Key Findings: Russian state-sponsored threat actors linked to the GRU are increasingly breaching critical infrastructure networks by exploiting basic configuration mistakes rather than software vulnerabilities. The campaign has targeted energy providers and other critical infrastructure organizations across North America and Europe since at least 2021. The attackers focused on enterprise routers, VPN gateways, and network management appliances with exposed or poorly secured m
