Short answers, pulled from the story.
Russia formalized its approach to digital conflict through the Information Security Doctrine in 2016. This document defined information security broadly to include data, infrastructure, and human processes while establishing goals to protect information sovereignty.
APT28 known as Fancy Bear is commonly linked to GRU Unit 26165 while APT29 sometimes called Nobelium connects to Russia's SVR. Sandworm assessed as GRU Unit 74455 has deployed destructive malware against Ukrainian targets and Turla associates with FSB infrastructure.
In April 2007 Estonia faced a series of cyberattacks following a diplomatic row over a Soviet war memorial. An enormous volume of spam transmitted by botnets took down financial media and government websites during this period.
In March 2014 a Russian cyber weapon called Snake or Ouroboros created havoc on Ukrainian government systems. From 2014 to 2016 the Russian APT Fancy Bear used Android malware to target the Ukrainian Army's Rocket Forces and Artillery.
Over several months in 2020 APT29 breached multiple U.S. government agencies including Treasury Commerce and Energy departments through SolarWinds Orion. The hacks occurred through a network management system used by top cybersecurity firms.