On September 5, 2024, the UK National Cyber Security Centre publicly assessed that the 29155 Unit of russian military intelligence (GRU) have been responsible for a series of offensive cyber operations targeting victims globally since at least 2020. Some of the group’s cyber operations have almost certainly been aimed at supporting russian invasion of Ukraine, the UK Defense Intelligence reports.
Operations have included the WhisperGate destructive wiper malware, which was used against Ukrainian targets in 2022. Other activity has included website defacements and network scanning for espionage purposes. The WhisperGate malware was previously attributed to the russian state; this new advisory specifically links the attack to the 29155 Unit.
Read more: The UK Defense Intelligence Reports on the Consequences of Ukrainian Strike on russia’s Marinovka Air Base
The 29155 Unit is assessed to be responsible for attempted coups, sabotage and influence operations, and assassination attempts throughout Europe. Offensive cyber operations therefore mark a development in the capabilities of the 29155 Unit. This further highlights the value the russian state places on cyberspace in the context of their invasion of Ukraine.
Read more: The UK Defense Intelligence Predicts What russia Is Planning to Do in Donetsk Region
