Microsoft has detailed recent hacking activity of cyber actors, most likely aligned with the Russian Federal Security Service (FSB), who have targeted Ukraine government, security agencies and aid organizations.
Microsoft says the hacking group, which it calls Actinium, has “targeted or compromised accounts” at Ukraine emergency response organizations since October. Actinium hackers also targeted organizations that would coordinate international and humanitarian aid to Ukraine, it says in a new report.
“Since October 2021, Actinium has targeted or compromised accounts at organizations critical to emergency response and ensuring the security of Ukrainian territory, as well as organizations that would be involved in coordinating the distribution of international and humanitarian aid to Ukraine in a crisis,” Microsoft said.
SEE: Cybersecurity: Let’s get tactical (ZDNet special report)
The Security Service of Ukraine (SSU), which heads up Ukraine’s counter-intelligence efforts, calls the group Armageddon. SSU has traced the group’s earliest activity to at least 2014 and says it focuses on intelligence gathering in Crimea, largely through phishing and malware.
Armageddon is known for crude but brazen cyberattacks aimed at gathering intel from Ukraine security, defense and law enforcement agencies.
Microsoft prioritized its report on Actinium’s recent activity as concerns mount over