While French officials have not disclosed plans for legal action against APT28, they reaffirmed their commitment to enhancing cybersecurity within their national defense strategy.

On April 30, 2025, the hacker collective Anonymous released identities of four alleged APT28 members, warning of further actions against them.

In response to ongoing threats, France plans to sign a friendship treaty with Poland on May 9, 2025, aimed at strengthening cooperation on defense and cybersecurity.

This incident underscores the ongoing geopolitical tensions between Russia and Western nations, particularly in the realm of cybersecurity.

Despite awareness of the cyber campaign since 2023, France's countermeasures have proven ineffective, as attackers have adapted their methods to exploit less secure infrastructures.

APT28 has employed tactics such as phishing, vulnerability exploitation, and brute-force attacks, often utilizing low-cost, outsourced infrastructure like rented servers and temporary email addresses for initial access.

The group has also been linked to ongoing cyber pressures on Ukraine's infrastructure, indicating a broader strategy of destabilization in the region.

The targeted entities have included defense firms, government agencies, and think tanks, reflecting a strategy aimed at destabilizing the French state amid rising geopolitical tensions.

APT28's operations have increased since the onset of the Ukraine war, with a focus on government, military, media, and financial entities in Ukraine and beyond.

France's foreign ministry has accused Russia's GRU military intelligence agency, specifically unit APT28, of conducting cyberattacks on various French entities since 2021, with the aim of destabilizing the country.

The cyberattacks have targeted a range of sectors, including a sports organization involved in the upcoming 2024 Paris Olympic and Paralympic Games, as well as aerospace, finance, and government agencies, although specific names were not disclosed.

These intrusions have raised alarms over national security vulnerabilities, particularly as they target critical infrastructure and sensitive data.