Russia-affiliated hacker group Turla went on a reconnaissance mission in at least two countries.
Threat actors tried to carry out attacks against the Baltic Defense College in Estonia, the Austrian Economic Chamber, and NATO’s eLearning platform JDAL.
According to a report by Sekoia, a cybersecurity firm, the nature of the attacks points to Russian intelligence being interested in the defense sector in Eastern Europe and topics related to the economic sanctions against the Russian Federation.
Turla, also known as Uroborus, Snake, and Venomous Bear, is a Russian-speaking cyber espionage group with suspected links to the Federal Security Service of the Russian Federation (FSB). The group has targeted Ministries of Foreign Affairs and Defense-focused organizations in the past.
The targets of the attack serve as a good indication of what concerns Russian cyber intelligence. For example, the Baltic Defence College was established by Estonia, Latvia, and Lithuania.
The institution provides military education and conferences to high-rank officers from the founding states as well as allies like NATO, the EU, and other European countries, including Ukraine.
Meanwhile, the Austrian Economic Chamber is involved in the decision-making and administrative procedures of the Austrian government. While Vienna stayed somewhat neutral during Russia’s war in Ukraine, Moscow is likely interested in any signals of a change in Austria’s attitudes.
According to the researchers, the campaign did not leverage any malicious code but has been used for reconnaissance purposes only.
Your email address will not be published. Required fields are markedmarked