09 September 2024

Unit 29155 also "attacked networks in NATO member states in Europe and North America as well as countries in Latin America and Central Asia, . .

 


Germany blames Russian GRU unit for EU, NATO cyberattacks

4 hours ago

German intelligence accused Moscow of widespread sabotage operations against German politicians and companies. 
The same unit also hit Ukrainian targets in the run-up to Russia's invasion.
Hands on a keyboard

Germany's domestic intelligence agency, the BfV, issued a warning on Monday that a cybercrime group belonging to Russian military intelligence (GRU) had been behind a number of online attacks against NATO and EU countries.

LinkedIn
NATO's Collective Defense for Cyber Attack Remains Fragile
  • Together with US intelligence and other international partners, the BfV found that groups belonging to GRU Unit 29155 were "responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020."
  • It cautioned that the unit, also known as Cadet Blizzard or Ember Bear, was behind the WhisperGate malware attacks against Ukrainian targets in January 2022, a month before Russia invaded the country.



Unit 29155 also "attacked networks in NATO member states in Europe and North America as well as countries in Latin America and Central Asia," the BfV said.
Times Now
GRU Unit 29155 Havana Syndrome: Russian GRU Unit 29155: All About The Group Being Linked To Havana Syndrome | World News - Times Now


GRU Unit thought to be behind SPD cyberattack
The warning comes after Berlin accused Moscow of a spate of cyberattacks against the ruling Social Democrats (SPD), and a number of German companies in the IT, logistics, and aerospace sectors. The attacks involved stealing and publishing sensitive data.

The same GRU unit is also suspected of being behind the 2018 poisonings of Sergei Skripal and his daughter in the UK.


UPI
3 days ago
U.S., allies accuse Russia of wide-ranging cyberattacks targeting Ukraine, NATO - UPI.com


Top stories
More news

German Intelligence Says Russian GRU Group Behind ...

U.S. News & World Report
https://www.usnews.com › News › World News
5 hours ago — German Intelligence Says Russian GRU Group Behind NATOEU ... Unit 29155, saying it has carried out cyberattacks against NATO and EU countries.
Missing: blames ‎| Show results with: blames

Germany blames Russian GRU unit for EU, NATO ...

Reddit · r/europe
30+ comments · 2 hours ago
Unit thought to be behind SPD cyberattack. The warning comes after Berlin accused Moscow of a spate of cyberattacks against the ruling Social ...

German intelligence says Russian GRU group behind ...

The Business Standard
https://www.tbsnews.net › World+Biz › Europe
2 hours ago — Germany's domestic intelligence agency has warned against a cyber group belonging to Russian military intelligence (GRUUnit 29155, ...

Germany blames Russian intel for NATO, EU cyberattacks

Inshorts
https://inshorts.com › news › germany-blames-russian-in...
1 hour ago — Germany's intelligence agency, alongside the FBI, NSA, and global partners, warned of cyberattacks by Russian GRU Unit 29155, targeting NATO ...

Germany Blames Russia for Cyberattacks on NATO and EU

Dagens.com
https://www.dagens.com › news › germany-blames-russi...
36 minutes ago — Germany has accused Russia's GRU military intelligence of conducting cyberattacks against NATO and EU countries, according to a warning ...

Russian GRU hacker group behind NATO, EU attacks

Espreso.tv
https://global.espreso.tv › World news
2 hours ago — ... unit of the Russian GRU due to its alleged involvement in cyber attacks. ... 5 September, 2024 Thursday. Kremlin blames Sweden for Poltava attack ...

NATO’s Collective Defense for Cyber Attack Remains Fragile



Matthew Rosenquist

Matthew Rosenquist 

CISO at Mercury Risk. - Formerly Intel Corp, Cybersecurity Strategist, Board Advisor, Keynote Speaker, 190k followers

The Secretary-General of NATO, Jens Stoltenberg, stated all 29 member countries would respond to a serious cyberattack against any of the nations in the coalition. The pressing question is will NATO work together with combined forces when one of the members is attacked in an asymmetrical manner with digital technology?  

When it comes to cyberattacks, there are many grey-zones that could be manipulated in ever-increasing escalations of warfare. NATO’s Article 5 in the founding charter is known as the "collective defence” commitment which states that an attack on one shall be considered an attack on all. Historically, it has a high threshold. The first time the criteria was met was the 9/11 terrorist attacks of 2001 against the United States. 

There is a lot of ambiguity in the shadows of bits and bytes. Does shutting down the banking system or mercantile logistics count as an Article 5 attack? Would significant and prolonged communications and internet disruption count? What if the power was shut off by another nation-state and it caused harm to people? How about disrupting the transportation networks or other critical infrastructure? Such attacks can be localized or nationwide, can cause annoyances or lives to be lost, and could undermine the trust and control of a representative government. There are currently no thresholds of what should be considered to reach the level of an ‘attack’ by another nation.

Identifying the aggressor is another significant problem. The requirements to determine attribution or accountability for the source of any digital attack is highly subjective. It is easy to attribute the origin of tanks, planes, ships, and advancing soldiers to another country. Tracking malicious packets, origins of destructive code, and owners of crypto accounts is not simple. In the electronic world, it is easy to mislead, masquerade, conceal, or implicate others.  The question becomes if an attack was merely criminals or if it was sponsored/coordinated by the government of another nation-state, which is extremely difficult.

All the variables and hidden truths must be uncovered before discussion about equitable response options can be explored. The first fundamental order-of-business will be to determine if collective reactions are limited to the digital domain or if physical attacks can also be part of the joint reaction. 

The first fundamental order-of-business in which NATO needs to determine is if the collective reactions are only limited to the digital domain or if physical attacks are permitted. This decision must be clearly understood as it may have even greater ramifications if it leads to an escalation of conventional or nuclear warfare.

Presently there are too many unanswered questions, unknown factors, and doubt. This results in an ineffective policy position. 

It is time for NATO to codify the criteria, validation requirements, and allowable responses. Only then can cross-nation training and coordination begin in earnest. There is so much to be done. Until then, Article 5 for cyber attacks is just an idle threat of solidarity. It will take tremendous teamwork to make this a clear and effective deterrent for the NATO coalition. 

Help Net Security
2 days ago
Exposed: Russian military Unit 29155 does digital sabotage, espionage - Help Net Security
Top stories
Al Jazeera
German intelligence accuses Russia’s GRU of cyberattacks on NATO, EU states
1 hour ago
DW
Germany blames Russian GRU unit for EU, NATO cyberattacks
4 hours ago
Al Arabiya English
German intelligence says Russian GRU group behind NATO, EU cyberattacks
4 hours ago
Forexlive | Forex News, Technical Analysis & Trading Tools
German intelligence warns of Russian GRU cyber group targeting NATO and EU nations
6 hours ago
Arab News
3 days ago
US charges five Russian military officers over Ukraine cyberattacks | Arab News
CSO Online
US and UK issue rare joint guidance in response to Russian GRU brute force campaign | CSO Online
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)