One Article Review
| Source |  Mandiant |
|---|---|
| Identifiant | 8500396 |
| Date de publication | 2024-04-17 10:00:00 (vue: 2024-05-15 19:06:53) |
| Titre | Unearthing APT44: Russia\'s Notorious Cyber Sabotage Unit Sandworm |
| Texte | Written by: Gabby Roncone, Dan Black, John Wolfram, Tyler McLellan, Nick Simonian, Ryan Hall, Anton Prokopenkov, Luke Jenkins, Dan Perez, Lexie Aytes, Alden Wahlstrom
With Russia\'s full-scale invasion in its third year, Sandworm (aka FROZENBARENTS) remains a formidable threat to Ukraine. The group\'s operations in support of Moscow\'s war aims have proven tactically and operationally adaptable, and as of today, appear to be better integrated with the activities of Russia\'s conventional forces than in any other previous phase of the conflict. To date, no other Russian government-backed cyber group has played a more central role in shaping and supporting Russia\'s military campaign. Yet the threat posed by Sandworm is far from limited to Ukraine. Mandiant continues to see operations from the group that are global in scope in key political, military, and economic hotspots for Russia. Additionally, with a record number of people participating in national elections in 2024, Sandworm\'s history of attempting to interfere in democratic processes further elevates the severity of the threat the group may pose in the near-term. Given the active and diffuse nature of the threat posed by Sandworm globally, Mandiant has decided to graduate the group into a named Advanced Persistent Threat: APT44. As part of this process, we are releasing a report, “APT44: Unearthing Sandworm”, that provides additional insights into the group\'s new operations, retrospective insights, and context on how the group is adjusting to support Moscow\'s war aims. Key Findings Sponsored by Russian military intelligence, APT44 is a dynamic and operationally mature threat actor that is actively engaged in the full spectrum of espionage, attack, and influence operations. While most state-backed threat groups tend to specialize in a specific mission such as collecting intelligence, sabotaging networks, or conducting information operations, APT44 stands apart in how it has honed each of these capabilities and sought to integrate them into a unified playbook over time. Each of these respective components, and APT44\'s efforts to blend them for combined effect, are foundational to Russia\'s guiding “information confrontation” concept for cyber warfare. 
Figure 1: APT44\'s spectrum of operations
APT44 has aggressively pursued a multi- |
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | 2015 2016 2017 2018 2024 |
| Tags | Malware Tool Threat Mobile Cloud |
| Stories | NotPetya |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.