CyberSecurityBoard
Sponsor Register Login

Sandworm Team

Sandworm Team is a destructive threat group that has been attributed to Russia's General Staff Main Intelligence Directorate (GRU) Main Center for Special Technologies (GTsST) military unit 74455. This group has been active since at least 2009.In October 2020, the US indicted six GRU Unit 74455 officers associated with Sandworm Team for the following cyber operations: the 2015 and 2016 attacks against Ukrainian electrical companies and government organizations, the 2017 worldwide NotPetya attack, targeting of the 2017 French presidential campaign, the 2018 Olympic Destroyer attack against the Winter Olympic Games, the 2018 operation against the Organisation for the Prohibition of Chemical Weapons, and attacks against the country of Georgia in 2018 and 2019. Some of these were conducted with the assistance of GRU Unit 26165, which is also referred to as APT28.

This Cyber News was published on attack.mitre.org. Publication date: Thu, 07 Dec 2023 22:12:07 +0000


Cyber News related to Sandworm Team

Emulating the Sabotage-Focused Russian Adversary Sandworm- Part 2 - Adversary Emulation PublishedJuly 3, 2024 AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the highly sophisticated Russian adversary Sandworm during various destructive activities against targets in Ukraine and ...
4 days ago Securityboulevard.com
Sandworm Hackers Caused Another Blackout in Ukraine-During a Missile Strike - The notorious unit of Russia's GRU military intelligence agency known as Sandworm remains the only team of hackers to have ever triggered blackouts with their cyberattacks, turning off the lights for hundreds of thousands of Ukrainian civilians not ...
7 months ago Wired.com
State-Sponsored APT Groups Use Ransomware Tactics for Intelligence Gathering and Sabotage - State-sponsored threat groups are increasingly using ransomware-like tactics to hide more insidious activities. Russian APT group Sandworm has used ransomware programs to destroy data multiple times in the past six months, while North Korea's Lazarus ...
1 year ago Csoonline.com
Russian Sandworm hackers breached 11 Ukrainian telcos since May - The state-sponsored Russian hacking group tracked as 'Sandworm' has compromised eleven telecommunication service providers in Ukraine between May and September 2023. That is based on a new report by Ukraine's Computer Emergency Response Team citing ...
7 months ago Bleepingcomputer.com
Ukraine Blames Russian Sandworm Hackers for Kyivstar Attack - Ukraine's security service has attributed the cyber-attack on mobile operator Kyivstar to Russian hacking group Sandworm. Kyivstar is Ukraine's largest mobile network carrier, the cyber-attack rendered internet access and mobile communications ...
6 months ago Infosecurity-magazine.com
Beyond Protocols: How Team Camaraderie Fortifies Security - When we think about the many different tasks a security team must complete, many of them are challenging and time consuming, to say the least. Logic would dictate that if the security team is of high quality and its members enjoy working with one ...
6 months ago Securityweek.com
Russian Sandworm Group Using Novel Backdoor to Target Ukraine - Russian nation-state group Sandworm is believed to be utilizing a novel backdoor to target organizations in Ukraine and other Eastern and Central European countries, according to WithSecure researchers. The previously unreported backdoor, dubbed ...
2 months ago Infosecurity-magazine.com
How to build a cyber incident response team - As an incident response manager himself, Valentin regularly coordinates security responses for companies of all shapes and sizes - including many of the examples discussed in this post. He explains everything you need to know about building and ...
7 months ago Heimdalsecurity.com
Meet the new CloudGuard: Risk Management in Action - Security teams need to plan the measures taken to reduce the harmful effects of a CVE, to ensure that the applications they are managing remain secure while business availability is not affected, and developers can continue with their day-to-day ...
6 months ago Blog.checkpoint.com
New Report Uncovers NikoWiper Malware Used to Attack Ukraine Energy Sector - The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine. The NikoWiper is based on SDelete, a command line utility from ...
1 year ago Thehackernews.com
Failing Upwards: Put on your own mask before assisting others - From poor leaders, I've learned what doesn't work: breaking the team's trust, operating without transparency, employing a destructive and unempathetic approach, micromanaging, and setting people up for failure. In contrast to the negative leadership ...
