Corporate Threat Intelligence Unit
Appears in 1 story
Active, tracking GRU operations since 2021
Amazon exposed what Russia's most notorious cyber unit was doing while the world wasn't watching. From 2021 through 2025, GRU Unit 74455—the Sandworm team behind NotPetya and Ukraine's grid attacks—quietly evolved its playbook, abandoning flashy zero-day exploits for something harder to defend against: hunting misconfigured network devices protecting Western electric utilities, energy companies, and their security providers. They compromised edge devices, harvested credentials, and penetrated organizational networks across North America and Europe.
Updated Dec 25, 2025
No stories match your search
Try a different keyword
How would you like to describe your experience with the app today?
