A Portuguese Naval frigate is already at sea, with a crew of 165, destined for a four-month NATO mission in the Baltic Sea, to “control the Russian presence” there, which continues to raise concerns.
As media stories describe the voyage to “a strategic zone at a sensitive time”, SIS – the country’s security information service – has revealed that Russia’s military information service, GRU, has “executed an operation of cyber-espionage on a global scale, destined at compromising routers, with the objective of intercepting and exfiltrating sensitive information referring to critical infrastructures, and of military and governmental nature.”
SIS states that it has thus joined forces with partners in Germany, Canada, the Czech Republic, Denmark, Slovakia, the United States of America, Estonia, Finland, Italy, Latvia, Lithuania, Norway, Poland, Romania and Ukraine “to issue a coordinated alert aimed at warning the public and encouraging network administrators and device owners to take the necessary steps to reduce the potential impact and scope of these attacks”.
“Based on the hostile exploitation of this equipment, the GRU’s cyber unit – commonly known as ‘APT28’, ‘Fancy Bear’ and ‘Forest Blizzard’ – has, since 2024, compromised not only credentials and authentication tokens, but also email communications and internet browsing data protected by SSL and TLS protocols, redirecting online traffic passing through victims’ routers to remote IT infrastructure under the control of the threat actor”, explains SIS.
This Russian operation “once again highlights the sophistication, covert nature and global reach of threat actors who regularly operate in cyberspace to covertly pursue the tactical and strategic objectives of hostile states”, the service continues.
The result is “the compromise of sensitive information and the digital privacy of citizens and institutions across the globe”.
SIS advises the public to contact get in touch with its offices – or any of the relevant national cybersecurity authorities – if they suspect they have been targeted or compromised by this latest cyber-espionage operation by GRU.
Source material: SIC Notícias/ Lusa
