The Russia Problem: What Businesses Can Learn From Cyberwarfare

[nir]

As someone who has built IT security companies from the ground up and dealt with the growing issue of malware for well over 15 years now, the last thing I expected when I started my current company is that I would have to become somewhat of a Kremlinologist.
 

KnowBe4 helps organizations manage the problem of social engineering, and Russia has been one of the major sources of these types of attacks on organizations and governments. To illustrate this problem, we can look at the letter that U.S. Senator Ron Wyden (OR) recently sent to Senate leadership complaining about Russian cyberattacks and his plan to introduce legislation to help combat them. And the U.S. isn't alone in dealing with these attacks.
 

Maybe these attacks shouldn't come as a surprise seeing as how Russian President Vladimir Putin has commented that he feels the collapse of the Soviet Union “was the greatest geopolitical catastrophe of the century.” In the West, we tend to disagree.

 

And now, we have more or less been forced to investigate the root cause of Russian cyberattacks, including the forensics of criminal phishing attacks, ransomware campaigns and sometimes state-sponsored credential-harvesting attacks.
 

Russian Organized Cybercrime
 

Apart from Russia's three shadowy intelligence agencies (the FSB, SRV and GRU), Putin has another extremely useful resource: the criminal cybermafias that have come to prominence over the past decade. They are highly sophisticated hackers who have made spear phishing an applied art and science. And when needed, the Kremlin pulls them into cyberwar campaigns to degrade the infrastructure of “misbehaving” former Soviet satellites like Ukraine and the Baltic states.

Source