilities in computer devices used at small and in-home offices, networks that often lack the security measures found in larger systems. The hackers did not use particularly innovative techniques, according to Grant Geyer, chief strategy officer at the cybersecurity company Claroty. Nevertheless, the sprawling yet carefully orchestrated effort gives the Russians a 'granular understanding' of the aid sent to Ukraine, he said. 'They have done detailed targeting across the entire supply chain to understand what equipment is moving, when and how — whether it's by aircraft, ship or rail,' Mr Geyer said. Russia could use the information it obtained to hone its war planning, Mr Geyer said, or to plot further cyber or physical attacks on the supply chain to Ukraine. Last autumn, US intelligence officials issued a public bulletin directing American defence companies and suppliers to increase security precautions following several acts of sabotage in Europe that officials have blamed on Russia. The Russian Embassy in Washington did not immediately respond requests for comment.
