Amazon discloses ‘years-long’ Russian hacking group operation, has advice for all companies

Amazon’s threat intelligence team has exposed a Russia-sponsored hacking effort that targeted critical infrastructure in Western countries in the recent years. According to the report, the Russian hackers have been focusing on targeting critical infrastructure in both energy and cloud-hosted segments in the US and Europe. This e-commerce giant identified the attackers as being from Russia’s Main Intelligence Directorate (GRU). This attack had strong infrastructure ties to APT44, also known as Sandworm, Frozen Barents, Seashell Blizzard, and Voodoo Bear. It mainly targeted critical infrastructure entities and energy organisations in both North America and Europe.

One interesting data point within the Amazon report is the change in strategy employed by the group.