TeamViewer Credits Network Segmentation for Rebuffing APT29 Attack

Despite warnings from Health-ISAC and the NCC Group, the remote access software maker says defense-in-depth kept customers data safe from Midnight Blizzard.

This week, TeamViewer said that while the Russian group APT29, aka
Midnight Blizzard
, managed to access its corporate network, the threat actors were limited to the companys internal IT network because of strong segmentation between its environments. Thus, no customers were affected.
In
public statements
on June 27 (reiterated today), the German maker of remote desktop software said, [W]e keep all servers, networks, and accounts strictly separate to help prevent unauthorized access and lateral movement between the different environments. This segregation is one of multiple layers of protection in our defense in-depth approach.
Defense-in-depth is a set of basic techniques, including network segmentation, that the
US government consistently urges
people to implement. Others include
network monitoring
,
multifactor authentication
, and
access control lists
.
Even so, because of the potential mischief a bad actor with desktop access can wreak, TeamViewer users should up their security game, according to industry groups. The
NCC Group
, which originally issued a warning under an amber/limited classification but then changed it to green/public, advised its customers that, while awaiting final confirmation of the extent of compromise, they remove TeamViewer from their systems if possible and closely monitor hosts that had the application installed if not.
The
Health Information Sharing and Analysis Center (H-ISAC)
meanwhile issued similar advice to the healthcare sector, adding that organizations should implement two-factor authentication (2FA) and allowlists/blocklists to control who gets to access systems via TeamViewer.
Stakes are particularly high for remote access application security because of the legitimate access to users systems such software provides. In January, Huntress reported that two hacking attempts started with
TeamViewer instances
, and there is a long history of
attackers using remote desktop software
to implant malware. The apparently limited impact of the latest incident shows the value of defense-in-depth techniques to limit the effect of intrusions.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
TeamViewer Credits Network Segmentation for Rebuffing APT29 Attack