Further details regarding the activities of a cyber espionage unit thought to be connected to the Russian Government have emerged in this period. The US based cyber security firm FireEye published a report on what it dubbed APT28 (Advanced Persistent Threat, the generic term for a cyber espionage threat group) on October 28. APT28 is thought to be the same unit that rival cyber security firm Trend Micro referred to as Sofacy/SEDNIT – the work of which it referred to as “Operation Pawn Storm” – while it is also reportedly connected to the creators of the Uroburos (aka. Turla) malware that we assessed in our coverage of August 14. FireEye states that the group has been active since the middle of 2007, from when it has sought to ascertain information from a variety of political, diplomatic, and military sources that correspond with Russia’s strategic geopolitical interests – a key factor in the decision to attribute the actions of the unit to the Russian state.
The report divides these targets into three main areas, the first of which is operations against