Russia’s military intelligence services have attempted to hack into border security cameras to spy on and disrupt aid delivery to Ukraine, according to a joint advisory from 10 countries including the UK, US, France, and Germany. The hacking was allegedly carried out by GRU Unit 26165, also known as APT 28 and Fancy Bear.
The unit is accused of using various tactics to target organizations delivering foreign assistance, including sending phishing emails with pornography and fake professional information, obtaining stolen account passwords, and accessing private cameras at border crossings, railway stations, and military installations. This would have given them access to a “snapshot” of the camera’s images and potentially sensitive information on shipments.
The UK’s National Cyber Security Centre (NCSC) has issued an advisory warning private companies involved in aid delivery to take immediate action to protect themselves. The suggested actions include increasing monitoring, using multi-factor authentication with strong factors such as passkeys, and ensuring security updates are applied promptly to manage vulnerabilities.
This malicious campaign poses a serious risk to targeted organizations, including those delivering assistance to Ukraine. The UK and its partners are committed to raising awareness of the tactics being deployed and encourage organizations to familiarize themselves with the threat and mitigation advice to defend their networks.
Source: https://www.theguardian.com/world/2025/may/21/russia-accused-trying-disrupt-aid-ukraine-hacking-border-crossings