The cyber cold war just became a little warmer, with German Intelligence now publicly crying foul on Monday at Russia for online attacks stretching back to 2020.
Germany’s Bundesverfassungsschutz has issued a strong warning against a cyber group belonging to Russian military intelligence (GRU) Unit 29155, which was linked to the 2018 poisonings of a former Russian double agent and his daughter in the UK, claiming that the unit has also been active in carrying out cyberattacks against NATO and EU countries.
The sectors most impacted in NATO members, EU, Central American, and Asian countries by the cyberattacks are finance, transport, energy, and health. The Bundesverfassungsschutz’s warning is being publicly supported by other Western law enforcement agencies, including the US Federal Bureau of Investigation (FBI), US Cybersecurity and Infrastructure Security Agency (CISA), British Intelligence and law enforcement agencies from Australia, Canada, the Czech Republic, Estonia, Holland and the Netherlands.
According to the law enforcement agencies, Unit 29155 has already executed attempted coups, sabotage and assassination attempts and has been moving heavily into cyber operations for at least the past four years. The agencies also claim that Unit 29155, also known as Cadet Blizzard or Ember Bear, orchestrated a series of cyber-attacks on Ukraine in 2022.
Last Thursday, September 5, the US agency CISA issued a joint cybersecurity advisory document entitled: Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure.
Cyber actors are junior Russian intelligence officers
According to CISA: “Unit 29155 cyber actors’ objectives appear to include the collection of information for espionage purposes, reputational harm caused by the theft and leakage of sensitive information, and systematic sabotage caused by the destruction of data.”
The FBI believes that the Unit 29155 cyber actors are junior active-duty GRU Russian Intelligence officers under the direction of experienced leadership. According to the FBI, these formerly junior officers are now gaining cyber experience and enhancing their technical skills through conducting cyber operations and intrusions.
In May, Germany also previously accused Russia of launching a series of cyber-attacks on its defense and aerospace firms, as well as on the governing Social Democrats.
