Sample Post Design

Despite downplaying, even denying, their involvement in cyberattacks, Russia’s recent invasion of Ukraine, the Russia-Ukraine war brings with it the credible threat of an uptick in state-sponsored criminal cyber behavior. On Friday, Feb. 25, 2022, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently urged leaders of U.S. critical infrastructure organizations to increase resilience against a growing risk of being targeted by foreign influence operations using misinformation, disinformation, and malformation (MDM) tactics.

Russian Cyberwarfare at a Glance

74% of all money made through ransomware attacks in 2021 went to Russian-linked hackers.
Russia is home to large-scale crypto-currency-based money laundering
Despite denying any plausibility, the blurred lines between Russian intelligence agencies (the GRU/SVR/FSB) and anonymous hackers are well-documented.

New analysis suggests that 74% of all money made through ransomware attacks in 2021 went to Russia-linked hackers. Researchers say more than $400 million worth of crypto-currency payments went to groups “highly likely to be affiliated with Russia”. Russia has denied accusations that it is harboring cyber-criminals. While crypto may be ‘anonymous’, you can easily follow the flow of money to and from the digital wallets of known hacking groups using public blockchain transaction records. Further evidence that ransomware stems from Russia is that much of the code is written to prevent it from damaging files if the victims are located in Russia or a CIS country.

Russia has deployed sophisticated cyber capabilities to conduct disinformation, propaganda, espionage, and destructive cyberattacks globally. To conduct these operations, Russia maintains numerous units that are overseen by various security and intelligence agencies.

An analysis by the Defense Intelligence Agency in 2017 outlines Russia’s view of “Information Countermeasures” or IPb (informatsionnoye protivoborstvo) as “strategically decisive and critically important to control its domestic populace and influence adversary states”, dividing ‘Information Countermeasures’ into two categories of “Informational-Technical” and “Informational-Psychological” groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to “attempts to change people’s behavior or beliefs in favor of Russian governmental objectives.”

The U.S. Department of Justice (DOJ) has charged personnel from both units for actions ranging from election interference in the 2016 U.S. presidential election to multiple damaging cyberattacks.

A complex, opaque, and entangled web of proxies can generate deniability, confusion, the need to fend off multiple ongoing attacks at once—and from the Kremlin’s perspective, that’s part of Russia’s cyber power, power the world can’t afford to ignore.

Russian Cyber Units

Russia has deployed sophisticated cyber capabilities to conduct disinformation, propaganda, espionage, and destructive cyberattacks globally. To conduct these operations, Russia maintains numerous units that are overseen by various security and intelligence agencies.

An analysis by the Defense Intelligence Agency in 2017 outlines Russia’s view of “Information Countermeasures” or IPb (informatsionnoye protivoborstvo) as “strategically decisive and critically important to control its domestic populace and influence adversary states”, dividing ‘Information Countermeasures’ into two categories of “Informational-Technical” and “Informational-Psychological” groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to “attempts to change people’s behavior or beliefs in favor of Russian governmental objectives.”

The U.S. Department of Justice (DOJ) has charged personnel from both units for actions ranging from election interference in the 2016 U.S. presidential election to multiple damaging cyberattacks.

A complex, opaque, and entangled web of proxies can generate deniability, confusion, the need to fend off multiple ongoing attacks at once—and from the Kremlin’s perspective, that’s part of Russia’s cyber power, power the world can’t afford to ignore.

  • 58% of all cyberattacks stem from Russia
  • 74% of all ransomware attacks originate from Russia
  • 43% of all ransomware attacks target Small-to-Medium Businesses
  • 61% of small and medium-sized businesses have been breached in the last 12 months
  • $2.98 million is the average financial impact from a cyberattack
  • 60% of businesses affected by a cyberattack went out of business in 6 months
  • $10.5 Trillion — the projected cost of cybercrime in 2022
  • $172 Billion — the projected spend for Cybersecurity, Information Security, and Risk Management in 2022

Russian Cyber Weaknesses

Despite its capabilities and high operational tempo, Russia faces significant challenges in cyber operations. Like other government agencies, Russian security services face challenges recruiting qualified personnel. Private sector opportunities and rival agencies compete for talent. This often causes Russian security services to outsource operations to civilian and anonymous hackers.

Russia’s security services also are known for high levels of corruption. Russian security and intelligence agents have been unmasked and identified through information often reportedly sold by corrupt security officers. In 2020, media outlets identified the FSB agents reportedly responsible for the assassination attempt of Russian opposition figure Alexei Navalny from purchased data.

Be Vigilant

Cyberattacks do not discriminate – no one industry or type of business is particularly targeted over others. For example, Retail & Manufacturing make up 13% and 12%, respectively, of ransomware victims, whereas Energy and Media comprise 4% and 5%. Similarly, Small-to-Medium sized businesses makeup almost half of all ransomware at a 43% hit rate.

Despite significant advances made in machine-learning, AI-driven threat detection, and predictive analytics, there is still an even more weighted factor in the cybersecurity equation: people – their training and education, or lack thereof.

Ransomware Cybercrime Targets

Top Causes of Security Breaches

Security Breaches
Approximately 90% of cyber hacks stem from human error and/or malicious behavior. While you cannot always thwart bad actors, you can take a few simple steps to help safeguard your precious data and greatly decrease your chances of cyber vulnerability:
  • Keep Software Updated – Use Automatic Updates
  • Set Anti-Virus & Antimalware Scans to Run Regularly
  • Create New, Robust Passwords & Use a Password Manager
  • Use 2FA and Multi-factor Authentication
  • Don’t Use Public WiFi (VPN or Use Your Phone’s Hotspot)
  • Educate Your Organization on Social Engineering, Phishing/Vishing Scams and Cybersec Best Practices

Understand Your Threat Landscape – Develop a Proactive, Defensive Strategy

Critical to any counter-threat strategy is reconnaissance of the battlespace. Even the most secure networks warrant routine and thorough vulnerability assessments by a reputable, impartial 3rd party. A solid vulnerability assessment uncovers and evaluates vulnerabilities within your network and cloud infrastructures. Assessment findings not only bring light to the weaker areas of your digital environments, they also present the severity of each vulnerability.

Once the assessment is completed, security experts will then offer a set of tailored recommendations for your team to remediate. Additionally, Cyberware AI offers a thorough Training & Education service to build up and fortify your org’s greatest defensive deterrent: Your People.

Each organization is different, that’s why at Cyberware AI we tailor security measures and programs to each individual use case. We take into consideration your business limitations as well as needs to ensure that our input/recommendations align well with your business goals and vision.

Safeguard your future * Stand firm in your resolve * Mitigate business disruption

Contact Cyberware AI to discuss how to improve your security posture against Russian and other threats set on disruption and destruction.

References

  • 58% of all cyberattacks stem from Russia
  • 74% of all ransomware attacks originate from Russia
  • 43% of all ransomware attacks target Small-to-Medium Businesses
  • 61% of small and medium-sized businesses have been breached in the last 12 months
  • $2.98 million is the average financial impact from a cyberattack
  • 60% of businesses affected by a cyberattack went out of business in 6 months
  • $10.5 Trillion — the projected cost of cybercrime in 2022
  • $172 Billion — the projected spend for Cybersecurity, Information Security, and Risk Management in 2022