InSecurity Podcast: Poking the Bear – Inside Campaign Targeting Russian Critical Infrastructure

Nation-state conflict has come to dominate many of the policy discussions and much of the strategic thinking about cybersecurity. When events of geopolitical significance hit the papers, researchers look for parallel signs of sub rosa cyber activity carried out by state-sponsored threat actors—espionage, sabotage, coercion, information operations—to complete the picture. After all, behind every story may lurk a cyber campaign.

Rosneft is a Russian company which likes to refer to itself as one of the largest publicly traded oil companies in the world. According to the New York Times, it is also a prominent foreign policy tool of the Russian government. More than half of the company is owned by the government, and it serves as a major pillar of critical infrastructure for Russia as well as other neighboring nations.

There are huge sums of money involved in its recent moves for partial-privatization. It also wields incredible domestic and international political power. All of these characteristics make it a highly likely and legitimate target of foreign espionage efforts.

In today’s episode of InSecurity, Matt Stephenson talks with Cylance Directors of Threat Intelligence Jon Gross and Kevin Livelli about their new report: Poking the Bear: Three-Year Campaign Targets Russian Critical Infrastructure. Their research took a look at an Advanced Persistent Threat (APT) campaign which targeted many state-sponsored fuel and agricultural companies, as well as critical infrastructure organizations.

About Jon Gross

Jon Gross is a Director of Threat Intelligence at Cylance.
Other than that, he doesn’t tell us much…


About Kevin Livelli

Kevin Livelli is a Director of Threat Intelligence at Cylance, where he conducts long-term, complex investigations with the Research and Intelligence team.

His work here follows ten years at 60 Minutes, where his investigative reporting and analysis were recognized with Peabody and Emmy awards. Before that, Livelli supervised investigations at the (Read more...)

*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by InSecurity Podcasts. Read the original post at: