Energetic Bear is a state-integrated group (military intelligence service/agency members): The United States Cybersecurity and Infrastructure Security Agency (CISA) and the US Department of Justice (DoJ) referred to Energetic Bear as a “Russian state-sponsored APT actor” ([10]), citing target selection and aimed intelligence-gathering as strong indicators ([5]). According to Symantec, Energetic Bear displays a sufficiently high degree of technical capability which also assumes that the group is able to draw on state resources, both human and material. Additionally, as reported by Crowdstrike, the target selection of the group seems to align very closely with the likely information collection priorities of the Russian foreign, domestic, and military intelligence services; the SVR, FSB and GRU respectively.