Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Advocate I
‎05-21-2025 01:20 PM
‎05-21-2025 01:20 PM

Russian GRU Targeting Western Logistics Entities and Technology Companies

Dear All,

 

This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (85th GTsSS), military unit 26165—tracked in the cybersecurity community under several names (see “Cybersecurity Industry Tracking”). The actors’ cyber espionage-oriented campaign, targeting technology companies and logistics entities, uses a mix of previously disclosed tactics, techniques, and procedures (TTPs). The authoring agencies expect similar targeting and TTP use to continue.

 

 

Russian GRU Targeting Western Logistics Entities and Technology Companies

 

Question for discussion:

 

How can organizations effectively share threat intelligence related to these sophisticated, state-sponsored campaigns (like those by the GRU) while balancing concerns about sensitive internal information and potential reputational damage?

 

It's always great to learn from each other, share experiences, and stay updated. Let's learn and explore together!

 

 

Kyaw Myo Oo
Information Security Officer , CB BANK PCL
CCIE #58769 | CISSP | CRISC | PMP | CCSM | SAA-C03 | PCNSE
https://www.linkedin.com/in/kyaw-myo-oo/
Reply
4 Replies
ericgeater
Community Champion
‎05-21-2025 02:57 PM
‎05-21-2025 02:57 PM

Here in the United States, we share data with orgs that are similar in their design. Those groups are called ISACs, and you can see a list of them here: MEMBER ISACS | natlcouncilofisacs

 

We received this notification from our member ISAC this morning.  I am glad to see you shared this advisory with this group!

 

Do you have access to similar groups in your country, or region of countries?

-----------
A claim is as good as its veracity.
linkedin[.]com/in/geater
Reply
Kyaw_Myo_Oo
Advocate I
‎05-22-2025 08:20 AM
‎05-22-2025 08:20 AM

Thanks for sharing that context about ISACs in the U.S. It's always valuable to understand how different regions are structuring their cyber defense cooperation!

I'm glad to hear that sharing this advisory was also helpful. @ericgeater.

 

 

I would love to hear more insights from other members of the group.

 

 

 

Kyaw Myo Oo
Information Security Officer , CB BANK PCL
CCIE #58769 | CISSP | CRISC | PMP | CCSM | SAA-C03 | PCNSE
https://www.linkedin.com/in/kyaw-myo-oo/
Reply
akkem
Contributor III
‎05-22-2025 09:32 AM
‎05-22-2025 09:32 AM

Thanks for sharing @Kyaw_Myo_Oo
MITRE is one of the widely used and trusted framework globally. https://attack.mitre.org/
Reply
Kyaw_Myo_Oo
Advocate I
‎05-22-2025 01:07 PM
‎05-22-2025 01:07 PM

You're absolutely right! MITRE ATT&CK is an invaluable resource. It's truly transformed how we understand and defend against adversary tactics.

 

Thank you for sharing your time and expertise with us @akkem.

 

 

 

 

Kyaw Myo Oo
Information Security Officer , CB BANK PCL
CCIE #58769 | CISSP | CRISC | PMP | CCSM | SAA-C03 | PCNSE
https://www.linkedin.com/in/kyaw-myo-oo/
Reply
0 Kudos