Britain exposes Russia's cyber campaign against foreign support for Ukraine

This is stated in a statement by the British National Cyber Security Center (NCSC), which is part of the Royal Military and Civilian Command (GCHQ).

This malicious Russian military intelligence campaign poses a serious risk to organizations, including those involved in providing assistance to Ukraine, said Paul Chichester, NCSC Director of Operations.

The report notes that military unit 26165 of Russia's GRU has been conducting a malicious cyber campaign against government and private organizations since 2022.

This included attacks on organizations involved in coordinating, transporting, and providing support to Ukraine, as well as organizations in the defense sector, IT services, the maritime sector, airports, ports, and air traffic control systems in many NATO member countries.

Unit 26165, also known as APT 28, was able to gain access to the networks of cyberattack victims, using a combination of methods including credential harvesting, phishing, and exploiting Microsoft Exchange mailbox permissions.

They also attacked internet-connected cameras at Ukrainian border crossings and near military facilities to monitor and track humanitarian aid shipments to Ukraine.

The NCSC warning was signed by the United States, Germany, the Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France, and the Netherlands.

Countries have called on organizations that may be at risk to take immediate steps to protect themselves.