Russian threat actor APT 28 targeted Ukrainian media organizations, government institutions, and foreign policy think tanks in the United States and the European Union with attempts to establish access to victims’ systems, gain tactical information related to the invasion, and exfiltrate other sensitive information. Microsoft assumed control of seven of APT 28’s internet domains used in the attacks, redirecting site traffic to a sinkhole.
- Ukrainian institutions including media organizations and government institutions and think tanks in the United States and the European Union involved in foreign policy
Suspected state sponsor
- Russian Federation
Type of incident
- Civil society