Policy paper

Profile: GRU cyber and hybrid threat operations

Factsheet which exposes the Armed Forces of the Russian Federation (GRU) cyber and information operations against the UK and allies.

• From: Foreign, Commonwealth & Development Office, Home Office, Cabinet Office and National Cyber Security Centre
• Published: 18 July 2025
• Last updated: 4 December 2025 — See all updates

Documents

Profile: GRU cyber and hybrid threat operations

HTML

Details

This document illustrates how the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU) is making sustained and persistent use of cyber and information operations to cause real world harm to the UK and its allies and in support of Russia’s illegal war in Ukraine.

By publicly highlighting malicious activity, and imposing clear costs in response, we are sending a clear message that we know what Russia is doing, it will not be tolerated, and we will hold those responsible to account.  

The UK is not acting alone. We will continue to work with our allies and partners (including through NATO and the EU and its Member States) to combat the full spectrum of malign hybrid activity emanating from Putin’s Kremlin in solidarity with Ukraine in their fight for a just and lasting peace.

Published 18 July 2025

Last updated 4 December 2025 + show all updates

1. 4 December 2025

   Factsheet updated to reflect 8 additional UK designations of GRU military intelligence officers (4 December 2025) and further information cyber teams within GRU Unit 26165 (also known as APT 28).

2. 18 July 2025

   First published.