Russian intelligence hacker groups continue hybrid warfare against Europe by hacking routers - CPD
Kyiv • UNN
A unit of the Russian GRU is attacking government and defense structures by spoofing DNS on routers. Hackers intercept passwords and spy on users.
The UK's National Cyber Security Centre reports on the activity of the Russian hacker group APT28, which is a unit of the Russian GRU. Hackers compromise popular routers, change DNS settings, which allows them to intercept passwords, digital keys, and redirect users to fraudulent websites. This is reported by the Centre for Countering Disinformation of the National Security and Defense Council of Ukraine (CCD), informs UNN.
Details
It is noted that the attacks are widespread: they first cover a large audience, and then focus on those whose data is valuable for intelligence - employees of government, logistics, and defense organizations. The goal of the operations is to obtain secret information, espionage, and destabilize critical systems.
Previously, APT28 was implicated in cyberattacks on the German Bundestag, the Organization for the Prohibition of Chemical Weapons (OPCW), and logistics companies. Protection against these attacks can be achieved by updating routers, using strong passwords, and two-factor authentication.
They state that these facts indicate a systemic practice of Russia using cyberspace for hybrid warfare against Western states, which jeopardizes both the security of ordinary users and key national infrastructures.
Recall
Cybersecurity experts are observing a surge in activity by pro-Iranian hackers, who are increasingly attacking the US and its allies. A key factor is Iran's support from Russian hacking networks.