German authorities warned Monday that a notorious Russian military intelligence unit carried out cyberattacks against targets in Europe and around the world.
The German Federal Office for the Protection of the Constitution (BfV) said unit 29155 of the Russian Main Intelligence Directorate (GRU) “carried out cyberattacks and other reconnaissance activities against targets in NATO and EU countries.”
According to the BfV, unit 29155 was behind January 2022 cyberattacks on civilian infrastructure in Ukraine ahead of Russia’s full-scale invasion of Ukraine in February of that same year.
Last week, the United States charged five members of a subset of unit 29155 and one civilian over the cyber campaign against Ukraine known as WhisperGate, which targeted dozens of Ukrainian government computer systems.
The FBI said WhisperGate malware was intended to cripple Ukraine’s government and critical infrastructure by targeting financial systems, agriculture, emergency services, healthcare and schools. The U.S. Justice Department said WhisperGate was designed to look like ransomware but was really a “cyberweapon designed to completely destroy the target computer and related data.”
Germany’s BfV said that since 2022, unit 29155 has primarily aimed to spy on and disrupt aid to Ukraine. Germany’s intelligence agency joined over a dozen Western law enforcement agencies, including those from the U.S. and Ukraine, in highlighting the GRU’s global espionage and sabotage activities dating back to at least 2020.
Earlier this summer, Germany accused Russia of state-sponsored cyberattacks targeting its ruling party — as well as German IT, logistics and aerospace companies — in state-sponsored cyberattacks that involved stealing and publishing sensitive data.
AFP contributed reporting