There is a cyber bear in the woods.
InformationWeek via Random Spaf:
New report shows level of coordination and strategy by three main groups of cyberspies out of Russia.
A study of published intelligence on three major malware families used in Russia's cyber espionage operations shows a highly coordinated, targeted, and stealthy strategy.
Researchers at Recorded Future studied Uroburous, Energetic Bear, and APT28, three main malware families out of Russia being used for cyberspying. In a report scheduled for publication today, RecordedFuture analyzed intelligence on the operations from public reports by various security vendor research teams and found, among other things, that the three attack groups don't operate in a vacuum. For one thing, they appear to avoid hitting the same targets: "There's very little cohabitation of the [three] malware families," says Christopher Ahlberg, CEO and co-founder of Recorded Future. "It seems to indicate some level of tactical and organizational coordination."
Russia mostly has been known for its notorious cybercrime underground, but its cyber espionage activity over the past year has come into sharper focus after a wave of publicized targeted cyberspying campaigns. China, meanwhile, has been spotted operating pervasive cyber espionage to pilfer intellectual property.
"China has economic objectives," Ahlberg says. "Russia wants to show the world they are strong politically. Energy is incredibly important to them [as well]… They also want to sell gas to Western Europe" and oil to other nations, he says.
"There's more of a focus on commodity markets and geopolitical" interests, he notes. (read full article)
posted by: gqjournal
Comments