Britain reveals Russian cyber campaign to support Ukraine's support
Imran Rahman-Jones and Chris Vallance

Technical Reporter

Getty Images

Camera surveillance supplies entering Ukraine were hacked

Britain unveils “malicious cyber campaign” against multiple organizations, including those providing foreign aid to Ukraine

After conducting a joint investigation with allies including the United States, Germany and France, the UK National Cybersecurity Centre (NCSC) said that the Russian military has targeted public and private organizations since 2022.

This includes participating organizations that provide defense, IT services and logistics support.

Security agencies in 10 NATO countries and Australia say Russian spies have combined hacking technology to acquire the network.

Some targets are cameras connected to the Internet at the Ukrainian border, which monitors the transport of aid entering the country.

The report also said that “near military facilities and railway stations, rough estimates of 10,000 cameras were visited to track the movement of materials toward Ukraine.

It adds "the actors also use legal municipal services such as traffic cams".

Russian military forces accuse espionage of known as GRU 26165 units, but are called under many informal names (including fancy bears).

According to security experts, the infamous hacker team has previously leaked World Anti-Doping Agency data and played a key role in the 2016 cyberattack of the U.S. Commission on Democratic Countries.

"This malicious campaign by the Russian Military Intelligence Agency presents serious risks to targeted organizations, including those involved in providing assistance to Ukraine," Paul Chichester, director of operations at NCSC, said in a statement.

He added: “We strongly encourage organizations to be familiar with the threat and mitigation advice contained in the consultation to help defend their network.”

The internet archives a screenshot of a basic website with a picture of bears, with a large logo on the front "This area has been seized".Internet Archives

The FBI was shut down by the FBI in 2018.

United Cybersecurity Consulting said Fancy Bear has targeted organizations related to critical infrastructure, including ports, airports, air traffic management and defense industries.

These are in 12 continental European countries and the United States.

The report said hackers used a combination of technologies to access access, including guessing passwords.

Another method used is called SpearPhishing, which targets fake emails from specific people who can use the system.

Show them a fake page where you enter login details, or encourage clicking on the link and then installing malware.

"The subjects of contradictory emails vary, from professional to adult topics," the report said.

A vulnerability in Microsoft Outlook was also exploited to collect credentials “with a specially designed Outlook Calendar “date invitation”.

Rafe Pilling, head of threat intelligence at Sophos Counter Thraist department, said such technologies have been "a staple for the group."

The access to the camera “will help understand the goods to be shipped, equivalents and support dynamics (weapons) when targeting.”

Green promotional banner with black squares and rectangles forming pixels, moving in from the right. The text says: