<ul><li>Fancy Bear, a Russian state-sponsored threat actor, has been spying on logistics organizations in Western and NATO countries to monitor foreign aid moving into Ukraine.</li><li>Organizations targeted by Fancy Bear included logistics providers, technology companies, and government organizations involved in transporting aid to Ukraine via various transportation modes such as air, sea, and rail.</li><li>APT28 (Fancy Bear) leveraged credential guessing, brute-force attacks, spearphishing campaigns, and software vulnerabilities like CVE-2023-23397 to infiltrate systems, manipulate email mailbox permissions, and remain hidden while monitoring sensitive communication.</li><li>The cyber-physical attacks in the Russo-Ukrainian conflict highlight the importance of organizations having full visibility into their environments and a risk-based approach to securing cyber-physical systems to combat modern threats.</li></ul>

Russian GRU cracks open logistic companies to spy on Ukranian military aid

Discover more