Targeting of Ukrainian institutions and U.S. and European foreign policy institutions and think tanks
Date of report
  • April 2022
Affiliations
Russian threat actor APT 28 targeted Ukrainian media organizations, government institutions, and foreign policy think tanks in the United States and the European Union with attempts to establish access to victims’ systems, gain tactical information related to the invasion, and exfiltrate other sensitive information. Microsoft assumed control of seven of APT 28’s internet domains used in the attacks, redirecting site traffic to a sinkhole.
Suspected victims
  • Ukrainian institutions including media organizations and government institutions and think tanks in the United States and the European Union involved in foreign policy
Suspected state sponsor
  • Russian Federation
Type of incident
  • Espionage
Target category
  • Government
  • Civil society