The hackers reportedly work for a military intelligence unit responsible for coups, sabotages, and assassination attempts in Europe.
A joint cybersecurity advisory issued by multiple U.S. agencies found a clandestine Russian military unit responsible for cyber attacks against global targets.
The advisory was issued by the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) together with foreign partners from nine countries, including the United Kingdom and Canada.
“Unit 29155 is responsible for attempted coups, sabotage and influence operations, and assassination attempts throughout Europe,” said the Sept. 5 advisory.
“Unit 29155 expanded their tradecraft to include offensive cyber operations since at least 2020. These cyber actors are separate from other known and more established GRU-affiliated cyber groups, such as Unit 26165 and Unit 74455.”
Unit 29155 operates under Russia’s General Staff Main Intelligence Directorate (GRU), a military intelligence agency under the country’s armed forces. The unit’s cyber actors target critical infrastructure and key resource sectors like foreign government services, transportation systems, financial services, health care sectors, and energy sectors in NATO countries, the European Union, North America, Latin America, and Asia, the advisory noted.
The group’s activities allude to goals such as collecting information for espionage, destroying data to trigger systematic