(TLP:CLEAR) Russian GRU Targeting Western Logistics Entities and Technology Companies

Summary: A joint Cybersecurity Advisory (CSA) was just released by over 20 federal and international partner agencies to highlight a Russian state-sponsored campaign targeting Western logistics entities and technology companies. The CSA provides an overview of targets, initial access tactics, techniques, and procedures (TTPS), and indicators of compromise (IOCs) that are associated with the campaign.

Analyst Note: The CSA reports that since 2022, western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (85th GTsSS), military unit 26165. WaterISAC is sharing for member awareness.

Original Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-141a

Related WaterISAC PIRs: 6.1, 7, 7.1, 10, 11