HomeWinBuzzer NewsGermany Identifies APT28/Fancy Bear as Culprit Behind Major Cyberattacks

Germany Identifies APT28/Fancy Bear as Culprit Behind Major Cyberattacks

Germany blames Russia's APT28 hackers for cyberattacks, US helps block their access. Both nations urge stronger cybersecurity measures in response.

-

German officials have confirmed that APT28, also known as Fancy Bear, a Russian cyber espionage group with ties to the GRU intelligence service, orchestrated a series of cyberattacks targeting the country’s infrastructure, government, and private sectors through Microsoft Exchange Server exploits. The attacks, which were in response to Germany’s decision to provide military support to Ukraine, have been deemed largely ineffective by German authorities. The Social Democratic Party of Germany was also among the targets. Foreign Minister Annalena Baerbock emphasized the severity of these state-sponsored attacks, declaring them “intolerable” and promising consequences.

International Response and Remediation Efforts

Following Germany’s attribution of the cyber campaign to APT28, the United States expressed its support and took action alongside German authorities. The US Department of Justice played a crucial role in mitigating the threat by disrupting a network of compromised small office/home office routers utilized by APT28. This collaborative effort aimed to prevent the Russian group from leveraging these devices for malicious activities, including exploiting the CVE-2023-23397 vulnerability against German targets. The US State Department highlighted the significance of this joint operation in blocking GRU’s access to the remediated systems.

Cybersecurity Vulnerabilities and Microsoft’s Commitment

Amidst the ongoing cyber threats, several critical vulnerabilities have been reported, underscoring the need for heightened cybersecurity measures. Among these are vulnerabilities in CyberPower’s PowerPanel, Delta Electronics’ DIAEnergie, and Unitronics Vision Legacy series PLCs, with risks ranging from SQL injection to recoverable password storage.

In response to the growing concerns over cybersecurity, Microsoft’s EVP of security, Charlie Bell, reaffirmed the company’s dedication to prioritizing security over all other features. Bell outlined Microsoft’s Secure Future Initiative, which focuses on six pillars of security, including protecting identities, networks, and accelerating response to threats. This commitment reflects a broader industry effort to enhance security protocols and safeguard against cyberattacks.

Last Updated on November 7, 2024 8:41 pm CET

SourceBMI
Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x
Mastodon