gptkbp:instanceOf
|
cybercrime
|
gptkbp:activity
|
cybercrime
|
gptkbp:alsoKnownAs
|
gptkb:Cozy_Bear
gptkb:APT29
gptkb:The_Dukes
|
gptkbp:associatedWith
|
gptkb:Russian_Foreign_Intelligence_Service_(SVR)
gptkb:APT28
|
gptkbp:category
|
cybercrime
Advanced Persistent Threat
hacker
|
gptkbp:connectsTo
|
Russian state-sponsored cyber operations
|
gptkbp:countryOfOrigin
|
gptkb:Russia
|
gptkbp:firstReported
|
2014
|
https://www.w3.org/2000/01/rdf-schema#label
|
CozyDuke
|
gptkbp:notableBattle
|
gptkb:SolarWinds_supply_chain_attack
gptkb:2015_White_House_cyberattack
gptkb:2016_Democratic_National_Committee_cyberattack
|
gptkbp:notableFor
|
2014
2015
2016
2020
|
gptkbp:suspect
|
gptkb:Russian_intelligence_services
gptkb:Russian_government
|
gptkbp:target
|
gptkb:energy
think tanks
research institutions
government organizations
military organizations
diplomatic institutions
|
gptkbp:technique
|
credential harvesting
custom malware
encrypted communications
living off the land
spear phishing
watering hole attacks
|
gptkbp:usesMalware
|
gptkb:SeaDuke
gptkb:CloudDuke
gptkb:CosmicDuke
gptkb:MiniDuke
gptkb:OnionDuke
gptkb:HAMMERTOSS
CozyCar
|
gptkbp:bfsParent
|
gptkb:Cozy_Bear
|
gptkbp:bfsLayer
|
6
|