Russian military hackers targeted Western tech and logistics companies linked to shipping aid to Ukraine, the U.S. National Security Agency (NSA) said.
These hackers tried to get information about what kind of aid was entering Ukraine. Part of their effort included trying to access live feeds from internet-connected cameras near Ukraine’s border crossings, according to the NSA’s report released Wednesday.
The cyberattacks focused on defense, transportation, and logistics companies in Western countries, including the U.S., along with ports, airports, and rail systems. The report didn’t say exactly what types of aid Russia was watching, but Ukraine’s allies have sent large amounts of military and humanitarian help since the war began.
More than 10,000 internet cameras were targeted. These included private cameras and public traffic cameras near important transport points like ports, rail stations, and border crossings. Most were in Ukraine, but some were in Romania, Poland, and other Eastern or Central European countries.
Officials did not say how successful the hackers were or how long they stayed hidden. The activity began in 2022, the year Russia invaded Ukraine.
Russia is expected to keep spying on aid shipments, so companies handling these shipments should stay alert, the report warned. The NSA, FBI, and security agencies from several allied countries released the report together.
“To defend against and mitigate these threats, at-risk entities should anticipate targeting,” the NSA said.
President Donald Trump speaks with the reporters in front of the White HouseThe attacks were linked to a Russian military intelligence group called “Fancy Bear,” known for previous cyberattacks on the U.S. and its allies.
The hackers used different methods to break in, including spearphishing. This involves sending convincing messages with links to harmful software or requests for private information.
They also took advantage of security weaknesses in computers used in small or home offices, which usually don’t have strong protections like larger companies.
According to Grant Geyer, chief strategy officer at cybersecurity firm Claroty, the hackers didn’t use very new techniques, but their widespread and well-planned effort gave Russia a detailed view of the aid sent to Ukraine.
“They have done detailed targeting across the entire supply chain to understand what equipment is moving, when and how — whether it’s by aircraft, ship or rail,” Geyer said.
Russia could use this information to improve its war plans or to plan future cyber or physical attacks on the supply routes to Ukraine.
Last fall, U.S. intelligence warned defense companies and suppliers to tighten security after several sabotage acts in Europe that U.S. officials blamed on Russia.
The Russian Embassy in Washington did not respond to requests for comment.
