HQ/EMEAFind out how we can help your business
The Cadet Blizzard threat group has been on the radar of Microsoft since April. According to the company, the threat group could have ties to Russia’s Main Directorate of the Armed Forces General Staff or famously known as GRU.
This new GRU-backed hacking group obtained a WhisperGate data-wiping capability deployed against Ukraine earlier this year. In addition, Cade Blizzard was also the culprit in the defacement of Ukrainian websites last year and several hack-and-leak campaigns that spread on a low-activity Telegram channel called Free Civilian.
The Cadet Blizzard group is known for targeting essential sectors of the government.
Experts claimed that the Cadet Blizzard threat group emerged in the cybercriminal landscape in 2020. The group prioritised targeted essential sectors, such as law enforcement, IT service providers, emergency services, NGOs, and government services.
Microsoft’s threat analysis team assessed the Cadet Blizzard operation and claimed they are affiliated with GRU. However, they are separate from other notorious GRU-backed threat groups such as Seashell Blizzard and Forest Blizzard.
Furthermore, the Cadet Blizzard group teased everyone when it created and launched WhisperGate. The creation of such a destructive tool occurred a month before Russia started invading Ukraine. The malicious tool could wipe MBRs that could compromise Ukrainian government organisations.
However, Microsoft claimed that Cadet Blizzard’s cybercriminal operations have a low success rate compared to other Russian-backed hacker groups, like Fancy Bear and Sandworm.
Moreover, Cadet Blizzard started disappearing after June last year but resurfaced during the first weeks of 2023. Their reemergence has been booming since their attacks became more efficient. However, they still fell short of catching up with their Russian counterparts.
These GRU-sponsored cybercriminal activities have attacked Ukrainian government organisations and IT providers non-stop since the 2022 defacements.
Cybersecurity experts believe these Russian cybercriminals will continue to deploy different types of cybercriminal attacks against Ukraine as long as the geopolitical conflict between the two countries continues.
Ukrainian organisations, primarily government entities, should be wary of such threats and adopt security solutions that could keep malicious actors at bay.
