NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28.
Germany said on Friday that the Russian threat group was behind an attack against the Executive Committee of the Social Democratic Party, compromising many email accounts.
The threat actors used the CVE-2023-23397 Microsoft Outlook vulnerability in zero-day attacks that started in April 2022 to target European government, military, energy, and transportation organizations in countries that are NATO members, Ukrainian government agencies, as well as NATO fast reaction corps.
“What is more, this actor’s campaign also targeted various government authorities and companies in the spheres of logistics, armaments, the air and space industry, and IT services, as well as foundations and associations. It was directed at entities in Germany, other European countries and targets in Ukraine,” the German Federal Government said today.
“Russian state hackers attacked Germany in cyberspace. This is absolutely intolerable and unacceptable and will have consequences,” German Foreign Minister Annalena Baerbock warned at a news conference in Adelaide, Australia.
The Czech Ministry of Foreign Affairs also revealed today that, based on information from intelligence services, some Czech institutions were targeted in the Outlook campaign in 2023.
“Czechia is deeply concerned by these repeated cyber attacks by state actors. We are determined to respond strongly to this unacceptable behaviour together with our European and international partners,” the Czech MFA said.
The Council of the European Union and NATO, joined by the United States and the United Kingdom, also formally condemned APT28’s attacks on Germany and Czechia, adding that the Russian threat group has also attacked critical infrastructure and government agencies in other EU member states, including Lithuania, Poland, Slovakia, and Sweden.
“We call on Russia to stop this malicious activity and abide by its international commitments and obligations,” reads a statement issued by the U.S. State Department on Friday.
“With the EU and our NATO Allies, we will continue to take action to disrupt Russia’s cyber activities, protect our citizens and foreign partners, and hold malicious actors accountable.”
Threat to Allied security
The North Atlantic Council also warned on Thursday about “recent Russian hybrid activities,” describing them as a “threat to Allied security.”
According to NATO, these recent incidents include “sabotage, acts of violence, cyber and electronic interference, disinformation campaigns, and other hybrid operations” impacting Czechia, Estonia, Germany, Latvia, Lithuania, Poland, and the United Kingdom.
APT28 hackers, linked by U.S. DOJ to Military Unit 26165 of Russia’s Main Intelligence Directorate of the General Staff (GRU) in 2018, have been behind many high-profile cyber attacks since the state-backed hacking group surfaced in the mid-2000s.
For instance, they were behind the 2015 breach of the German Federal Parliament (Deutscher Bundestag) and hacks of the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC) right before the 2016 U.S. Presidential Election.
The United States charged multiple APT28 members for their involvement in the DNC and DCCC attacks in July 2018, while the Council of the European Union also sanctioned APT28 members in October 2020 for the Bundestag hack.
Update May 03, 12:51 EDT: Added more information on the Outlook zero-day exploited in the APT28 cyberattacks.
>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : BleepingComputer – https://www.bleepingcomputer.com/news/security/nato-and-eu-condemn-russias-cyberattacks-against-germany-czechia/