Latest news with #PaulChichester
Miami Herald
22-05-2025
- Politics
- Miami Herald
Russian Intelligence Attack on NATO ‘Logistics and Technology' Exposed
Russia's military intelligence is targeting logistics operations in NATO countries which help Ukraine, according to the UK's National Cyber Security Centre (NSCS). The NSCS, part of the U.K's GCHQ (Government Communications Headquarters) said that Russia's GRU Unit 26165 is trying to penetrate networks across defense and transport systems both in Ukraine and in several of its allies. Newsweek has contacted the Russian defense ministry for comment. Western leaders have raised the alarm over the cyber warfare that Russian hacker groups have engaged in since the start of Moscow' full-scale invasion of Ukraine. These include accusations that Russia has conducted cyberattacks against Ukraine and on civilian infrastructure in Europe, and interfered in foreign elections. The NSCS report will reinforce these concerns. The NSCS said the U.K. government and its allies had exposed a campaign of "malicious cyber activity" carried out by Russia's GRU military intelligence unit 26165, also known as APT 28, against western logistics entities and technology companies. The unit, also known as 'Fancy Bear,' has raise the alarm among NATO allies with France accusing the unit in April of carrying out cyberattacks against its government ministries. The U.K. and partners from ten countries found that it had conducted the operations against both public and private organizations since 2022, the NSCS said in its press release. These included organizations across the defense sector, IT services, maritime, airports, ports and air traffic management systems and other sectors which help deliver support to Ukraine. The GRU unit's activity included credential guessing, spear-phishing and exploiting Microsoft Exchange mailbox permissions. Russian intelligence also targeted internet-connected cameras at Ukrainian border crossings and near military installations. The countries apart from Ukraine which were targeted were Bulgaria, the Czech Republic, France, Germany, Greece, Italy, Moldova, the Netherlands, Poland, Romania, Slovakia and the U.S. No specific organizations were named and there was no information about whether the unit managed to obtain classified information. The NCSC called on leaders at technology and logistics firms to recognize the elevated cyber threat and take immediate action to protect themselves. Paul Chichester, NCSC Director of Operations: "This malicious campaign by Russia's military intelligence service presents a serious risk to targeted organizations, including those involved in the delivery of assistance to Ukraine." Atlantic Council report released May 20: "American and Western policymakers must size up the threat, unpack the complexity of Russia's cyber web, and invest in the right proactive measures to enhance their security and resilience." A report by the Atlantic Council released Tuesday concluded that Russia is a persistent and well-resourced cyber threat to the United States and its allies and partners, and the threat Moscow poses will continue to emerge in future. Related Articles Marco Rubio Refuses To Call Putin 'War Criminal', After Grilling Rex TillersonUS and Russia Flex Military Muscles on Same StageNATO Shows Force on Northern Flank with Russia as US Pulls BackUS Launches Nuclear-Capable Missile in Arms Race With Russia and China 2025 NEWSWEEK DIGITAL LLC.
