In 2020-2021 the Conti and EvilCorp ransomware groups helped Russian intelligence with espionage and possibly a hack-and-leak operation. Could they be contract teams for APT29 itself?
"Skeptics of the Natto Team’s “hybrid ransomware” thesis have raised numerous important questions: Can Russian cybercriminals seriously be receiving direct government tasking? If so, how do they communicate? Or are they improvising based on more diffuse “patriotic entrepreneurialism”?"
These activities were developed and successfully deployed the day before the Russian invasion of Georgia in 2008 and were first tested on the Estonians a year earlier. This was probably Russia's first successful Gray zone cyber operations.
The GRU planned well a head time, developing asset lists and websites to help disseminate how to attack the list. They made it easy enough for everyday citizens to help them develop the battlefield prior to the invasion. There is no doubt that they have continued to develop and refine those capabilities. Great work putting together this series looking forward to more installemnts. Cheers!
"Skeptics of the Natto Team’s “hybrid ransomware” thesis have raised numerous important questions: Can Russian cybercriminals seriously be receiving direct government tasking? If so, how do they communicate? Or are they improvising based on more diffuse “patriotic entrepreneurialism”?"
These activities were developed and successfully deployed the day before the Russian invasion of Georgia in 2008 and were first tested on the Estonians a year earlier. This was probably Russia's first successful Gray zone cyber operations.
The GRU planned well a head time, developing asset lists and websites to help disseminate how to attack the list. They made it easy enough for everyday citizens to help them develop the battlefield prior to the invasion. There is no doubt that they have continued to develop and refine those capabilities. Great work putting together this series looking forward to more installemnts. Cheers!