A new Russian threat actor, Void Blizzard, also known as Laundry Bear, is gathering intelligence from Western states on an industrial scale unseen since the end of the Cold War. According to Microsoft Threat Intelligence, Void Blizzard primarily targets NATO member states, particularly those supporting Ukraine, and Ukraine.
US Defense Secretary Pete Hegseth’s shock directive to US Cyber Command to pause offensive cyber-operations against Russia may have unforeseen consequences for organizations across the US. It would mean that the West could be blind-sided by a lack of actionable intelligence regarding Russia’s ongoing cyber-war against countries such as the US and the UK.
Russian groups are already upping cyber-attacks on the US. In December, Cyber Intelligence reported that two Russian groups, the People’s Cyber Army and Z-Pentest, claim to have taken attacks on critical infrastructure in the US to a new and more dangerous level. This was evidenced by Telegram videos detailing attacks on US energy and water facilities far beyond the previously supposed capabilities of such groups.
Software giant Microsoft has made an urgent public announcement that the Russian secret service is currently sending thousands of weaponized spear-phishing emails to key individuals in over 100 organizations in countries including the US and the UK.
According to Microsoft: “The emails were highly targeted, using social engineering lures relating to Microsoft, Amazon Web Services (AWS)… In some of the lures, the actor attempted to add credibility to their malicious messages by impersonating Microsoft employees.”
Microsoft announced the cyber campaign by the Russian-state-sponsored ‘Midnight Blizzard’ hackers, resulting in the group stealing the tech giant’s source code.
The sophisticated ‘Midnight Blizzard’ campaign is said to be rooted in a grander scheme to gain unauthorized access to Microsoft’s environment using the stolen source code.
According to the UK’s National Cyber Security Centre (NCSC), AI-generated malware built to avoid detection could be a serious threat inflicted by nation-state threat actors this year.
The NCSC further stated that based on their investigations, they believe nation-state groups hold repositories of malware large enough to effectively train an AI model to bolster ransomware attack capabilities.
Editorial Team
