Threat profileRussian Federation
The Russian Federation's cyber activity can be subdivided into that of state-sponsored APTs and Organized Crime Groups (OCGs). Its state-sponsored units are highly advanced, mature and professionally integrated into its main intelligence services. Next to that, it houses a wide range of proxies and OCGs and cleverly uses such groups for capability development and talent recruitment. The OCGs are primarily concerned with financial gain and ransomware in particular. Russian OCGs dominate the ransomware business, with the vast majority operating from Russian soil.
Request a free membership to access our full research insights
Already a member? Login here
- Strategic motives: Espionage, information theft, disruption, financial gain
- Strategic goals: Dominating information warfare
- Cyber capabilities: ★★★★☆
- Number of known cyber operations: ★★★☆☆
- Number of APTs: 74
Top-10 Actors
By amount of Operations
Russian APTs
OUR OBSERVATIONS
0
Advanced Persistent Threats (APTs)
0
Tactics, Techniques & Procedures (TTPs)
0
Attack tools
SWOT analysis
Strengths, weaknesses, opportunities & threats
Strengths
- Multiple intelligence agencies with offensive cyber capabilities
- Large arsenal of proxy groups and independent patriotic hackers that contribute to advancing the state’s interest through cyberspace
- Presence of cyber capabilities to target cyber-physical assets
- Highly professionalized Russian OCGs dominating the ransomware landscape
Weaknesses
- Lagging behind in information technologies
- Fewer financial resources to invest in cyber than other cyber powers (US and China)
Opportunities
- Using cyber as a means of hybrid warfare against Western influence (mis)using the factor of 'plausible deniability'
- Use of OCGs to develop cyber capabilities and for recruitment to cyber intelligence units
- Gathering strategic intelligence on targets situated in the US, East & Western Europe
- Freedom for OCGs to operate from Russian soil without risking prosecution
Threats
- Continuing target for foreign APTs
- Targeted sanctions by the US in reaction to Russian cyber operations
Our articles covering Russian threats
From Hunt & Hackett experts
19Jan
De dreigingen, oplossingen & ervaringen in de land- en tuinbouwsector
02Aug
The SolarWinds attack: A contrarian view and lessons learned
24Feb
Lights can go out: Espionage & disruption in the energy sector
30Sep
All hands on deck: Attackers have entered the maritime industry
26Aug
Agriculture in the crosshairs of nation-state sponsored hackers
Learn more about our threat research?
