Subj : Russian Sandworm cybercrime group linked to multiple attacks
To   : All
From : TechnologyDaily
Date : Thu Apr 18 2024 11:30:06

Russian Sandworm cybercrime group linked to multiple attacks

Date:
Thu, 18 Apr 2024 10:16:08 +0000

Description:
Google's TAG team elevates Sandworm to an Advanced Persistent Threat 
following multiple recent attacks.

FULL STORY
======================================================================

Googles Threat Analysis Group (TAG), the companys cybersecurity arm that 
focuses mostly on state-sponsored, espionage-oriented threat actors, has 
elevated Sandworm, an infamous Russian group, to Advanced Persistent Threat 
(APT) level, assigning it a new codename - APT44. 

In a recent analysis of the group, TAG said APT44 has been a flexible 
instrument of power capable of servicing Russia's wide ranging national 
interests, and said it was pivotal in Russias war against Ukraine. 

Due to its history of aggressive use of network attack capabilities across 
political and military contexts, APT44 presents a persistent, high severity 
threat to governments and critical infrastructure operators globally where 
Russian national interests intersect, the researchers said. Working in 
Russia's interest 

According to TAG, APT44 was linked to multiple major attacks recently, 
including the first-of-their-kind disruptions of Ukraines energy grid, in the 
winters of 2015 and 2016. Then, this group was linked to the global NotPetya 
attack, timed to coincide with Ukraines Constitution Day in 2017, as well as 
the disruption of the opening ceremony of the 2018 Pyeongchang Olympics. 
APT44 attacked what are essentially their allies, because some of Russias 
athletes were banned for using banned substances. 

While APT44 was initially tasked with disruption attacks, lately it has 
pivoted more towards espionage and intelligence gathering. For example, the 
groups skills were used on the front line to exfiltrate communications from 
captured mobile devices. 

APT44 will almost certainly continue to present one of the widest and highest 
severity cyber threats globally, the researchers concluded. 

As Russias war continues, we anticipate Ukraine will remain the principal 
focus of APT44 operations. However, as history indicates, the groups 
readiness to conduct cyber operations in furtherance of the Kremlins wider 
strategic objectives globally is ingrained in its mandate. 

Changing Western political dynamics, upcoming elections, and domestic issues 
will continue reshaping APT44s operations, Google TAG concluded. More from 
TechRadar Pro This dangerous Russian-linked malware could shut down power 
grids Here's a list of the best firewalls around today These are the best 
endpoint security tools right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/russian-sandworm-cybercrime-group-linke
d-to-multiple-attacks


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.