Western logistics and technology companies engaged in the transportation, coordination, and delivery of foreign assistance to Ukraine are being targeted by a Russian state-sponsored cyber unit, the Cybersecurity and Infrastructure Security Agency (CISA) said in a May 21 advisory jointly issued with multiple global agencies.
The campaign, which began in 2022, is being carried out by a military unit within the Russian General Staff Main Intelligence Directorate (GRU) called Unit 26165, which is known in the cybersecurity community under various names such as APT28, Fancy Bear, Forest Blizzard, and BlueDelta.
