- Category
- Latest news
Russia Targeted Western Aid Routes to Ukraine in Coordinated Cyber Campaign, UK Says
- Authors
![Photo of Vlad Litnarovych]( "Photo of Vlad Litnarovych")
The United Kingdom publicly accused Russia’s military intelligence agency—the GRU—of orchestrating a wide-ranging cyber campaign aimed at undermining Western logistical and technological support for Ukraine, reported the UK’s National Cyber Security Centre (NCSC), a branch of GCHQ, on May 21.
According to the report, GRU Unit 26165, also known as APT28 or “Fancy Bear,” has been targeting organizations in NATO countries that are involved in delivering foreign assistance to Ukraine. The targets include entities in the defense, IT, maritime, airport, port, and air traffic management sectors.
“This malicious campaign by Russia’s military intelligence service presents a serious risk to targeted organisations, including those involved in the delivery of assistance to Ukraine,” said Paul Chichester, Director of Operations at the NCSC.
-a08c8f2980116518526f1c98d9bbae0c.png)
“We strongly encourage organisations to familiarise themselves with the threat and mitigation advice included in the advisory to help defend their networks.”
Since 2022, the GRU unit has used a variety of cyberattack methods, including credential guessing, spear-phishing, and exploiting Microsoft Exchange mailbox permissions, in an attempt to gain unauthorized access to secure networks.
The campaign also reportedly targeted internet-connected cameras at Ukrainian border crossings and near military installations—likely to monitor and track arms shipments.
-9f68eb75f0626350a3188a987a41405a.png)
Although the UK did not disclose whether any classified information was compromised, officials urged UK organizations—especially those in logistics and technology—to take immediate action. Recommended steps include enabling multi-factor authentication with strong passkeys, increasing monitoring, and applying software updates promptly.
The UK revealed the findings in cooperation with cybersecurity and intelligence agencies from ten other countries, including the United States, Germany, France, Canada, and Australia.
France recently brought formal charges against APT28 for cyberattacks on several French ministries. The group has a long history of high-profile hacking incidents across NATO nations and has previously been implicated in election interference and attacks on civilian infrastructure.
-15d106a121fe88254ec437ace0f533e6.jpg)
The disclosure comes as the UK continues ramping up pressure on the Kremlin in response to its war in Ukraine. The British government recently committed £13 billion in military assistance and imposed over 100 new sanctions targeting Russia’s defense, energy, and financial sectors.
Earlier, France disclosed the scale of Russian espionage, sabotage, and cyber operations targeting its national security, according to a 16-page intelligence report titled Russian Threats and Actions Against France.
