Russian government-sponsored threat actors recently increased their malicious activities[1], which are aligned with Russia’s attack on Ukraine in February 2022.
Russian retaliation for ongoing economic and diplomatic sanctions imposed by many other countries poses a significant risk of further escalation in the cyber sphere. Russian government-sponsored groups are dangerous cyber-actors that are well-resourced and relentless in their attacks, which include espionage, attacks on critical infrastructure, data destruction, and other malicious activities.
To assist our customers, Anomali has released a dashboard focused on Russian-origin actors and Russian cyber activity for ThreatStream users, titled “Russian Cyber Activity.”
The Anomali Threat Research team preconfigured this custom dashboard to provide immediate access and visibility into all known Russian government-related indicators of compromise (IOCs) made available through commercial and open-source threat feeds that users manage on Anomali ThreatStream.
Russian Cyber Activity is focused on seven threat actor groups: Six groups are well-known Russian advanced persistent threat (APT) groups: Berserk Bear, Cozy Bear (APT29), Fancy Bear (APT28), Gamaredon (Primitive Bear), Turla (Venomous Bear), and Voodoo Bear (Sandworm).
Additionally, we’ve included Evil Corp (Dridex, Indrik Spider) group. Although typically financially motivated, its leader is known to work for Russia’s Federal Security Services (FSB) and has conducted cyber operations on behalf of the Russian government.[2]
Anomali customers using ThreatStream, Match, and Lens are able to immediately detect any IOCs present in their environments and quickly consume threat bulletins containing machine-readable IOCs. This enables analysts to quickly operationalize threat intelligence across their security infrastructures, as well as communicate to all stakeholders if and how they have been impacted.
Anomali recently added thematic dashboards that respond to significant global events as part of ongoing product enhancements that further automate and speed essential tasks performed by ..
Support the originator by clicking the read the rest link below.
