Back to blog

Windows bug allowed Russian cyber-spies to eavesdrop on NATO

by AprilSix Proof

BBC:NATO and Ukrainian administrations hacked by Russian group

Russian hackers successfully exploited a zero-day vulnerability in Microsoft Windows, dubbed ‘Sandworm’, to eavesdrop on NATO communications at the height of the Ukraine crisis.

Experts believe the cybercrime group had state support as it appeared to be gathering politically sensitive information rather than stealing commercially valuable data.

Attackers targeted a US-based academic specialising in relations between Russia and Ukraine, regional administrations within Ukraine and attendees at a conference on national defence covering topics ranging from the Ukraine crisis to NATO.

A report by cyber-monitoring company iSight found that NATO was duped with a sophisticated spear-phishing attack in the form of malicious software disguised as an email about EU diplomacy, and that hackers first exploited the zero-day vulnerability in August 2014. The cyber-group’s wider hacking campaign against NATO has been ongoing for five years.

Microsoft told the BBC it will now patch the vulnerability.

Read the full story here