A cyber group with links to Russian military intelligence is set to become a significant global threat after playing an increasing critical role in the ongoing conflict in Ukraine, a leading cybersecurity firm warned Wednesday.
Google-owned Mandiant said in a report that it is seeing nefarious operations by the group referred to as “Sandworm” in places around the world considered political, military, or economic hotspots for Russian interests.
“We have observed the group sustain access and espionage operations across North America, Europe, the Middle East, Central Asia, and Latin America,” Mandiant researchers said in the report.
“With a record number of people participating in national elections in 2024, Sandworm’s history of attempting to interfere in democratic processes further elevates the severity of the threat the group may pose in the near-term.”
A US grand jury five years ago indicted a dozen Russian military intelligence officers on charges stemming from their alleged interference with the 2016 US presidential election that put Donald Trump in the White House, according to the FBI.
Trump is again running for president, after losing re-election in 2020.
Sandworm has repeatedly targeted Western electoral systems and institutions, including those in current and prospective North Atlantic Treaty Organization member countries, according to the Mandiant report.
Sandworm has “attempted to interfere with democratic processes in select countries by leaking politically sensitive information and deploying malware to access election systems and misreport election data,” Mandiant determined.
The group established itself as Russia’s preeminent cyber sabotage unit and has been relied on by the country’s military in its war on Ukraine, according to the researchers.
Sponsored by Russian military intelligence, Sandworm “is actively engaged in the full spectrum of espionage, attack, and influence operations,” Mandiant said.
“We assess with high confidence that (Sandworm) is seen by the Kremlin as a flexible instrument of power capable of servicing Russia’s wide ranging national interests and ambitions, including efforts to undermine democratic processes globally,” researchers concluded.
The group’s activities such as trying to influence elections or retaliate against international sporting bodies in athlete doping controversies suggest “no limit to the nationalistic impulses” that may drive Sandworm’s agenda, according to the report.
Source link: https://www.defencetalk.com/russian-cyber-sabotage-a-global-threat-security-firm-80222/ by Agence France-Presse at www.defencetalk.com