UNION SPIDER is a sophisticated threat actor publicly identified around February 2014 for its cyber espionage campaigns. The group is assessed with moderate confidence to be of Russian origin and primarily focuses on data exfiltration and long-term surveillance, targeting governmental and commercial sectors. While not extensively detailed in public reporting, UNION SPIDER distinguishes itself through the use of elaborate social engineering and custom malware. It should not be confused with other similarly named but distinct threat groups such as Scattered Spider, which emerged later and operates with different characteristics.