Western enterprises transporting relief supplies to Ukraine under attack by Russian cybercriminals, according to American intelligence
Western Logistics Firms Served as Targets of Russian Cyberattacks, NSA Says
WASHINGTON — Russian military intelligence obtained details about shipment assistance to Ukraine by targeting Western technology and logistics companies involved in the sector, according to the U.S. National Security Agency.
The hackers aimed to gather information about the type of assistance being sent to Ukraine, as part of this effort, they sought access to internet-connected cameras near border crossings in the country. The revelation emerged in a cyberspying report issued on Wednesday, indicating that Russia's GRU unit, known as "Fancy Bear," carried out the attacks.
The cybercampaign infiltrated defense, transportation, and logistics companies in several Western countries, including the United States, as well as ports, airports, and rail systems. The report did not specify the nature of the aid that Russia was surveilling, but Ukraine's allies have contributed substantial amounts of military and humanitarian assistance since the war commenced.
Internet-connected cameras, both private and public, near critical transportation points were among the over 10,000 devices that were targeted. Most of these cameras were in Ukraine, though some were also located in neighboring countries like Romania and Poland.
Officials have withheld information about the hackers' success or the duration of their unnoticed activity. The activities outlined in the report started in 2022, coinciding with Russia's invasion of Ukraine the same year.
The report was jointly issued by the NSA, the FBI, and various security agencies of allied nations. They advised that at-risk entities should anticipate targeting to defend against and mitigate these threats.
The attackers employed various tactics, including spear-phishing and the exploitation of software vulnerabilities in devices used at small and home offices. Although their methods were not particularly innovative, according to cybersecurity firm Claroty's chief strategy officer, Grant Geyer, the Russian team's broad but meticulously orchestrated effort offers them a detailed understanding of the aid destined for Ukraine.
This information can potentially be used by Russia to refine its war plans or plot further attacks on Ukraine's supply chain, Geyer said. Last fall, U.S. intelligence officials issued a warning to American defense companies and suppliers to boost security measures following several acts of sabotage in Europe that officials blamed on Russia.
The Russian Embassy in Washington did not immediately respond to requests for comment.
- The cyberattacks on Western technology and logistics companies, including those in Seattle, were orchestrated by Russia's GRU unit as part of an effort to gather information about aid sent to Ukraine.
- The activities related to this cybercampaign extended to transportation systems in various Western countries, including the United States, which could potentially include Seattle's rail or airport systems.
- The general news about Russian cyberattacks on Western logistics firms, targeting critical transportation points like cameras near border crossings in Ukraine, has become a matter of concern for crime and justice considerations, as the information gathered could potentially be used to refine war plans or plot further attacks.
- In the context of politics and foreign affairs, this cyber espionage may influence the traffic of aid, resources, and technology between Seattle and other Western cities, and Ukraine, as the Russian activities could potentially disrupt the supply chain and logistics.
