- The 45+ best Black Friday phone deals 2024: Sales on iPhones, Samsung, and more
- The 40+ best Black Friday PlayStation 5 deals 2024: Deals available now
- Traditional EDR won't cut it: why you need zero trust endpoint security
- This futuristic espresso machine could be a great gift for your family -- and it's $500 off for Black Friday
- Motorola's Razr is the cheapest foldable phone deal right now - at $339 for Black Friday
Russia-Backed APT28 Tried to Attack Ukrainian Critical Power Facility
Ukraine’s Computer Emergency Response Team (CERT-UA) issued an alert on September 5, 2023, about a cyber-attack attempted by Russian threat actor APT28 against a Ukrainian critical power infrastructure facility.
The perpetrators planned to implement their intent using bulk emails from a fake address and a link to a ZIP archive, which, when opened, could have granted them access to the organization’s systems and data.
They used legitimate services such as Mockbin and standard software functions to carry out the attack.
The attack was prevented by Ukraine’s cybersecurity services.
According to Joe Slowik, a threat intelligence manager at Huntress, while concerning, the attempt looks more like the threat actor was enabling actions for future operations rather than aiming at direct disruption.
“This would align with APT28, as opposed to [its Russian counterpart] Sandworm,” Slowik added on X (formerly known as Twitter).
The АРТ28 hacking group, also known as Pawn Storm, Fancy Bear and BlueDelta, is allegedly associated with Russian special services, specifically Russia’s GRU Unit 26165.
CERT-UA detected APT28 attempted attacks targeting Ukrainian organizations in April, June and July 2023.
In August, a report from the National Security and Defense Council of Ukraine highlighted intensified cyber espionage activities amid Ukraine’s counter-offensive operations by Russian APT group Gamaredon.
Read more: Five ICS Security Challenges and How to Overcome Them