Newsweek
22-05-2025
- Politics
- Newsweek
Russian Intelligence Attack on NATO 'Logistics and Technology' Exposed
Based on facts, either observed and verified firsthand by the reporter, or reported and verified from knowledgeable sources. Newsweek AI is in beta. Translations may contain inaccuracies—please refer to the original content. Russia's military intelligence is targeting logistics operations in NATO countries which help Ukraine, according to the UK's National Cyber Security Centre (NSCS). The NSCS, part of the U.K's GCHQ (Government Communications Headquarters) said that Russia's GRU Unit 26165 is trying to penetrate networks across defense and transport systems both in Ukraine and in several of its allies. Newsweek has contacted the Russian defense ministry for comment. Why It Matters Western leaders have raised the alarm over the cyber warfare that Russian hacker groups have engaged in since the start of Moscow' full-scale invasion of Ukraine. These include accusations that Russia has conducted cyberattacks against Ukraine and on civilian infrastructure in Europe, and interfered in foreign elections. The NSCS report will reinforce these concerns. This generic image from 2017 shows a computer exploited by computer hackers. This generic image from 2017 shows a computer exploited by computer hackers. Getty Images What To Know The NSCS said the U.K. government and its allies had exposed a campaign of "malicious cyber activity" carried out by Russia's GRU military intelligence unit 26165, also known as APT 28, against western logistics entities and technology companies. The unit, also known as 'Fancy Bear,' has raise the alarm among NATO allies with France accusing the unit in April of carrying out cyberattacks against its government ministries. The U.K. and partners from ten countries found that it had conducted the operations against both public and private organizations since 2022, the NSCS said in its press release. These included organizations across the defense sector, IT services, maritime, airports, ports and air traffic management systems and other sectors which help deliver support to Ukraine. The GRU unit's activity included credential guessing, spear-phishing and exploiting Microsoft Exchange mailbox permissions. Russian intelligence also targeted internet-connected cameras at Ukrainian border crossings and near military installations. The countries apart from Ukraine which were targeted were Bulgaria, the Czech Republic, France, Germany, Greece, Italy, Moldova, the Netherlands, Poland, Romania, Slovakia and the U.S. No specific organizations were named and there was no information about whether the unit managed to obtain classified information. The NCSC called on leaders at technology and logistics firms to recognize the elevated cyber threat and take immediate action to protect themselves. What People Are Saying Paul Chichester, NCSC Director of Operations: "This malicious campaign by Russia's military intelligence service presents a serious risk to targeted organizations, including those involved in the delivery of assistance to Ukraine." Atlantic Council report released May 20: "American and Western policymakers must size up the threat, unpack the complexity of Russia's cyber web, and invest in the right proactive measures to enhance their security and resilience." What Happens Next A report by the Atlantic Council released Tuesday concluded that Russia is a persistent and well-resourced cyber threat to the United States and its allies and partners, and the threat Moscow poses will continue to emerge in future.
Yahoo
22-05-2025
- Politics
- Yahoo
UK accuses Russian GRU of carrying out cyberattacks targeting logistics, technology organizations
The United Kingdom has exposed a cyber campaign orchestrated by Russian military intelligence (GRU) targeting Western logistics and technology organizations involved in delivering foreign assistance to Ukraine, the UK's National Cyber Security Centre (NSCS) announced on May 21. According to a release by the NSCS, GRU Unit 26165, also known as APT 28, has been working to penetrate secure networks in the defence, IT, maritime, airports, ports and air traffic management systems across NATO countries, in an attempt to disrupt the logistics deliveries to Ukraine. Russian hacker groups have engaged in various forms of cyber warfare throughout the full-scale war, including cyberattacks against Ukraine, hacks of civilian infrastructure in Europe, and interference in foreign elections. Since 2022, the GRU unit, has been using different tactics, including credential guessing, spear-phishing, and exploiting Microsoft Exchange mailbox permissions, to get access into various secure networks linked to delivering support for Ukraine. The Russian military intelligence unit would also target internet-connected cameras at Ukrainian border crossings and near military installations, the NCSC said. "This malicious campaign by Russia's military intelligence service presents a serious risk to targeted organisations, including those involved in the delivery of assistance to Ukraine," NCSC Director of Operations Paul Chichester said in a statement. The unit, also known as 'Fancy Bear,' has previously caught the eye of other NATO allies. On April 29, the French Foreign Ministry accused the unit of escalating cyberattacks against French ministries. France has brought charges against the GRU's APT28 unit — also known as 'Fancy Bear' — based in Rostov-on-Don in southern Russia. No information was publicly provided as to whether the unit was able to obtain classified information, or what specific organizations were impacted by the breaches. NATO allies the United States, Germany, Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France and the Netherlands assisted the U.K. in exposing the cyber campaign, the NSCS said. Read also: Ukraine war latest: Russian semiconductor plant making missile, jet parts hit in Ukrainian attack, military saysWe've been working hard to bring you independent, locally-sourced news from Ukraine. Consider supporting the Kyiv Independent.
