Russia’s Cyber Sabotage Group Poses a Global Threat

This post is also available in: עברית (Hebrew)

A Russian-linked cyber group is becoming a significant global threat by playing an increasingly major role in the ongoing conflict in Ukraine.

Leading cybersecurity firm Mandiant reported seeing nefarious operations by the group (which is occasionally referred to as “Sandworm”) in places around the world that are considered political, military, or economic hotspots for Russian interests.

Mandiant researchers said in the report: “We have observed the group sustain access and espionage operations across North America, Europe, the Middle East, Central Asia, and Latin America. With a record number of people participating in national elections in 2024, Sandworm’s history of attempting to interfere in democratic processes further elevates the severity of the threat the group may pose in the near-term.”

Cybernews reports that five years ago, a US grand jury charged 12 Russian military intelligence officers for their alleged interference with the 2016 US presidential election, according to the FBI.

Sandworm is reported to have repeatedly targeted Western electoral systems and institutions, including members of NATO. It has also “attempted to interfere with democratic processes in select countries by leaking politically sensitive information and deploying malware to access election systems and misreport election data,” as reported by Mandiant.

The group has since established itself as Russia’s leading cyber sabotage unit, with the country’s military relying on it in its war on Ukraine. Sandworm is also reportedly sponsored by the Russian military intelligence and is “actively engaged in the full spectrum of espionage, attack, and influence operations.”

The researchers conclude that the group’s attempts range across many different fields, as long as it serves the political interests of the Russian Military: “We assess with high confidence that (Sandworm) is seen by the Kremlin as a flexible instrument of power capable of servicing Russia’s wide-ranging national interests and ambitions, including efforts to undermine democratic processes globally.”