FROZENBARENTS

FROZENBARENTS is an intrusion set tracked by Google's Threat Analysis Group that has been active since at least 2009. The group is also known as APT44, VOODOO BEAR or Sandworm, and is a state-sponsored cyber threat group linked to Russian military intelligence (GRU). It is known for its strategic alignment with Russia's military operations, particularly in Ukraine.

FROZENBARENTS operates globally, targeting geopolitical, military, and economic interests. Its activities have been observed interfering with democratic processes, posing a significant threat during national elections.

FROZENBARENTS is operationally sophisticated, conducting espionage, attack, and influence operations. It has developed a comprehensive playbook that aligns with Russia's "information confrontation" strategy for cyber warfare, integrating espionage, sabotage, and influence operations for combined effect.

FROZENBARENTS has been responsible for some of the most impactful cyber attacks in history, including disruptions of Ukraine's energy grid and the NotPetya attack. As a high-severity threat to global governments and critical infrastructure, FROZENBARENTS is expected to continue shaping cyber operations in line with Russia's strategic objectives.

blog.google

https://blog.google/threat-analysis-group/ukraine-remains-russias-biggest-cyber-focus-in-2023/

services.google.com

https://services.google.com/fh/files/misc/apt44-unearthing-sandworm.pdf

services.google.com

https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf