The Russian pirates involved in the campaign continued after government organizations and private companies in the defense, transport, maritime, air traffic and information sectors, they said.
The organizations of these industries based in Bulgaria, the Czech Republic, France, Germany, Greece, Italy, Moldova, the Netherlands, Poland, Romania, Slovakia, Ukraine and the United States were targeted, according to Wednesday’s declaration.
Western countries explicitly linked cyber campaign to the Russian war in Ukraine, saying that attacks accelerated after February 2022.
As the Russian forces “have not achieved their military objectives and the Western countries have provided aid to support the territorial defense of Ukraine, unit 26165 has expanded its targeting of logistical entities and technological companies involved in the delivery of aid,” they said.
Several Russian hacking groups have increased their activity at that time, but the 26165 unit focused on spying – including targeting the Internet -connected cameras to Ukrainian border crossings and at least one organization involved in industrial control systems – Western countries announced on Wednesday.
Unit 26165 was previously sanctioned by the EU for hacking the German Bundestag in 2015. It was also linked to the hacks of the American National Democratic Committee in 2016 and messaging accounts belonging to the Democrat Social Party, Olaf Scholz, in 2022 and 2023.
More recently, France accused him of orchestrating cyber attacks on the electoral campaign of President Emmanuel Macron in 2017.
