Russian APT28
We tend to focus our attention on Chinese APT cyber threats for good reason -- they tend to be more overt and focus on American business interests. But we should not lose sight of the fact that Russian cyber skills are just as good (perhaps even better) than Chinese ones.
Published by The Lawfare Institute
in Cooperation With
We tend to focus our attention on Chinese APT cyber threats for good reason -- they tend to be more overt and focus on American business interests. But we should not lose sight of the fact that Russian cyber skills are just as good (perhaps even better) than Chinese ones. And now, FireEye has reminded of of this fact with their new report on a Russian operation they dub APT28. From the Executive Summary:
The activity that we profile in this paper appears to be the work of a skilled team of developers and operators collecting intelligence on defense and geopolitical issues – intelligence that would only be useful to a government. We believe that this is an advanced persistent threat (APT) group engaged in espionage against political and military targets including the country of Georgia, Eastern European governments and militaries, and European security organizations since at least 2007. They compile malware samples with Russian language settings during working hours consistent with the time zone of Russia’s major cities, including Moscow and St. Petersburg. While we don’t have pictures of a building, personas to reveal, or a government agency to name, what we do have is evidence of long-standing, focused operations that indicate a government sponsor – specifically, a government based in Moscow.
Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.