Menu
Browse

Cyber Threat Actor: FuhrparkService

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Nation State
Russia
1 incident
Profile

The threatactor is known by the aliases Fuhrpark Service transport fleet and BWFU, and the provided context indicates a location in Russia. German defense ministry sources describe the actor as an unidentified external party responsible for the cyberattack on the BWFU IT network. No further details about the actor’s structure, size, or internal organization are available in the source material.

The actor’s targeting is evidenced by the August 2020 intrusion against BWFU, a military‑run transport provider that serves the Bundestag parliament and German military personnel. The attack focused on the organization’s IT network and potentially exposed sensitive information such as politicians’ private addresses and parliamentary booking details. As a result, BWFU was forced to disconnect all electronic client links and engage a cyber incident response firm, although initial checks showed no damage to broader Bundeswehr systems. Parliamentary officials characterized the incident as serious and urged urgent resolution.

Regarding tactics, techniques, and procedures, the referenced article does not specify any malware families, initial access vectors, or particular tooling styles used by the actor; it only notes that the compromise was carried out by an unidentified external party through a cyberattack. Consequently, no concrete TTP themes can be derived from the available information.

Public attribution or affiliations have not been established; the actor remains unidentified, and no state nexus or criminal consortium is confirmed in the sources. The August 2020 intrusion against BWFU represents the sole publicly reported operation associated with this actor, described by officials as a significant breach whose full scope remained undetermined at the time of reporting.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
1 source