Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Russian Cyber Espionage Under The Microscope
Newest First  |  Oldest First  |  Threaded View
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
11/24/2014 | 4:02:58 PM
Re: They have capacity
So true, @ODA155. How could we forget The Russian Business Network? 
ODA155
50%
50%
ODA155,
User Rank: Ninja
11/24/2014 | 3:41:29 PM
Re: They have capacity
@Kelly Jackson Higgins,... I believe the Russians have always been better at Cyber-theft espionage than the Chinese, remember The Russian Business Network (or RBN) from the early-mid 2000's when people in Russia were learning all about capitalism and the "free market"? The Chinese on the other hand are relatively new to the game but because of their large HUMINT capabilities were able to catch up quite quickly. The Russians have only recently turned their skills into cyber-spying, which they probably have\had an edge there too. But I think as with most things Russian it's all about money and China it's about the state.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/21/2014 | 2:04:38 PM
Re: Coordination is clearly in the realm of the possible
Unless news organizations are wrong, most recent attacks have somehow related to the word "Russian", there will certainly be overlap on certain attacks.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
11/21/2014 | 2:02:52 PM
Re: They have capacity
Security researchers are saying they see Russia as more sophisticated in its cyber espionage than China. It may not be as pervasive as China, but it's definitely active and more stealthy.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/21/2014 | 2:02:16 PM
Re: Coordination is clearly in the realm of the possible
It may even be that case that other nationalities helping the hackers in Russia. The recent security breach is around web cams, there is tons of work to be done to capture it and present it in a web site.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/21/2014 | 1:59:54 PM
They have capacity
 

The more the Russian government is isolated the more aggressive they would get. I am not suggesting that government is involved but followers would be my best guess. Russians have pioneered many technological advancement especially in the space industry, they for sure have capabilities to orchestrate an attack.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
11/21/2014 | 1:30:40 PM
Re: Coordination is clearly in the realm of the possible
@Charlie, there has been a lot of speculation and some signs that there is overlap. Here's a recent example w/attacks on Ukranian targets: 

http://www.darkreading.com/russian-cyberspies-hit-ukrainian-us-targets-with-windows-zero-day-attack/d/d-id/1316592?

Greg Hoglund of Outlier Security told me he has seen multiple casees of overlap between the two worlds:

"I had one case two years ago where there was a Zeus bot infection, and they [the victim organization] dismissed it as common malware," Hoglund says. "We examined the bot, and it had XLS, DOC, and all types of extensions specially [built] in plugins to grab those intellectual property documents. It was stealing [their] IP."
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Ninja
11/20/2014 | 9:12:18 PM
Coordination is clearly in the realm of the possible
I doubt if the skills of the underground in Russia have gone unnoticed by officials above ground. I suspect there are some very high paying jobs for the enterprising and skilled malware writers in the underground. Above ground, they stick to the KGB method of operations, inventive in its own way at least where the truth is concerned, but not keeping up the same way.


Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
7 SMB Security Tips That Will Keep Your Company Safe
Steve Zurier, Contributing Writer,  10/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: The old using of sock puppets for Shoulder Surfing technique. 
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8216
PUBLISHED: 2019-10-17
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .
CVE-2019-8217
PUBLISHED: 2019-10-17
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-8218
PUBLISHED: 2019-10-17
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .
CVE-2019-8219
PUBLISHED: 2019-10-17
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-8220
PUBLISHED: 2019-10-17
Adobe Acrobat and Reader versions, 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .