Cyber experts from the UK and 10 other countries have exposed a Russian intelligence cyber campaign targeting Western logistics and technology companies involved in delivering foreign military aid to Ukraine.
Cyber experts from the UK and 10 other countries have exposed a Russian intelligence cyber campaign targeting Western logistics and technology companies involved in delivering foreign military aid to Ukraine.
The UK National Cyber Security Centre, together with partners from ten countries, has exposed a cyber campaign conducted by the GRU military unit 26165 since 2022 against public and private organizations involved in the coordination, transportation and provision of military assistance to Ukraine, as well as in the defense, IT services, naval, airports, ports and air traffic control systems sectors in many NATO member countries.
Unit 26165, also known as Fancy Bear, BlueDelta, or APT 28, was able to gain initial access to victims' networks through credential harvesting, phishing, and exploiting Microsoft Exchange mailbox permissions.
They also hacked cameras at Ukrainian border crossings and near military facilities to monitor and track aid shipments to Ukraine.
This involves access to about 10,000 cameras, 80% of which were located in Ukraine and 10% in Romania, The Guardian writes .
Additionally, it is claimed that 4% of the cameras targeted were located in Poland, 2.8% in Hungary, and 1.7% in Slovakia.
It is noted that the hack would provide access to a "snapshot" of images from the cameras.
In addition to the United Kingdom, cyber experts from the United States, Germany, the Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France, and the Netherlands participated in the operation.
UPDATE 05/22/2025 15:20
The spokesman for the State Border Guard Service of Ukraine, Andriy Demchenko, said that Ukrainian information systems to which video surveillance systems at the border are connected were not hacked, Suspilne reports .
"We have received such information from border guards of neighboring countries that they have some influence on their information systems, including those to which video surveillance systems are connected," said Demchenko.
Demchenko added that the State Border Service of Ukraine, which also has a video surveillance system at the border, has also not recorded any system breaches. According to him, this applies to both the green section of the border and the checkpoints.
Also, the State Border Service of Ukraine did not receive any information from border guards of neighboring countries about hacking of cameras at border crossings.
"If we manage to get some confirmation from them that there really was some impact, then we will definitely share information in order to take this into account in our official activities regarding the protection of our information systems. If necessary, we can also provide all necessary assistance, if such is offered to receive from neighboring countries," Demchenko explained.
