Microsoft and OpenAI conducted a study which found that hacker groups from China, Iran, North Korea, and Russia are utilizing artificial intelligence tools in their attacks.
According to the report released by the companies, the Russian hacker group Forest Blizzard, associated with the GRU, carries out tactical and strategic-level attacks in the interests of the Russian government.
Forest Blizzard (STRONTIUM) is a Russian military intelligence actor linked to GRU Unit 26165, who has targeted victims of both tactical and strategic interest to the Russian government. Their activities span across a variety of sectors including defense, transportation/logistics, government, energy, non-governmental organizations (NGO), and information technology. Forest Blizzard has been extremely active in targeting organizations in and related to Russia’s war in Ukraine throughout the duration of the conflict, and Microsoft assesses that Forest Blizzard operations play a significant supporting role to Russia’s foreign policy and military objectives both in Ukraine and in the broader international community. Forest Blizzard overlaps with the threat actor tracked by other researchers as APT28 and Fancy Bear.
The group is particularly active in targeting organizations related to Russia's war in Ukraine.
Microsoft believes that Forest Blizzard's operations play a significant supportive role in Russia's foreign policy and military objectives both in Ukraine and globally.
The use of LLM by Forest Blizzard involved researching various satellite and radar technologies that could relate to conventional military operations in Ukraine, as well as conducting general research to support their cyber operations.