5 months ago Blog.zsec.uk
Sandworm APT targets Ukraine with new SwiftSlicer wiper - Russia-linked Sandworm APT group is behind a new Golang-based wiper, tracked as SwiftSlicer, that hit Ukraine, ESET reports. Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The ...
1 year ago Securityaffairs.com
Russia's Sandworm blamed for Kyivstar telecom cyberattack The Register - Russia's Sandworm crew appear to have been responsible for knocking out mobile and internet services to about 24 million users in Ukraine last month with an attack on telco giant Kyivstar. The attack also reportedly disrupted the air raid alert ...
6 months ago Go.theregister.com
Do More with Security Orchestration, Automation, and Response - Today, security operations center teams face dual challenges of acquiring both the right caliber and quantity of staff. With this gap, it's important for SOC teams to consider security, orchestration, automation and response solutions to automate ...
5 months ago Securityboulevard.com
SBU Cybersecurity Chief Exposes Persistent Hacker Presence in Kyivstar - An attack on Kyivstar, a telco company that has some 24 million users in Ukraine, appears to have been carried out by Russia's Sandworm crew last month. Approximately 24 million users' services were disrupted for a period of several days beginning on ...
6 months ago Cysecurity.news
Sandworm Team - Sandworm Team is a destructive threat group that has been attributed to Russia's General Staff Main Intelligence Directorate (GRU) Main Center for Special Technologies (GTsST) military unit 74455. This group has been active since at least 2009.In ...
7 months ago Attack.mitre.org
3 ways to reduce stress on the DevSecOps team - My session focused on the stresses and burnout experienced by security teams, including recent data showing that 94% of chief information security officers suffer from work-related stress, and 65% admit their stress levels compromise their ability to ...
6 months ago Infoworld.com
Google links WinRAR exploitation to Russian, Chinese state hackers - Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by over 500 million users, aiming to gain arbitrary code execution on targets' systems. ...
7 months ago Bleepingcomputer.com
The Most Dangerous People on the Internet in 2023 - It was a banner year for chaos, present and impending, and all reflected in the digital mirror. Each year, WIRED assembles a list of the most dangerous people, groups, and organizations on the internet-both those who intentionally endanger innocent ...
6 months ago Wired.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
7 months ago Esecurityplanet.com
How Denmark nulled record attacks on critical infrastructure The Register - Danish critical infrastructure faced the biggest online attack in the country's history in May, according to SektorCERT, Denmark's specialist organization for the cybersecurity of critical kit. Detailing the attack waves in a report, it revealed that ...
7 months ago Theregister.com
Ukraine Sandworm Hackers Strike News Agency with Five Data Wiping Malware - One of the most dreaded groups of hackers, Ukraine Sandworm, is reportedly attacking news agencies with five data wiping malware tools. This group of cybercriminals is known for its sophisticated and destructive techniques, but this is the first time ...
1 year ago Bleepingcomputer.com
Sandworm APT Group Adds New Wiper Malware to Its Hacking Toolkit - ESET researchers have recently uncovered that the notorious Sandworm APT group has added a new wiper malware to its hacking toolkit. The wiper is based on a command-line utility from Microsoft called SDelete, which is used for securely deleting ...
1 year ago Cybersecuritynews.com
Hacker Group Linked to Russian Military Claims Credit for Cyberattack on Kyivstar - Over nearly a decade, the hacker group within Russia's GRU military intelligence agency known as Sandworm has launched some of the most disruptive cyberattacks in history against Ukraine's power grids, financial system, media, and government ...
6 months ago Wired.com
Russian Hackers Likely Not Involved in Attacks on Denmark's Critical Infrastructure - Russian state-sponsored APT actor Sandworm might have not been involved in last year's massive attack campaign against Denmark's critical infrastructure, cybersecurity firm Forescout says. The assaults occurred in May 2023 and resulted in the ...
5 months ago Securityweek.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)