GR A.I CyberSecurity Scoring
GR
Company Information
Website:http://www.government.ru/eng/
Employees number:21
Number of followers:0
NAICS:92
Industry Type:Government Administration
Homepage:government.ru
GR Risk Score (AI oriented)
Between 750 and 799
GRGovernment Administration
Updated:
06/05/2026
06/05/2026
759/1000
Fair
Baa
GR Global Score (TPRM)
xxxx
GRGovernment Administration
Score locked

GRFair
Current Score
759Baa (FAIR)
01000
3 incidents
-4 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
763
JUNE 2026
760
MAY 2026
759
APRIL 2026
758
MARCH 2026
760
Vulnerability
01 Mar 2026 • GR
MikroTik, Government agencies and TP-Link: Russia-Linked Hackers Hijack Routers to Steal Passwords, UK Says
Russian GRU-Linked Hackers Exploit Routers in Global Credential Theft Campaign
756
CRITICAL-4
MIKGOVTP-1775579498
Russian GRU-Linked Hackers Exploit Routers in Global Credential Theft Campaign
The U.K.’s National Cyber Security Centre (NCSC) has issued a warning about a sophisticated cyber espionage campaign conducted by APT28, a hacking group tied to Russia’s GRU military intelligence agency. The attackers are compromising widely used internet routers primarily from manufacturers MikroTik and TP-Link to intercept and redirect traffic through malicious servers under their control.
By altering router settings, the hackers gain the ability to steal passwords, manipulate data, and expand access to targeted networks. The NCSC’s alert highlights the risks of credential theft and broader system compromise, though neither MikroTik nor TP-Link has publicly responded to the findings.
Paul Chichester, the NCSC’s Director of Operations, emphasized that the campaign exploits vulnerabilities in common networking hardware, underscoring the threat posed by state-backed actors targeting critical infrastructure.
Parallel research from Lumen Technologies’ Black Lotus Labs revealed the campaign’s global scale, identifying thousands of potential victims across at least 120 countries. Primary targets included government agencies such as foreign ministries and law enforcement as well as third-party email providers.
The incident reflects growing international concern over router security. In a related move, the U.S. Federal Communications Commission (FCC) recently banned the sale of certain foreign-made consumer routers, citing supply-chain vulnerabilities that could enable large-scale disruptions to critical infrastructure.
The NCSC and Lumen’s findings provide technical guidance for mitigating such attacks, though the full scope of the campaign’s impact remains under investigation.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
FEBRUARY 2026
760
JANUARY 2026
759
DECEMBER 2025
758
NOVEMBER 2025
757
OCTOBER 2025
756
SEPTEMBER 2025
755
AUGUST 2025
754
MARCH 2022
695
Cyber Attack
01 Mar 2022 • GR
Government of Russia
Supply Chain Attack on Russian Government Websites
680
CRITICAL-15
GOV03328422
Hackers targeted several Russian Government websites in a supply chain attack recently amid the Ukraine-Russia war.
The affected websites include the websites of the Energy Ministry, the Federal State Statistics Service, the Federal Penitentiary Service, the Federal Bailiff Service, the Federal Antimonopoly Service, the Culture Ministry, and other Russian state agencies.
The attackers blocked access to these websites and published their own data.
The Russian authorities soon restored access to the websites and removed the incorrect published data.
INCIDENT DETAILS -
TYPE
IMPACT
REFERENCES
JUNE 2021
814
Ransomware
01 Jun 2021 • GR
Government Entity: Ransomware Gang Member Linked to Russian Cybercrime Group Sentenced to Prison
Russian Ransomware Operative Sentenced for Global Extortion Scheme
673
CRITICAL-141
GOV1778055956
Russian Ransomware Operative Sentenced to Over 8 Years for Global Extortion Scheme
A 35-year-old Latvian national, Deniss Zolotarjovs, has been sentenced to 102 months in U.S. federal prison for his role as a key negotiator in a sophisticated Russian ransomware syndicate. Operating from Moscow, Zolotarjovs played a central part in a cybercrime network that targeted over 54 organizations worldwide between June 2021 and August 2023.
As the primary pressure point for victims who resisted ransom demands, Zolotarjovs specialized in weaponizing stolen data to maximize leverage. His tactics included analyzing sensitive information such as children’s medical records from a pediatric healthcare provider to force payments. When one victim refused, he escalated by leaking a mass archive of patient data to hundreds of individuals, demonstrating a ruthless approach to psychological coercion.
The syndicate, led by former members of the defunct Conti ransomware group, deployed multiple ransomware strains, including Akira, Royal, Karakurt, TommyLeaks, and SchoolBoys. Beyond encryption, the group focused on data theft and extortion, causing financial losses exceeding hundreds of millions of dollars. Known victims alone reported over $56 million in damages, with 13 companies paying $2.8 million in ransoms and an additional 41 victims contributing $13 million. The full scope of the damage remains unclear due to widespread underreporting.
The attacks disrupted critical infrastructure, including a government entity’s 911 emergency response system, and exposed sensitive data such as Social Security numbers and healthcare records. The syndicate operated with corporate-level sophistication from an office in St. Petersburg, employing a hierarchical structure and laundering money through a network of shell companies across Europe, Russia, and the U.S.
The group also exploited systemic corruption, recruiting former Russian law enforcement officers to access government databases for intimidation and recruitment. Leaders evaded taxes and bribed officials to exempt draft-age members from military service.
Zolotarjovs’ arrest in December 2023 in Georgia followed a coordinated international effort led by the FBI’s Cincinnati Field Office. After contesting extradition, he was transferred to U.S. custody in August 2024 and pleaded guilty to money laundering and wire fraud conspiracy in July 2025. The case marks a significant victory for global law enforcement in dismantling Eastern European cybercrime networks.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for GR ??
What was GR's A.I Rankiteo Cyber Score in June 2026 ??
What was GR's A.I Rankiteo Cyber Score in May 2026 ??
What was GR's A.I Rankiteo Cyber Score in April 2026 ??
What was GR's A.I Rankiteo Cyber Score in March 2026 ??
What was GR's A.I Rankiteo Cyber Score in February 2026 ??
What was GR's A.I Rankiteo Cyber Score in January 2026 ??
What was GR's A.I Rankiteo Cyber Score in December 2025 ??
What was GR's A.I Rankiteo Cyber Score in November 2025 ??
What was GR's A.I Rankiteo Cyber Score in October 2025 ??
What was GR's A.I Rankiteo Cyber Score in September 2025 ??
What was GR's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on GR's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with GR ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view GR's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?