APT28 – most likely Russian state sponsored

Key details: October 2014

  • advanced persistent threat is a set of stealthy and continuous computer hacking processes, often orchestrated by a person or persons targeting a specific entity.
  • APTs are not normally single hackers, but groups
  • APT28 target a range of political and military organisations
  • Other probable APT28 targets identified:
    • Government of Mexico
    • Chilean Military
    • Pakistani Navy
    • U.S. Defense Contractors
    • European Embassy in Iraq
  • Several of the domains APT28 registered imitated NATO domain names
  • Most famous group, APT28, is widely believed to be state sponsored (Russian) due to targets, coding, and Russian holiday dates observed by the group:

Table for APT28

https://www.fireeye.com/blog/threat-research/2014/10/apt28-a-window-into-russias-cyber-espionage-operations.html

https://www2.fireeye.com/apt28.html