gpt]
Rewrite the content fetched from
Australia joins global partners to warn of state-sponsored hacking campaign targeting countries supporting Ukraine
Russian military threat actors are targeting Western logistics and technology companies involved in providing foreign assistance to embattled Ukraine.
The Australian Signals Directorate’s Australian Cyber Security Centre has joined a raft of cyber security agencies, both civilian and military, from around the world to warn of a hacking campaign orchestrated by the Russian General Staff Main Intelligence Directorate or GRU.
The warning came in a cyber security advisory released overnight by the US Cybersecurity and Infrastructure Security Agency (CISA) and co-authored by entities from the UK, Germany, the Czech Republic, Poland, the US, Canada, Denmark, Estonia, France, and the Netherlands.
You’re out of free articles for this month
According to the advisory, the GRU’s 85th Main Special Service Center – also known as military unit 26165 and tracked as Fancy Bear among other forms of attribution – is largely targeting logistics and technology firms with a role in the coordination of and transportation of assistance to Ukraine.
“Executives and network defenders at logistics entities and technology companies should recognise the elevated threat of unit 26165 targeting, increase monitoring and threat hunting for known TTPs and indicators of compromise (IOCs), and posture network defences with a presumption of targeting,” CISA said in its 21 May advisory.
“This cyber espionage-oriented campaign targeting logistics entities and technology companies uses a mix of previously disclosed TTPs and is likely connected to these actors’ wide-scale targeting of IP cameras in Ukraine and bordering NATO nations.”
Unit 26165 is using a mix of known tactics, techniques and procedures, including spearphishing, modification of mailbox permissions and password spraying. The campaign has been going for more than two years, with the initial aim of espionage and influence operations. However, as Russia’s military momentum continues to stall, the cyber campaign has expanded to target largely Ukrainian and European entities involved in the delivery of aid to Ukraine.
“Russian military intelligence has an obvious need to track the flow of material into Ukraine, and anyone involved in that process should consider themselves targeted,” said John Hultquist, chief analyst, Google Threat Intelligence Group.
“Beyond the interest in identifying support to the battlefield, there is an interest in disrupting that support through either physical or cyber means. These incidents could be precursors to other serious actions.”
The industries being targeted by the malicious activity are defence, transportation, maritime, air traffic management and IT services. Once access is gained to a network, the threat actors look for any information relating to shipping schedules and manifests, including sender and recipient, points of departure, train/plane/ship numbers and cargo contents.
As well as going after logistics operations, unit 26156 has more than likely used any network access gained to also access “private cameras at key locations, such as near border crossings, military installations and rail stations to track the movement of materials into Ukraine”.
A full list of indicators of compromise and mitigation advice can be found here.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
into a completely fresh, human-written article that feels authentic and naturally written. The tone must reflect everyday human communication—professional, clear, and engaging without sounding like it’s generated by AI. Strictly avoid generic AI-style phrases, exaggerations, filler lines, or hallucinated content.
Structure the article with appropriate subheadings (H2, H3, etc.) and ensure it is *at least 500 words*. Each paragraph should be well-structured, focusing on a specific angle or detail from the source.
Incorporate *high-ranking SEO keywords* relevant to the topic where naturally appropriate—never forced. Prioritize keyword-rich phrases commonly searched online while maintaining readability and flow.
Use real-world phrasing, straight facts, and simple but intelligent language as used in human-authored blogs or news articles. Avoid summaries or conclusions; focus purely on rewriting the key points into a compelling narrative without inventing new ideas.
Do not add your own opinions or additional content—strictly rephrase and rewrite the original source material in a fresh, optimized, and human-sounding format.
[/gpt3]
