FireEye research, analysis exposes long-standing operations by APT28 targeting government, military, and security groups of interest to Russia
A comprehensive intelligence report by Fire Eye- APT28: A Window into Russia’s Cyber Espionage Operations? – details the work of a team of skilled Russian developers and operators, designated by FireEye as APT28,that has been interested incollecting information from defense and geopolitical intelligence targets including the Republic of Georgia, Eastern European governments and militaries, and European security organizations, all areas of particular interest to the Russian government.
“Despite rumors of the Russian government’s alleged involvement in high-profile government and military cyber attacks, there has been little hard evidence of any link to cyber espionage,” said Dan McWhorter, FireEye VP of Threat Intelligence. “FireEye’s latest advance persistent threat report sheds light on cyber espionage operations that we assess to bemost likely sponsored bythe Russian government, long believed to be a leader among major nations in performing sophisticated network attacks.”
This FireEye report offers details that likely linkAPT28 — a threat group whose malware is already fairly well-known in the cybersecurity community — with a government sponsor based in Moscow, exposing long-standing, focused operations that indicate government backing.