Cadet Blizzard is a Russian state-sponsored cyber espionage hacking group operating within the GRU. It primarily targets critical infrastructure in Europe and also the United States. US federal agencies, including the NSA, FBI, and additionally, the CISA, released a Cybersecurity Advisory detailing the group’s activities. Overall the advisory warns that the group’s focus is on global targets for the purposes of espionage and sabotage.
Their hacking tactics include the use of
- WhisperGate malware
- Infrastructure scanning
- Data theft
Cadet Blizzard activities date back to 2022, involving attacks on organizations in Ukraine. Altogether Russia denies participation in cyber espionage and sabotage activities. However, industry leaders including Duo, Microsoft, and Google all released reports confirming their knowledge of Cadet Blizzard’s signature behaviours and attribution to Russia’s GRU Unit 29155.
Key Judgment 1. Cadet Blizzard’s tactics will likely become more advanced and increase the sophistication and scope of future cyber attacks on global critical infrastructure.
Key Judgment 2. As Cadet Blizzard gains greater hacking capabilities to infiltrate critical infrastructure networks, it is likely to gain access to sensitive information that will harm US and NATO security.
Key Judgment 3. As the volume of attacks on critical infrastructure increases, the global response will likely continue to apply stronger legal actions against individuals acting under state-sponsored groups.
