Sponsored By

NATO-Member Oil Refinery Targeted in Russian APT Blitz Against Ukraine

Security Service-backed Trident Ursa APT group shakes up tactics in its relentless cyberattacks against Ukraine.

Dark Reading Staff

December 20, 2022

1 Min Read
Photo of UFSB building exterior in Moscow
Headquarters of the Russian Federal Security ServiceSource: Dimitar Chobanov via Alamy Stock Photo

Physical threats against a Ukrainian cybersecurity researcher and a failed attempt to breach a petroleum refinery inside a NATO-member nation are just the latest notable salvos in Russian state-backed APT group Trident Ursa's campaign against Ukraine.

Researchers at Palo Alto Network's Unit 42 reported on the APT group (also known as Gamaredon, Primitive Bear, Shuckworm, and UAC-0010) tactics over the past 10 months, noting the connection between Trident Ursa and the Russian Federal Security Service.

"As the conflict has continued on the ground and in cyberspace, Trident Ursa has been operating as a dedicated access creator and intelligence gatherer," the Unit 42 team explained. "Trident Ursa remains one of the most pervasive, intrusive, continuously active and focused APTs targeting Ukraine."

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights