NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28.
Germany said on Friday that the Russian threat group was behind an attack against the Executive Committee of the Social Democratic Party, compromising many email accounts.
The threat actors used the CVE-2023-23397 Microsoft Outlook vulnerability in zero-day attacks that started in April 2022 to target European government, military, energy, and transportation organizations in countries that are NATO members, Ukrainian government agencies, as well as NATO fast reaction corps.
"What is more, this actor's campaign also targeted various government authorities and companies in the spheres of logistics, armaments, the air and space industry, and IT services, as well as foundations and associations. It was directed at entities in Germany, other European countries and targets in Ukraine," the German Federal Government said today.
"Russian state hackers attacked Germany in cyberspace. This is absolutely intolerable and unacceptable and will have consequences," German Foreign Minister Annalena Baerbock warned at a news conference in Adelaide, Australia.
The Czech Ministry of Foreign Affairs also revealed today that, based on information from intelligence services, some Czech institutions were targeted in the Outlook campaign in 2023.
"Czechia is deeply concerned by these repeated cyber attacks by state actors. We are determined to respond strongly to this unacceptable behaviour together with our European and international partners," the Czech MFA said.
The Council of the European Union and NATO, joined by the United States and the United Kingdom, also formally condemned APT28's attacks on Germany and Czechia, adding that the Russian threat group has also attacked critical infrastructure and government agencies in other EU member states, including Lithuania, Poland, Slovakia, and Sweden.
"We call on Russia to stop this malicious activity and abide by its international commitments and obligations," reads a statement issued by the U.S. State Department on Friday.
"With the EU and our NATO Allies, we will continue to take action to disrupt Russia’s cyber activities, protect our citizens and foreign partners, and hold malicious actors accountable."
Threat to Allied security
The North Atlantic Council also warned on Thursday about "recent Russian hybrid activities," describing them as a "threat to Allied security."
According to NATO, these recent incidents include "sabotage, acts of violence, cyber and electronic interference, disinformation campaigns, and other hybrid operations" impacting Czechia, Estonia, Germany, Latvia, Lithuania, Poland, and the United Kingdom.
APT28 hackers, linked by U.S. DOJ to Military Unit 26165 of Russia's Main Intelligence Directorate of the General Staff (GRU) in 2018, have been behind many high-profile cyber attacks since the state-backed hacking group surfaced in the mid-2000s.
For instance, they were behind the 2015 breach of the German Federal Parliament (Deutscher Bundestag) and hacks of the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC) right before the 2016 U.S. Presidential Election.
The United States charged multiple APT28 members for their involvement in the DNC and DCCC attacks in July 2018, while the Council of the European Union also sanctioned APT28 members in October 2020 for the Bundestag hack.
Update May 03, 12:51 EDT: Added more information on the Outlook zero-day exploited in the APT28 cyberattacks.
Break down IAM silos like Bitpanda, KnowBe4, and PathAI
Broken IAM isn't just an IT problem - the impact ripples across your whole business.
This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.
Comments
FilledWithHate - 1 year ago
LOL, as if these Western countries don't do the same thing. As if these Western countries don't fully control the media talking points on these matters.
LittleDickPutin - 1 year ago
"LOL, as if these Western countries don't do the same thing. As if these Western countries don't fully control the media talking points on these matters."
I raise you a LOL tool. Nothing is perfect in life but I enjoy the fact I can go outside anywhere and say Trump, any politician are slimy pieces of shit, take an ad out in the paper etc. and no one will show up at my door to arrest me. Can you say you can do that right now?
And once NATO nations stop bickering and send more long range weapons to Ukraine and end this much faster and possibly help a country revolt against its leaders. That is the greatest fear of any dictatorship.
FilledWithHate - 1 year ago
I'm running out of LOLs, because (1) I wasn't shilling for Russia; and (2) I live in the USA.
And if you think Americans still actually have an ounce of real freedom, wow, this isn't the platform to take on such a laughable take.
"I can't join a union, I keep getting laid off, I was forced to take a poison jab or lose the job I had that an army of scabs were happy to replace me in, I can't afford health care, I can't get away from ever-increasing violent crime, I can only watch our infrastructure crumble as infinity dollars go overseas for things most Americans oppose, I meaninglessly vote in fake elections, I plainly see that bankers and foreigners run my country, my government monitors everything I do and can incarcerate me indefinitely before I've even been tried, but I must be 'free' because I can criticize Trump." -- LOL!
You're probably a paid ZOGbot anyway. One of many. I see you.
BogusZ - 1 year ago
Why do western countries not cut off their network from the bad guys? Allow some email gateway, that's it. Only countries which allow for full transparency (+ law enforcement) could be allowed.