Business Mayor
22-05-2025
- Politics
- Business Mayor
Russia accused of trying to hack border security cameras to disrupt Ukraine aid
Russia tried to hack into border security cameras to spy on and disrupt the flow of western aid entering Ukraine, the UK's intelligence services and its allies have claimed. A unit of Russia's military intelligence services is accused of using a host of methods to target organisations delivering 'foreign assistance', by hacking into cameras at crossings and railway stations and near military installations. GRU Unit 26165 is also accused of sending phishing emails containing pornography and fake professional information and obtaining stolen account passwords to get into systems. It was claimed the unit – also known as APT 28 and Fancy Bear – has conducted the malicious cyber-campaign against public and private organisations in Nato states since 2022. In its advisory note, the UK's National Cyber Security Centre (NCSC) – part of GCHQ – called on private companies involved in the delivery of aid to 'take immediate action to protect themselves'. 'In addition to targeting logistics entities, unit 26165 actors likely used access to private cameras at key locations, such as near border crossings, military installations, and rail stations, to track the movement of materials into Ukraine,' the advisory says. 'The actors also used legitimate municipal services, such as traffic cams.' About 10,000 cameras were said to have been accessed near 'military installations, and rail stations, to track the movement of materials into Ukraine', of which 80% were in Ukraine and 10% in Romania. It is claimed 4% of the cameras targeted were in Poland, 2.8% in Hungary and 1.7% in Slovakia. The locations of the remaining cameras targeted were not provided. The hacking would have provided access to a 'snapshot' of the cameras' images, it is said. Other attempts were made that were designed to gather sensitive information on shipments, such as train schedules and shipping manifests, it is claimed. 'In at least one instance, the actors attempted to use voice phishing to gain access to privileged accounts by impersonating IT staff,' says the advisory from 10 countries including the US, France and Germany. It adds: 'The subjects of spearphishing emails were diverse and ranged from professional topics to adult themes. Phishing emails were frequently sent via compromised accounts or free webmail accounts. The emails were typically written in the target's native language and sent to a single targeted recipient.' Paul Chichester, the NCSC's director of operations, said: 'This malicious campaign by Russia's military intelligence service presents a serious risk to targeted organisations, including those involved in the delivery of assistance to Ukraine. skip past newsletter promotion Our morning email breaks down the key stories of the day, telling you what's happening and why it matters Privacy Notice: Newsletters may contain info about charities, online ads, and content funded by outside parties. For more information see our Privacy Policy. We use Google reCaptcha to protect our website and the Google Privacy Policy and Terms of Service apply. after newsletter promotion 'The UK and partners are committed to raising awareness of the tactics being deployed. We strongly encourage organisations to familiarise themselves with the threat and mitigation advice included in the advisory to help defend their networks.' Actions suggested include increasing monitoring, using multi-factor authentication with strong factors – such as passkeys – and ensuring security updates are applied promptly to manage vulnerabilities. The advisory was drawn up with agencies from the US, Germany, Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France and the Netherlands. The Russian unit has previously been accused of leaking World Anti-Doping Agency data, and played a key role in the 2016 cyber-attack on the Democratic National Committee in the US.
West Australian
21-05-2025
- Politics
- West Australian
UK, Australia warn of Russian cyber moves over Ukraine
The United Kingdom and allies including Australia have issued an advisory warning of a Russian state-sponsored cyber campaign targeting the delivery of support to Ukraine and international logistics entities and technology companies. "This malicious campaign by Russia's military intelligence service presents a serious risk to targeted organisations, including those involved in the delivery of assistance to Ukraine," Paul Chichester, Director of Operations at the UK's National Cyber Security Centre (NCSC), said. The campaign has also targeted defence, IT services, maritime, airports, ports and air traffic management systems sectors in several members of the NATO military alliance, the NCSC statement said. GRU Unit 26165 - also known as APT 28 or Fancy Bear - is said to have gained access to some networks using a range of techniques, including guessing log-in credentials and spear-phishing - where specific individuals or organisations are targeted in an effort to gain access to a network. Wednesday's advisory was issued in conjunction with Australia, the United States, Germany, the Czech Republic, Poland, Canada, Denmark, Estonia, France and the Netherlands, warning organisations of the elevated threat and urging immediate action to protect themselves. "We strongly encourage organisations to familiarise themselves with the threat and mitigation advice included in the advisory to help defend their networks," Chichester said. with PA
