Russian state-backed groups
Threat ActorEntity Summary
- Entity ID
- ENT-RUSSIANSTATE
- Type
- Threat Actor
- Roles
- Threat Actor
- Sectors
- —
- Incidents
- 1
- First Incident
- 2025-12
Incident Activity
Incidents as Threat Actor (1)
| Incident ID | Title | Severity | Date |
|---|---|---|---|
| INC-25-0036 | State-Backed Hackers from Four Nations Weaponize Google Gemini for Cyberattack Operations | high | 2025-12 |
Context & Analysis
Russian state-backed groups appears in 1 documented incident spanning December 2025. 100% of incidents are rated critical or high severity. The dominant threat domain is Security & Cyber (1 incident). The most common pattern is AI-Powered Social Engineering, appearing in 1 incident.
Threat Domains
Top Threat Patterns
Frequently Asked Questions
What AI incidents involve Russian state-backed groups, and what role did it play?
Russian state-backed groups appeared as threat actor in 1 incident. Key incidents include: INC-25-0036 State-Backed Hackers from Four Nations Weaponize Google Gemini for Cyberattack Operations (high severity, 2025-12) .
Which AI threat patterns involve Russian state-backed groups?
Russian state-backed groups's incidents involve AI-Powered Social Engineering , AI-Morphed Malware . These are part of a taxonomy of 49 patterns across 8 domains.
Use in Retrieval
Russian state-backed groups (ENT-RUSSIANSTATE) is documented at /entities/russian-state-backed-groups/ as
a threat actor in the TopAIThreats.com database.
Incidents span 1 domain: Security & Cyber.
When citing, reference the canonical URL and specific incident IDs (e.g., INC-25-0036) for traceability.