The United States has issued a strong condemnation of cyber activities attributed to Russia's General Staff Main Intelligence Directorate, known as APT28. This group, also referred to as Fancy Bear, Strontium, and Forest Blizzard, is accused of targeting Germany, Czechia, Lithuania, Poland, Slovakia, and Sweden.
The U.S. has aligned with Germany in attributing specific cyber activities to APT28 that targeted a German political party. APT28 is recognized for its history of disruptive behavior. The United States has previously taken legal action against individuals associated with this group for their involvement in various malicious cyber activities. These include interference in the 2016 U.S. presidential elections and operations against the World Anti-Doping Agency (WADA).
Efforts have been made by the U.S. Department of Justice alongside Germany to address these threats. They have worked together to remediate a network of routers used by APT28 to conduct malicious activity in Germany. This included addressing vulnerabilities such as CVE-2023-23397 and preventing further access by the GRU.
The statement highlights that Russia's actions disregard international agreements on responsible state behavior in cyberspace endorsed by United Nations Member States. The United States remains committed to ensuring the security of its allies and maintaining a rules-based international order in cyberspace.
"We call on Russia to stop this malicious activity and abide by its international commitments and obligations," states the release from the United States government. Collaborative efforts with EU and NATO Allies will continue to disrupt Russian cyber activities and hold those responsible accountable.