EPISODE · May 27, 2025 · 20 MIN
Joint cybersecurity advisory: Russian GRU targeting Western logistics entities and technology companies
from The Hybrid Threats Podcast · host sebastianbay
In this episode we're diving into a joint cybersecurity advisory highlighting a significant state-sponsored cyber campaign. This report comes from multiple international cybersecurity agencies, including the United States NSA, FBI, and CISA, the UK's NCSC, and agencies from Germany, the Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France, and the Netherlands. The advisory details a campaign conducted by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (85th GTsSS), specifically military unit 26165. This unit, known in the cybersecurity community by names like APT28 and Fancy Bear, has been targeting Western logistics entities and technology companies since 2022. The campaign is described as cyber espionage-oriented and has targeted entities involved in the coordination, transport, and delivery of foreign assistance to Ukraine. It utilizes a mix of previously known tactics, techniques, and procedures and is likely connected to wide-scale targeting of IP cameras in Ukraine and bordering NATO nations, potentially to track aid shipments. This elevated risk of targeting means executives and network defenders in these sectors should increase monitoring and strengthen network defenses.
What this episode covers
In this episode we're diving into a joint cybersecurity advisory highlighting a significant state-sponsored cyber campaign. This report comes from multiple international cybersecurity agencies, including the United States NSA, FBI, and CISA, the UK's NCSC, and agencies from Germany, the Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France, and the Netherlands. The advisory details a campaign conducted by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (85th GTsSS), specifically military unit 26165. This unit, known in the cybersecurity community by names like APT28 and Fancy Bear, has been targeting Western logistics entities and technology companies since 2022. The campaign is described as cyber espionage-oriented and has targeted entities involved in the coordination, transport, and delivery of foreign assistance to Ukraine. It utilizes a mix of previously known tactics, techniques, and procedures and is likely connected to wide-scale targeting of IP cameras in Ukraine and bordering NATO nations, potentially to track aid shipments. This elevated risk of targeting means executives and network defenders in these sectors should increase monitoring and strengthen network defenses.
NOW PLAYING
Joint cybersecurity advisory: Russian GRU targeting Western logistics entities and technology companies
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m