Tuesday, November 25, 2025

Russian Hackers Target US Engineering Firm Because of Work done for Ukrainian Sister City

Posted by Headline USA Editor
Computer hackers cyberattack
Big Tech and government can pose problems. / IMAGE: ABC News via YouTube

(Headline USA) Hackers working for Russian intelligence attacked an American engineering company this fall, investigators at a U.S. cybersecurity company said Tuesday — seemingly because that firm had worked for a U.S. municipality with a sister city in Ukraine.

The findings reflect the evolving tools and tactics of Russia’s cyber war and demonstrate Moscow’s willingness to attack a growing list of targets, including governments, organizations and private companies that have supported Ukraine, even in a tenuous way.

Arctic Wolf, the U.S. cybersecurity firm that identified the Russian campaign, wouldn’t identify its customer or the city it worked with to protect their security, but said the company had no direct connection to Russia’s invasion of Ukraine. However, the group behind the attack, known to cybersecurity experts as RomCom, has consistently targeted groups with links to Ukraine and its defense against Russia.

“They routinely go after organizations that support Ukrainian institutions directly, provide services to Ukrainian municipalities, and assist organizations tied to Ukrainian civil society, defense, or government functions,” said Ismael Valenzuela, Arctic Wolf’s vice president of labs, threat research and intelligence.

The attack on the engineering firm was identified by Arctic Wolf in September before it could disrupt the engineering company’s operations or spread further.

A message left with officials at the Russian Embassy in Washington seeking comment was not immediately returned.

Many towns and cities around the world enjoy sister-city relationships with other communities, using the program to offer social and economic exchanges. Several U.S. cities, including Chicago, Baltimore, Albany, N.Y. and Cincinnati, have sister-city relationships with communities in Ukraine.

The campaign in September came just a few weeks after the FBI warned that hackers linked to Russia were seeking to break into U.S. networks as a way to burrow into important systems or disrupt critical infrastructure. According to the latest bulletin from the U.S. Cybersecurity and Infrastructure Security Agency, the Russia-aligned hackers have multiple motives: disrupting aid and military supplies to Ukraine, punishing businesses with ties to Ukraine, or stealing military or technical secrets.

Last month, the Digital Security Lab of Ukraine and investigators at SentinelOne, a U.S. cybersecurity firm, exposed a speedy and sprawling cyberattack on relief groups supporting Ukraine, including the International Red Cross and UNICEF. That hacking campaign used fake emails impersonating Ukrainian officials that sought to fool users into infecting their own computers by clicking on malicious links.

The investigators at SentinelOne stopped short of attributing the attack to the Russian government but noted that the operation targeted groups working on Ukrainian assistance and required six months to plan. The “highly capable adversary” behind the campaign, the investigators determined, is “an operator well-versed in both offensive tradecraft and defensive detection evasion.”

Copyright 2025. No part of this site may be reproduced in whole or in part in any manner other than RSS without the permission of the copyright owner. Distribution via RSS is subject to our RSS Terms of Service and is strictly enforced. To inquire about licensing our content, use the contact form at https://headlineusa.com/advertising.
Click Here To Comment
- Advertisement -
Previous article
Wyoming, Idaho, and Missouri Top the 2026 Sound Money Index
Next article
FBI Seeks Interviews with Democrats who Urged US Troops to Defy Illegal Orders

TRENDING NOW

TRENDING NOW

LATEST NEWS

EDITOR PICKS

POPULAR CATEGORY

HEADLINE USA • PO BOX 49043 • CHARLOTTE, NC 28277

THE INFORMATION PRESENTED HERE IS FOR GENERAL EDUCATIONAL PURPOSES ONLY. YOU SHOULD ALWAYS CONSULT WITH YOUR PERSONAL PHYSICIAN REGARDING ANY PERSONAL HEALTH PROBLEM, AND YOU SHOULD ALWAYS CONSULT WITH YOUR FINANCIAL ADVISER REGARDING INVESTMENT DECISIONS. FDA DISCLOSURE: THE STATEMENTS, ARTICLES, AND PRODUCTS FEATURED IN HEADLINE USA EMAILS AND AT HEADLINEUSA.COM HAVE NOT BEEN EVALUATED BY THE FOOD AND DRUG ADMINISTRATION. NO INFORMATION OR PRODUCTS APPEARING IN EMAILS OR THE WEBSITE ARE INTENDED TO DIAGNOSE, TREAT, CURE, OR PREVENT ANY DISEASE. MATERIAL CONNECTION DISCLOSURE: HEADLINE USA MAY HAVE AN AFFILIATE RELATIONSHIP AND/OR ANOTHER MATERIAL CONNECTION TO ANY PERSONS OR BUSINESSES MENTIONED IN OR LINKED TO FROM EMAILS OR THE WEBSITE AND MAY RECEIVE COMMISSIONS FROM PURCHASES YOU MAKE ON SUBSEQUENT WEB SITES. YOU SHOULD NOT RELY SOLELY ON INFORMATION PUBLISHED BY HEADLINE USA TO EVALUATE THE PRODUCT OR SERVICE BEING OFFERED. ALWAYS EXERCISE YOUR OWN DUE DILIGENCE BEFORE PURCHASING ANY PRODUCT OR SERVICE.

Copyright 2025 HeadlineUSA.com