Targeting of Polish government organizations with Follina vulnerability

Date of report

November 2023

Affiliations

APT 28

In 2022, APT 28 distributed malicious files claiming to provide an update on potential nuclear terrorism, which utilized the Follina vulnerability in the Microsoft support tool to break into the victim’s system. Ukraine’s cybersecurity agency reported on a similar campaign in 2022.

Suspected victims

Polish government agencies

Suspected state sponsor

Russian Federation

Type of incident

Espionage

Target category

Government

Victim government reaction

Unknown

Policy response

Unknown

Suspected state sponsor response

Unknown

Raport o stanie bezpieczeństwa cyberprzestrzeni RP w 2022 roku

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events