Blog

Cybersecurity Incident Report First Step Technology LLC

APT28 | Tsar Team

Cybersecurity Incident Report

Incident Name Incident Discovery Date Cyber Incident Severity Affected Systems Response States Vulnerability
APT28 [Date of discovery] APT28, also known as Tsar Team, is a cyber threat group suspected to originate from the Russian government. They target the Caucasus, eastern European countries, NATO, European security organizations, and defense firms, collecting intelligence on defense and geopolitical issues. APT28’s operations are well-funded and receive direct support from the Russian government. High impact The Caucasus, eastern European countries, NATO, European security organizations, and defense firms Under investigation High

Understanding APT28: Cyber Threat from Russia

Dear Readers,

Today, we delve into APT28, also known as Tsar Team, a cyber threat group suspected to operate under the auspices of the Russian government. APT28’s primary targets include the Caucasus, eastern European countries, NATO, European security organizations, and defense firms.

This sophisticated threat group collects intelligence on defense and geopolitical issues, indicating their close ties to the Russian government. APT28’s operations are well-funded and receive direct support, suggesting a significant level of state sponsorship.

APT28’s arsenal includes malware such as CHOPSTICK and SOURFACE, which they use to conduct targeted attacks. They employ RSA encryption to protect stolen information, showcasing their advanced capabilities and long-standing dedication to cyber espionage.

Stay informed, stay secure.

First Step Technology LLC Cybersecurity Team