HomeWinBuzzer NewsGermany Identifies APT28/Fancy Bear as Culprit Behind Major Cyberattacks

Germany Identifies APT28/Fancy Bear as Culprit Behind Major Cyberattacks

Germany blames Russia's APT28 hackers for cyberattacks, US helps block their access. Both nations urge stronger cybersecurity measures in response.


German officials have confirmed that APT28, also known as Fancy Bear, a Russian cyber espionage group with ties to the GRU intelligence service, orchestrated a series of cyberattacks targeting the country's infrastructure, government, and private sectors through Microsoft Exchange Server exploits. The attacks, which were in response to 's decision to provide military support to Ukraine, have been deemed largely ineffective by German authorities. The Social Democratic Party of Germany was also among the targets. Foreign Minister Annalena Baerbock emphasized the severity of these state-sponsored attacks, declaring them “intolerable” and promising consequences.

International Response and Remediation Efforts

Following Germany's attribution of the cyber campaign to APT28, the United States expressed its support and took action alongside German authorities. The US Department of Justice played a crucial role in mitigating the threat by disrupting a network of compromised small office/home office routers utilized by APT28. This collaborative effort aimed to prevent the Russian group from leveraging these devices for malicious activities, including exploiting the CVE-2023-23397 vulnerability against German targets. The US State Department highlighted the significance of this joint operation in blocking GRU's access to the remediated systems.

Cybersecurity Vulnerabilities and Microsoft's Commitment

Amidst the ongoing , several critical vulnerabilities have been reported, underscoring the need for heightened measures. Among these are vulnerabilities in CyberPower's PowerPanel, Delta Electronics' DIAEnergie, and Unitronics Vision Legacy series PLCs, with risks ranging from SQL injection to recoverable password storage.

In response to the growing concerns over cybersecurity, 's EVP of security, Charlie Bell, reaffirmed the company's dedication to prioritizing security over all other features. Bell outlined Microsoft's Secure Future Initiative, which focuses on six pillars of security, including protecting identities, networks, and accelerating response to threats. This commitment reflects a broader industry effort to enhance security protocols and safeguard against .

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.