Whether the perpetrators or the victims, the Russian Federation is often linked to cyber activities in the news. The Russian Federation was recently hit with a ransomware attack called Bad Rabbit, which security professionals theorize was a retaliation for ransomware known as Petya. Evidence was also recently released indicating that the Russian government used private Russian company Kaspersky Labs’ technology to steal confidential American documents. Entire companies are based around infiltration of secret Russian underground forums in the hopes of gathering intelligence about Russian cybercrime.
Cybercrime and cyberattacks are not unique to Russia though - every nation is active in the cyber world. And while many of these news articles report on current events in great detail, they do not delve into the historical factors that have lead to the modern day state of cybersecurity.
In an effort to understand the strategic and operational motivation that has led to the current efforts in cyber crime/espionage, Anomali conducted research to create a detailed profile of the motivations and strategies of the Russian Federation as they pertain to cybersecurity. This helps to better profile Threat Actors and their Tactics, Techniques, and Procedures (TTPS). Therefore, the overarching research includes:
The Anomali Intelligence Augmentation Team will continue to conduct this research for other nations.