<div class="block-paragraph_advanced"><h3><span style="vertical-align: baseline;">Introduction </span></h3> <p><span style="vertical-align: baseline;">In modern warfare, the front lines are no longer confined to the battlefield; they extend directly into the servers and supply chains of the industry that safeguards the nation. Today, the defense sector faces a relentless barrage of cyber operations conducted by state-sponsored actors and criminal groups alike. In recent years, Google Threat Intelligence Group (GTIG) has observed several distinct areas of focus in adversarial targeting of the defense industrial base (DIB). While not exhaustive of all actors and means, some of the more prominent themes in the landscape today include: </span></p> <ul> <li aria-level="1" style="list-style-type: disc; vertical-align: baseline;"> <p role="presentation"><span style="vertical-align: baseline;">Consistent effort has been dedicated to targeting defense entities fielding technologies on the battlefield in the Russia-Ukraine War. As next-generation capabilities are being operationalized in this environment, Russia-nexus threat actors and hacktivists are seeking to</span><strong style="vertical-align: baseline;"> compromise defense contractors</strong><span style="vertical-align: baseline;"> alongside military assets and systems, with a focus on organizations involved with unmanned aircraft systems (UAS). This includes targeting defense companies directly, </span><span style="vertical-align: baseline;">using themes mimicking their</span><span style="vertical-align: baseline;"> products and systems in intrusions against military organizations and personnel. </span></p> </li> <li aria-level="1" style="list-style-type: disc; vertical-align: baseline;"> <p role="presentation"><span style="vertical-align: baseline;">Across global defense and aerospace firms, the </span><strong style="vertical-align: baseline;">direct targeting of employees and exploitation of the hiring process</stro

Read Full Article at Mandiant Blog →