Skip to content
war-and-conflictscybersecurityTechnologyPoliticsgeneral-newsCrime-and-justice

Russian hacking collective supportive of Russia, identified as Gamaredon

Pro-Russian hacking group Gamaredon, previously active since 2013, recently amped up its cyber attacks on Ukrainian authorities, according to SentinelLabs researchers. These latest attacks involve novel hacking components, and the group's offensive actions have expanded, affecting more victims...

 and  Administrator
2 min read
Russian pro-government hacking collective known as Gamaredon
Russian pro-government hacking collective known as Gamaredon

Russian hacking collective supportive of Russia, identified as Gamaredon

In the ongoing political and military tensions in the region, a pro-Russian hacker group known as Gamaredon has emerged as a significant player, according to security researchers from SentinelLabs.

The group has been targeting exclusively Ukrainian national security institutions, compromising over five thousand Ukrainian units since its inception. The scale of operations, the number of victims, and the adaptability of the tools used by Gamaredon are striking, making it a formidable threat.

SentinelLabs identified government entities and organizations in Ukraine as victims of Gamaredon attacks from as early as 2013 up until 2020. The map of Gamaredon infections shows attacks throughout Ukraine, with a concentration of attacks along the border where Ukrainian troops are stationed.

Gamaredon's methods have evolved over time. In recent months, the group has been using new offensive hacking components to intensify its attacks. The group is increasingly relying on social engineering methods to obtain information, making it harder for security systems to detect and prevent their activities.

From a military perspective, Gamaredon offers a balanced cost-efficiency. Attempts to advance on the battlefield do not immediately lead to escalation and retaliation. This makes it a valuable tool for those seeking to gain an offensive advantage without sacrificing their political stance in a peace process.

The group's activities serve as a testing ground for the Russian military to observe the potential of cyber warfare in modern conflict or national political disputes. Given modern conflicts tend to "freeze" like in the Donbass, groups like Gamaredon are likely to become a permanent fixture in current disputes.

In response to the growing threat, the Ukrainian Security Service has taken measures to protect its citizens. In 2019, it banned the entry of 278 individuals involved in "separatist propaganda." The Ukrainian Security Service also announced that it had prevented 482 cyberattacks on critical infrastructure in the same year.

Despite these efforts, Gamaredon continues to direct its attacks at Ukrainian authorities. The internet, serving as the fifth domain of warfare, gives attackers the ability to continue their fight even when all other domains are closed off due to strategic or political constraints.

As the conflict in the region continues, the role of cyber warfare, as exemplified by Gamaredon, is likely to become increasingly significant. SentinelLabs continues to monitor the activities of this pro-Russian hacker group, providing valuable insights into the evolving landscape of modern conflict.

Read also:

Related

Latest