Kremlin appoints cyber executive with alleged GRU ties to Security Council role
Andrei Kozlov, the former head of a cybersecurity center within Russia’s state-owned defense conglomerate Rostec, was named an aide to Security Council Secretary Sergei Shoigu on Friday.
Russian President Vladimir Putin has appointed a former cybersecurity executive with alleged ties to a Russian military intelligence hacking unit as an aide to the secretary of Russia’s Security Council.
Andrei Kozlov, the former head of a cybersecurity center within Russia’s state-owned defense conglomerate Rostec, was named an aide to Security Council Secretary Sergei Shoigu on Friday.
According to leaked data published by independent Russian outlet The Insider, Kozlov held a classified security clearance under Military Unit 26165 — also known as the 85th Main Special Service Center — which Western governments and cybersecurity firms have linked to the hacking group Fancy Bear.
Source: https://therecord.media/andrei-kozlov-appointed-russia-security-council
Related breach coverage
- NSA selects new leads for key cybersecurity posts2026-06-01
David Imbordino, an NSA senior executive who most recently led its cybersecurity directorate in an acting capacity, has been named as its new chief. Bruce Jones, a career NSA technical and operational leader, as the new head of its Cybersecurity Collaboration Center.
- Russia’s FSB Says Foreign Spies Infected Officials’ Phones With Malware2026-06-03
Russia’s FSB claims foreign intelligence planted malware on senior officials’ phones to intercept calls and activate cameras. No technical evidence, no country named. On June 2, 2026, Russia’s Federal Security Service (FSB) published a statement claiming it had uncovered and documented a large-scale foreign intelligence operation targeting the mobile devices of senior Russian officials. The […]
- CISA directive for AI executive order to be released this week, Andersen says2026-06-04
The binding operational directive will focus in part on “vulnerability alleviation and vulnerability management,” Andersen said in remarks delivered at the TechNet Cyber conference in Baltimore.
- Cyber espionage campaign targeted stock exchange executive’s Outlook account2026-06-03
Attackers spent five months silently stealing emails from a stock exchange executive’s Outlook account in a suspected espionage operation. A threat actor quietly sat inside a senior executive’s Outlook account at a major global stock exchange for roughly 150 days, from October 2025 to March 2026. Broadcom’s Symantec and Carbon Black threat-hunting team investigated the […]