Welcome!

About the Game:
Fancy Bear is a Russian cyber espionage group, but what is Fancy Bear, and what have they done? Let us have a deep dive into Fancy Bear. Who is Fancy Bear and how can you protect yourself?

CLICK HERE TO ACCESS DESPICABLE BEAR TOP GAMES HACK

We often hear reports of nation-state hackers or adversaries” attacking government systems or political parties to disrupt or influence governance processes. The most infamous nation-state actor being Fancy Bear , a Russian cyber espionage group. Government agencies, including the UK and US, and multiple cyber security firms link Fancy Bear to Russian military intelligence agency GRU. The United States Special Counsel even identified Fancy Bear’s GRU unit as 26165. Make sure you read to the end of this article, where we show how TeamPassword can help companies prevent cyber crime, and sign up for our free trial by clicking here and start protecting yourself today. Who is Fancy Bear? Dmitri Alperovitch, a cyber security expert and co-founder of CrowdStrike, was the first to name the cyber espionage group “Fancy Bear.” Broken down as follows: Fancy referring to “Sofacy,” weirdly enough, a word in Fancy Bear’s malware reminded the analyst who discovered it of Iggy Azalea’s song “Fancy.” Bear being the codename for Russian hackers. Security researchers believe Fancy Bear has been operating since 2008. Their primary targets include aerospace, defense, energy, government, media, and Russian dissidents. Besides targeting Russian dissidents, there are compelling indications that Fancy Bear is linked to or funded by the Russian government. 1 – Fancy Bear only attacks Transcaucasian and NATO-aligned states. Most of the Transcaucasian states formed part of the old Soviet Union with hostile Russian relations. 2 – During attacks on the US Democratic National Committee in 2016 (see below for details), Fancy Bear was suspiciously inactive for the whole day on April 15—a Russian holiday honoring the military’s electronic warfare services. A day spent drinking vodka and celebrating Fancy Bear’s achievements instead of hacking, perhaps? 3 – In 2016, Fancy Bear breached the World Anti-Doping Agency’s (WADA) systems (see below for details). WADA suspects this hack was in response to the banning of Russian athletes in the 2016 Rio Olympics for doping. We often hear reports of “nation-state hackers or adversaries” attacking government systems or political parties to disrupt or influence governance processes. The most infamous nation-state actor being Fancy Bear , a Russian cyberespionage group. Government agencies, including the UK and US, and multiple cyber security firms link Fancy Bear to Russian military intelligence agency GRU. The United States Special Counsel even identified Fancy Bear’s GRU unit as 26165. Make sure you read to the end of this article, where we show how TeamPassword can help companies prevent cybercrime. Who is Fancy Bear? Dmitri Alperovitch, a cyber security expert and co-founder of CrowdStrike, was the first to name the cyber espionage group “Fancy Bear.” Broken down as follows: Fancy referring to “Sofacy,” weirdly enough, a word in Fancy Bear’s malware reminded the analyst who discovered it of Iggy Azalea’s song “Fancy.” Bear being the codename for Russian hackers. Security researchers believe Fancy Bear has been operating since 2008. Their primary targets include aerospace, defense, energy, government, media, and Russian dissidents. Besides targeting Russian dissidents, there are compelling indications that Fancy Bear is linked to or funded by the Russian government. 1 – Fancy Bear only attacks Transcaucasian and NATO-aligned s. Either Fancy Bear is so patriotic that they feel it’s their duty to attack Russia’s adversaries, or they’re a secret state-funded Russian cyber espionage group. Considering the significant resources required and sophistication of Fancy Bear’s attacks, it’s highly likely to be the latter! Fancy Bear aka APT28 aka . Fancy Bear goes by many aliases or code names related to attacks: APT28 (Advanced Persistent Threat 28 – US federal government classification) – after Fancy Bear, APT28 is most commonly used to refer to the group CyberCaliphate – often used to impersonate Islamic State hackers. Pawn Storm Sofacy Group Sednit Tsar Team STRONTIUM SNAKEMACKEREL Swallowtail Group 74 Threat Group-4127 TG-4127. What does Fancy Bear do? Fancy Bear is responsible for some of the last decade’s major governmental attacks. It’s clear that Fancy Bear’s motives are political rather than financial as they never attempt to steal money or assets. Fancy Bear’s primary goal is to advance Russian interests while stifling opposers, detractors, and dissidents. The infamous cyber-espionage group is most active in the United States, one of Russia’s biggest foes, where they continuously attempt to breach and disrupt State and social organizations. Outside of the United States, Fancy Bear is most active in Europe, attacking NATO allies, international organizations, and press institutions. Fancy Bear infiltrates these systems and often spends months or years gathering intelligence and leaking information to discredit Russia’s adversaries. In some cases, Fancy Bear dismantles IT systems and infrastructure to create instability for a city, region, or country. Famous Fancy Bear Attacks. Fancy Bear’s resume is extensive, as well as disruptive. We don’t have enough time to go into all of the organization’s work, but these are some of Fancy Bear’s most famous attacks. Notable German Attacks – 2014 to 2016. Fancy Bear attacked the German Bundestag’s (Germany’s parliament) IT infrastructure, shutting the system down for days in 2015. Investigators learned that Fancy Bear first infiltrated the Bundestag’s systems in December 2014 and spent six months dismantling the infrastructure and stealing around 16 gigabytes of data. Fancy Bear is also behind attacks on German parliamentary and political leaders in 2016. German authorities believe these attacks were an attempt to manipulate the country’s 2017 federal elections. French TV Network TV5Monde – 2015. Fancy Bear, posing ISIL under the pseudonym CyberCaliphate , hacked French TV network TV5Monde on April 8, 2015. Hackers stole TV5Monde staff passwords to gain access and shut down the company’s 12 channels for more than three hours. It was only on late April 9, 2015, that TV5Monde’s IT technicians fully restored the network. In addition, Fancy Bear took over TV5Monde’s social media accounts to post personal information for French soldier’s families and criticized then-president François Hollande. Investigators later discovered that TV5Monde’s were likely breached sometime around January 23, 2015. Fancy Bear spent months gathering intelligence and constructing the malware that took the TV network offline. Attackers breached several TV5Monde entry points, including a Dutch-based remote control camera supplier. The motive for the TV5Monde attack is still unclear, but French authorities suspect it was to test cyber-weaponry and tactics. With fragile French-Muslim relations, it’s also likely that by acting as ISIL, Fancy Bear wanted to aggravate tensions between the two parties. The 2015 attack almost destroyed TV5Monde and cost the organization around €8m ($9m, £7.2m). In response, TV5Monde has increased its cybersecurity, including a campaign to educate staff and contractors about cyber threats . World Anti-Doping Agency Attack – 2016. In 2016, Fancy Bear breached WADA’s systems by sending spoofed WADA communications to staff requesting their login details. The hackers stole records for athletes who WADA had granted testing exemptions and then attempted to fabricate the data to discredit them. Most athletes were from the United States, but attackers also released records for competitors from other nations.