Germany has condemned the Russian military for cyberattacks on public infrastructure in various EU and NATO member nations.
The German intelligence agency, Bundesamt für Verfassungsschutz (BfV), issued an advisory against a special unit of the Russian military intelligence service GRU for attacks on various computer networks “for the purposes of espionage, sabotage, and reputational harm.”
The BfV’s announcements are part of a larger advisory jointly issued by cyber intelligence units in several countries. It comes in continuation of a declaration issued by the FBI, NSA, and CISA last week.
The report cites the GRU’s Unit 29155 is known for attempting coups, influence operations, and assassination attempts throughout Europe. It held the unit responsible for various cyberattacks against targets including members of the North Atlantic Treaty Organization (NATO) and various other countries in Europe, Latina America, and Central Asia since at least 2020.
The report further established Unit 29155 was behind multiple campaigns that involved defacing government websites and leaking and exfiltrating sensitive data, which was later illegally sold or publicly released. The unit was reported to scan over 14,000 websites across various sectors, including government services, energy, transportation, healthcare, and financial services. Open ports across targeted domains were exploited to inject malicious code.
The report also attributed the GRU’s special unit for deploying multi-stage malware, called WhisperGate, against various government, non-profit, and IT organizations in Ukraine ahead of its escalation in February 2022. The agencies collectively linked the unit’s efforts with intentionally delaying and disrupting aid from NATO member countries to be delivered to Ukraine in the war against Russia.
The announcement also follows an order by the US Depart of Justice (DOJ) indicting five GRU officials and one Russian civilian for alleged cyberattacks on key infrastructure in 26 NATO countries.