Cyber Incident Victim: Green Group Defense Services
Date:
Mar 2015
Location:
United States of America
Summary
Pro-Russian hacktivist group CyberBerkut breached and leaked documents purportedly from U.S. military contractor Green Group Defense Services, exposing alleged plans to transfer lethal weapons to Ukraine with European support. The stolen correspondence, bearing the contractor's official seal and CEO signature, was published to undermine Ukrainian authorities and accuse them of collaborating with American interests, amplifying ongoing disinformation efforts against Ukraine's government while security analysts worked to authenticate the materials.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On March 2, 2015, the pro-Russian hacking group CyberBerkut publicly exposed documents allegedly belonging to U.S. military contractor Green Group Defense Services, claiming they revealed American efforts to transport lethal weapons into Ukraine with European assistance. The group published the materials on its official website on the preceding Friday, displaying letters bearing Green Group’s corporate seal and the purported signature of CEO Greg Holmes. CyberBerkut framed the leak as evidence of U.S. intentions to escalate military involvement in Ukraine while seeking political cover from European allies. This incident continued CyberBerkut’s pattern of targeting Ukrainian governmental entities and their Western partners through document leaks and cyberattacks, consistently portraying Ukraine’s government as illegitimate and accusing it of Nazi sympathies. The group had conducted multiple successful attacks against European IT systems throughout the preceding year, though specific technical details of this breach were not disclosed in available reporting.
The leaked documents immediately drew scrutiny from cybersecurity professionals and media outlets, with SC Magazine confirming direct contact from CyberBerkut regarding the materials. Security experts initiated verification processes to authenticate the documents’ origins and contents, though no conclusive findings were reported at the time of publication. Green Group Defense Services’ operational role in Ukraine remained unclear despite confirmation of the company’s existence. The disclosure risked amplifying geopolitical tensions by publicly alleging covert U.S. military support during active conflict in eastern Ukraine, while simultaneously damaging Green Group’s operational security and reputation through unauthorized exposure of sensitive correspondence. CyberBerkut leveraged the incident to reinforce its narrative of Western interference in Ukrainian affairs, consistent with its broader campaign to undermine Ukraine’s government and its international partnerships.