Western intelligence agencies warn of Russian GRU cyber-attacks on NATO and EU nations

Western intelligence agencies, including those from the UK, US, Germany, and other allied countries, have issued a stark warning about a series of cyber-attacks orchestrated by Russia’s GRU military intelligence. The attacks, attributed to the GRU’s notorious Unit 29155, have targeted NATO and EU countries, with critical infrastructure in sectors such as finance, transport, energy, and healthcare being affected.

Unit 29155, already linked to high-profile incidents such as the 2018 poisoning of a former Russian double agent, Sergei Skripal, and his daughter in Salisbury, has increasingly shifted its focus toward cyber operations since at least 2020. According to the intelligence advisory, the group, also known as “Cadet Blizzard” or “Ember Bear,” has been responsible for espionage, sabotage, defacing websites, and leaking stolen data.

The joint cybersecurity advisory, released by Germany’s domestic intelligence agency (BfV) and international partners, including the FBI, CISA, and NSA, underscored that these cyber-attacks were part of Russia’s ongoing efforts to destabilize Western countries. The advisory highlighted the unit’s role in operations aimed at disrupting aid deliveries to Ukraine, especially in light of the ongoing war that began with Russia’s invasion of Ukraine in 2022.

Intelligence agencies from countries including Australia, Ukraine, Canada, and several European nations have corroborated these claims, noting that Unit 29155 has a history of engaging in sabotage, assassination attempts, and coup plots. The shift towards cyber-warfare represents an expanded toolkit for disrupting Western democracies and undermining global stability.

Germany has been a particular target, with several recent cyber-attacks on its governing Social Democrats and logistics, aerospace, and IT sectors. In May, Berlin formally accused Russia of launching multiple cyber-attacks on its defense and aerospace industries. The increasing frequency of these attacks, alongside espionage activities such as the jailing of a former German soldier for leaking military secrets to Russia, underscores the heightened cyber threat.