Our website uses cookies to provide your browsing experience and relevant information. Before continuing to use our website, you agree & accept our Cookie Policy & Privacy.

UK accuses Russian military intelligence of cyber espionage against West

eurointegration.com.ua

UK accuses Russian military intelligence of cyber espionage against West

On Friday 18 July, the United Kingdom announced that it had uncovered a Russian military intelligence operation involving the use of sophisticated malware for cyber espionage.

According to UK National Cyber Security Centre (NCSC), attacks were carried out by the APT 28 hacker group, which operates under the control of the Russian Main Intelligence Directorate (better known as the GRU).

The NCSC announced that APT 28 has used new malware called AUTHENTIC ANTICS to infiltrate users' email accounts. The program stole login credentials and access tokens by masquerading as legitimate Microsoft requests and provided covert access to email accounts.

An analysis of AUTHENTIC ANTICS has revealed that it was specifically designed to maintain persistent access to Microsoft cloud accounts by mimicking legitimate activity.

It periodically displays a login window asking the user to enter their credentials, which are then intercepted by the malware along with OAuth authentication tokens that allow access to Microsoft services.

This formal attribution coincides with new sanctions imposed by the United Kingdom against three GRU units – 26165, 29155 and 74455 – and 18 officers and agents for their involvement in global cyberattacks and hybrid operations.

UK Foreign Secretary David Lammy said that the Kremlin is trying to destabilise Europe and threatens the security of British citizens, but London will continue to resolutely defend its interests and support Ukraine.

Paul Chichester, NCSC Director of Operations, called on British organisations to strengthen their cyber defences and not underestimate the threat posed by the GRU.

The malicious software AUTHENTIC ANTICS was discovered during a joint investigation by Microsoft and the NCC Group in 2023. The UK has once again confirmed that hybrid threats from Russia remain a major challenge to national security.

On 16 July, it was reported that law enforcement agencies from more than ten European countries, as well as Canada and the US, had carried out a joint operation against the large-scale pro-Russian hacker network NoName057(16).

Law enforcement and judicial authorities from Czechia, France, Finland, Germany, Italy, Lithuania, Poland, Spain, Sweden, Switzerland, the Netherlands and the United States participated in the operation against pro-Russian hackers.

The investigation was also supported by Belgium, Canada, Estonia, Denmark, Latvia, Romania and Ukraine, Europol said.

Hackers of the NoName057(16) group initially conducted operations against Ukraine, but later expanded their activities against the EU and NATO countries.

For example, the attackers attacked Swedish and Finnish authorities and attempted to disrupt the peace formula summit in Switzerland.

Recently, the Dutch authorities also confirmed that they detected an attack linked to the NoName057(16) network during the last NATO summit in The Hague. All of them were neutralised without significant disruption.

Read full news…
  • Last
More news

News by day

Today,
19 of July 2025

Related news

More news