Huginn and Muninn Intelligence

Germany blames Russian GRU unit for EU, NATO cyberattacks

Information

Germany’s domestic intelligence agency, the BfV, has recently identified a cybercrime faction associated with Russian military intelligence, GRU, as the perpetrator behind a series of cyberattacks targeting NATO and EU nations. Collaborative efforts between the BfV, US intelligence, and other international partners have led to the identification of GRU Unit 29155, known by aliases such as Cadet Blizzard or Ember Bear, which has been actively engaging in espionage, sabotage, and actions intended to damage reputations since at least 2020. The agency also highlighted the involvement of this unit in deploying the WhisperGate malware during attacks on Ukrainian infrastructure in January 2022, shortly before the Russian military invasion.

Moreover, the BfV has expressed concerns over the extent of Unit 29155’s operations which include cyber intrusions into networks across NATO member states in Europe and North America, as well as nations in Latin America and Central Asia. The same GRU unit is under suspicion for the 2018 poisonings of Sergei Skripal and his daughter in the UK, pointing to a pattern of international clandestine activities. This warning from the BfV follows allegations from Berlin accusing Moscow of multiple cyberattacks aimed at Germany’s ruling Social Democrats (SPD) and key sectors such as IT, logistics, and aerospace, involving theft and publication of sensitive data, thereby raising significant security concerns among Germany and its allies.

Source: AFP, Reuters

So what

Though it is generally accepted as par for the course at this point, it is notable to see them blaming a specific unit. It is likely that this public accusation shows they have a significant amount of evidence relating to the attack and want to both reassure the public and make it clear to Russia that they are tracking their operations. However, it is unlikely Germany can do much about these attacks outside of conducting their own cyber operations and increasing their defence.

Follow us to join the intelligence community!

Leave a Comment

Your email address will not be published. Required fields are marked *