top of page
OutSystems-business-transformation-with-gen-ai-ad-300x600.jpg
OutSystems-business-transformation-with-gen-ai-ad-728x90.jpg
TechNewsHub_Strip_v1.jpg

LATEST NEWS

Marijan Hassan - Tech Journalist

US and allies expose Russian military unit targeting critical infrastructure


In a newly released cybersecurity advisory, U.S. agencies including the FBI, CISA, and NSA have sounded the alarm on Russian military cyber actors targeting critical infrastructure in the U.S. and globally. The advisory points to Unit 29155 of the Russian GRU (Main Intelligence Directorate) as responsible for extensive cyber operations aimed at espionage, sabotage, and reputational harm.



This unit, known for its offensive cyber operations since 2020, has been linked to various attacks, including the deployment of the destructive WhisperGate malware in Ukraine. The advisory warns that these actors are now expanding their activities to NATO countries, Europe, and Latin America, particularly targeting government services, energy, healthcare, and transportation systems.


Key Threats and Tactics

The Russian cyber unit has used sophisticated tools and techniques, including exploiting vulnerabilities in internet-facing systems and leveraging malware such as WhisperGate. This malware has the ability to corrupt a system’s master boot record and encrypt files, often under the guise of ransomware attacks.


The advisory highlights that the primary goal of Unit 29155 is not only espionage but also the destruction of critical data. The group is believed to be focusing its attacks on organizations involved in providing aid to Ukraine. According to the FBI, more than 14,000 instances of domain scanning have been recorded across 26 NATO members and European countries.


Recommendations for Defense

To counter this threat, the advisory urges organizations to prioritize security measures such as:

  • Applying patches for known vulnerabilities

  • Using multi-factor authentication (MFA) for critical systems

  • Segmenting networks to prevent lateral movement of malicious actors


The advisory also recommends using phishing-resistant MFA and conducting regular vulnerability scans. The U.S. government emphasizes the need for a proactive stance, warning that this unit is likely to continue its cyber espionage and sabotage operations.


As Russian cyber actors continue to target critical infrastructure worldwide, organizations are urged to remain vigilant and take necessary precautions to protect their networks from these sophisticated threats.

wasabi.png
Gamma_300x600.jpg
paypal.png
bottom of page