Cybercrime Links To Russian State Hackers

In 2015, there were over one million cyber-attacks on individuals and companies every day, and that is why even the strongest US response to the theft of the Democratic National Committee emails will do little to deter future state-sponsored attacks, cybersecurity experts say.

The sheer volume and increasing sophistication of network attacks provide plausible deniability to state-sponsored groups, like the APT 28 and APT 29 thought to be behind the DNC hack, says Christopher Porter, of cybersecurity company FireEye.

“One of the key factors that makes these Russian operations doable is that sophisticated criminal groups have APT-like capabilities and go after similar targets,” said Porter, whose company first documented APT 29’s ties to the Kremlin in 2014.“The best criminals use some of the same tools that lower-end states might use.”

Recognizing the valuable cover this provides, the “Russian government has been intentionally blurring the lines between cyber activists, criminals and state-paid hackers,” said Jarno Limnell, vice president for cybersecurity at Insta Group Oy.

This makes it hard to conclusively attribute an attack to a particular government, and all but impossible to respond firmly. So Western countries have thus far remained “fairly quiet” in the face of various Russian provocations, and that has only emboldened Moscow, Limnell said.

“The increase in state-sponsored cyber-attacks of Russia is the result of a perception that there is not a significant ‘price to pay’ for such activities,” he said. “Russia will keep pushing more aggressive and sophisticated cyber operations as long as the West doesn’t push back.”

The restrained US response to the DNC theft fits that pattern. When asked about the motives behind the attack, President Barack Obama deferred to the ongoing FBI investigation, and simultaneously acknowledged the reality of Russia’s aggressive online behavior.

“What we do know is that the Russians hack our systems, not just government systems but private systems,” Obama told NBC in a recent interview. “What the motives were in terms of the leaks, all that, I can’t say directly. What I do know is that Donald Trump has repeatedly expressed admiration for Vladi­mir Putin.”

Russia’s information warfare, efforts to create a positive image of itself while “breaking the internal coherence” of its adversaries with tactics ranging from shutting down Ukraine’s power grid to deploying online troll armies to shape public opinion, is the central thread knitting together the country’s theory of Next-Generation Warfare, according to a review of the strategy published last year by the Institut Francais des Relations Internationales.

“The informational campaign is an uninterrupted (bezpriryvnost) strategic effort,” wrote Dima Adamsky, the study’s author and a professor of government, diplomacy and strategy at the Interdisciplinary Center Herzliya in Israel. “It is waged during ‘peacetime’ and wartime, simultaneously in domestic, the adversary’s and international media domains and in all spheres of new media.”

The US government’s response to the DNC leak is unlikely to curtail the Russians’ use of offensive cyber campaigns, said Tobias Feakin of the Australian Strategic Policy Institute. Cyber-attacks and other informational manipulations of the socio-political landscapes are too well integrated into the Russian doctrine.

“The chances are that a strong public response would lead to Russian activity dropping for a short time, but more often than not this would pick up again once they felt the storm had passed, and they had developed new means of achieving the same goals,” said Feakin, the director of ASPI’s International Cyber Policy Center.

Longer-term solutions require a more comprehensive and serious approach, said Porter, who heads FireEye’s strategic intelligence and forecasting arm. Governments must tamp down sophisticated cyber-crime and deny state-sponsored attackers their camouflage. “A lack of attention to cyber-crime has enabled this to be something that’s doable,” he said. “Large-scale cyber-crime needs to be recognized as a national security issue.”

DefenseOne: http://bit.ly/2bbKb7l

 

« Anatomy Of Cyber Jihad
Benefits of Penetration Testing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jones Day

Jones Day

Jones Day is an international law firm based in the United States. Practice areas include Cybersecurity, Privacy & Data Protection.

Messageware

Messageware

Messageware is the market leader in securing, enhancing, and customizing Microsoft Exchange and Outlook Web App.

Law Enforcement Cyber Center (LECC)

Law Enforcement Cyber Center (LECC)

LECC is designed to assist police, digital forensic investigators, detectives, and prosecutors who are investigating and preventing crimes that involve technology.

World Wide Technology (WWT)

World Wide Technology (WWT)

WWT is a technology solution provider in the areas of big data, collaboration, computing and cloud, mobility, networking, security and storage.

FinlayJames

FinlayJames

FinlayJames supports cyber security companies to meet the increasing demand and pressure on them by finding top talent within the industry for their sales, marketing and technical teams.

Cryptsoft

Cryptsoft

Cryptsoft provides key management and security software development toolkits based around open standards such as OASIS KMIP and PKCS#11.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

Horiba Mira

Horiba Mira

Horiba Mira is a global provider of automotive engineering, research and test services including services and solutions for automotive cybersecurity.

Abion

Abion

At Abion (formerly BRANDIT), we empower your business by providing comprehensive brand protection and web security services.

GB Group (GBG)

GB Group (GBG)

GBG is a global technology specialist in fraud, location and identity data intelligence.

Kinnami Software

Kinnami Software

Kinnami is a data security company that equips organizations with the tools they need to secure and protect highly confidential documents and data.

Avalanchio Technologies

Avalanchio Technologies

The Avalanchio platform gives you a complete solution to collect, process, and analyze security data to detect threats in real-time and analyze historical data using security DSL or SQL.

Evanssion

Evanssion

Evanssion is a value added distributor specialized in Cloud Native & Cyber Security across Middle East & Africa.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.

Lineaje

Lineaje

Lineaje solves critical Software Supply Chain security problems faced by every organization that builds, uses or sells software.

Ultima

Ultima

Ultima are on a mission to help businesses unlock their true potential by using the right IT to protect your company’s revenue and reputation – 24/7.