New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Ukraine Exposes Expansive Russian Hacking Operation Targeting its Government, Infrastructure

The Security Service of Ukraine announced the discovery of a Russian hacking campaign against Ukraine’s infrastructure that began in 2014. Authorities believe the hackers are responsible for more than 5,000 cyberattacks on Ukrainian state entities and critical infrastructure that attempted to compromise more than 1,500 government computer systems. The report published by the Ukrainian Security Service states that the Russian Federal Security Service (FSB) is behind the group dubbed Armageddon, also known as Gamaredon and Primitive Bear. The information that the Ukrainians published includes a 35-page written analysis, a slideshow, and videos that include recordings of the purported Russian government hackers discussing attacks. The FSB and former Ukrainian law enforcement officers involved are being accused of espionage, unauthorized interreference with computer systems, and the creation and use of malicious software by the Ukrainian government. 

Analyst Notes

This is not the first time Russia has interfered with critical infrastructure in Ukraine. In 2015, Russian hackers disabled electricity in Ukraine. The report states the group’s attacks are not very sophisticated and are fairly overt. Russian state hackers have a history of covert cyber espionage against multiple countries. The goal of this particular campaign seems aimed at controlling critical infrastructure, theft and collection of intelligence and classified information, and blocking access to information systems.

Ukraine exposes expansive Russian hacking operation targeting its government, infrastructure