US, UK and allies expose Russian cyber campaign – urging companies to take immediate action

The campaign seems to be aimed at companies and organisations involved in helping Ukraine one way or another.

What is happening?

The UK government and international allies Wednesday exposed Russia’s military intelligence service for a campaign of malicious cyber activity against western logistics entities and technology companies.

Military unit 26165

In a new advisory, the UK’s National Cyber Security Centre and partners from ten countries have revealed details about how military unit 26165 of Russia’s GRU has conducted a malicious cyber campaign against both public and private organisations since 2022.

Noone is safe

The campaign has been targeting organisations involved in the co-ordination, transport and delivery of support to Ukraine, and across the defence, IT services, maritime, airports, ports and air traffic management systems sectors in multiple NATO members.

Take immediate actions

The actions, executives and network defenders are urged to take, include increasing monitoring, using multi-factor authentication with strong factors – such as passkeys – and ensuring security updates are applied promptly to manage vulnerabilities.

Director: Prepare yourselves

NCSC Director of Operations, Paul Chichester, said:

“We strongly encourage organisations to familiarise themselves with the threat and mitigation advice included in the advisory to help defend their networks.”