There has long been a military red line that NATO says Russia must not cross.
Germany took a very strong diplomatic position, summoning Russia's representative, and then recalling its own Russian ambassador for talks.
This is clearly a strong and coordinated statement by NATO allies warning Russia to curtail the activity of APT28.
In this case, there is no such specific allegation against Russia.
The NATO group statements do include several hints about the real concerns.
Although the attack against the German SPD is technically cyberespionage, the NATO countries are primarily concerned about election interference and destructive attacks against critical industries.
This is wrong, and underestimates Russia's long term objectives: weakening liberal democracies simultaneously strengthens Russia's physical position.
Given the time necessary to plan and implement such activities, it can be considered as concurrent with Russia's annexation of Crimea in 2014.
The thorn was, and remains, NATO. Russia's intent in election interference - in both the US and Europe - is always to return as many pro-Russia or at least Russia-sympathetic politicians as possible.
Simultaneously, Russia has been searching for, and recruiting and supporting, individual European politicians with a more favorable view of Russia.
It is no coincidence that the rise of the 'far right' in Europe with sympathies toward Russia has spiraled during the same period.
Although all the NATO countries specify APT28, the UK is alone in mentioning Star Blizzard.
APT28 is run by the GRU, Russia's military intelligence agency.
APT29 is run by the SVR, Russia's external intelligence service with a focus on political intelligence.
The GRU, the FSB, and the SVR are Russia's three primary intelligence agencies, and they are all active in the run-up to the liberal democracy elections this year.
The purpose is beyond any reasonable doubt: to shape them to Russia's benefit.
He introduces Sandworm - a group that overlaps with APT28 and is also operated by the GRU. He further notes the NATO country statements bring up threats to critical industry as well as electoral interference.
Weakening liberal democracies and weakening the NATO alliance are conjoined in the hybrid war that Russia is conducting against Ukraine in the short term, and the West in the long term.
The NATO alliance has said clearly to Russia and the rest of the world, we see you, we are watching you, don't do that.
There may even be a hint at NATO's Article 5: an attack against one NATO member is an attack against all NATO members, and likely to result in a collective response.
This Cyber News was published on www.securityweek.com. Publication date: Mon, 13 May 2024 15:13:08 +0000