Russian state-sponsored cyber actors targeting tech companies, others 

May 23, 2025 - 10:49 AM
cybersecurity-hand-lock-graphic_900x400

The FBI, along with the National Security Agency and other international cybersecurity agencies, this week released a joint agency advisory on cyber operations by the Russian General Staff Main Intelligence Directorate (GRU), also known as APT28, Fancy Bear, Forest Blizzard, Blue Delta and other identifiers, targeting U.S. and global entities. For over two years, the Russian GRU has targeted logistics and technology companies using a mix of tactics, including reconstituted password spraying capabilities, spearphishing and modification of mailbox permissions. 

“Although the described threat does not appear to target health care directly, we should be aware of hospital and health system third-party service and technology providers who also maintain military contracts to provide services to the U.S. government and allied nations,” said John Riggi, AHA national advisor for cybersecurity and risk. “This alert demonstrates the need for increased due diligence in third-party risk management programs to identify all lines of business in which third parties and business associates are engaged, and which may expose the health care field to collateral cyber risk. This awareness will help drive the implementation of appropriate third-party risk mitigation controls.” 

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity

Related News Articles

Headline
CISA issues update on voluntary cybersecurity performance goals 
The Cybersecurity and Infrastructure Security Agency Dec. 11 released an update to its voluntary Cybersecurity Performance Goals, which includes measurable…
Headline
Agencies warn of state-sponsored cyberattacks from Russia, China
U.S. and international agencies are warning of potential cyberattacks on health care and other critical infrastructure from state-sponsored cyber actors in…
Headline
CISA alerts of critical vulnerability impacting free program used for building user interfaces 
A critical, unauthenticated remote code execution vulnerability known as React2Shell has been added to the Cybersecurity and Infrastructure Security Agency’s…
Headline
Resources available to help detect malicious AI schemes
The FBI has public resources available to help prevent exploitation by cybercriminals, who use artificial intelligence for deception. An infographic by the FBI…
Headline
NIST says critical vulnerability found in 7-Zip archiving software
A critical vulnerability has been identified in 7-Zip, a free software program used for archiving data, according to the National Institute of Standards and…
Headline
Agencies release guide to protect against bulletproof hosting provider cybercrimes 
U.S. and international agencies Nov. 19 released a guide on mitigating potential cybercrimes from bulletproof hosting providers. A BPH provider is an internet…