Russian hacking group ‘Seashell Blizzard’ has shifted its focus to a new campaign named ‘BadPilot’, targeting high-value global infrastructure in the US and UK, expanding from its previous Eastern European targets. This campaign, operating since 2021, is conducted by the threat group ‘Seashell Blizzard’ and employs opportunistic access techniques to compromise networks, collect credentials, and achieve command execution.

The group has been exploiting vulnerabilities in software such as ConnectWise ScreenConnect IT and Fortinet FortiClient EMS, raising concerns about potential future attacks in the West. Microsoft’s Threat Intelligence Report indicates that the group aims to innovate new techniques to compromise networks globally, aligning with Russia’s war objectives and national priorities.

Recent years have seen a rise in cybercrime as state-backed actors, including Russia, Iran, China, and North Korea, utilize cyberattacks not only for funding but also to disrupt critical infrastructure. ‘Seashell Blizzard’, for example, has targeted various industries in Ukraine with goals of demoralizing populations and undermining governmental confidence since 2022 through tactics like phishing campaigns and malware distribution.

For more cybersecurity recommendations, explore our top picks for malware removal software and best antivirus solutions. Stay informed, as the threat of cyber attacks continues to evolve and target critical infrastructure worldwide.