Cyber-Attackers Politically Aligned

Linn Freedman
Robinson+Cole Data Privacy + Security Insider
Contact
LinkedIn
Facebook
X
Send
Embed

The most recent Accenture Global Incident Report (the Report) shows that cyber-attackers have political views and are divided between support for Russia or Ukraine.

According to the Report, entitled “Global Incident Report: Threat Actors Divide Along Ideological Lines over the Russia-Ukraine Conflict on Underground Forums,” the war between Russia and Ukraine has caused an unusual rift in Russian-language cyber forums (mostly ransomware gangs) between those supporting Russia and those supporting Ukraine.

The rift is highly unusual. According to Accenture, “For the first time, in the more than 10 years that Accenture’s Cyber Threat Intelligence (ACTI) team has been tracking dark web activity, we’re seeing previously coexisting, financially motivated threat actors divided along ideological factions.”

Accenture’s research shows that “Pro-Ukrainian actors are refusing to sell, buy, or collaborate with Russian-aligned actors…and are increasingly attempting to target Russian entities in support of Ukraine. However, pro-Russian actors are increasingly aligning with hacktivist-like activity targeting “enemies of Russia,” especially Western entities due to their claims of Western warmongering.”

The pro-Russian threat actors are targeting Western “resources, government, media, financial and insurance industries.” The pro-Russian culprits include Conti, LockBit, and CoomingProjects ransomware gangs. Since the motivation for ransomware groups is pivoting to politics instead of “opportunistic prospects for financial gain,” this “target switch is leading to a higher threat level for Western organizations.” According to Accenture, this shift poses a significant risk to Western critical national infrastructure.

Accenture’s conclusion is dire: “Having monitored underground forums for more than a decade, ACTI notes that the current split on the underground and the large-scale transitions to an ideological motivation by what were previously financially motivated groups is unprecedented and may bring about far-reaching consequences.”

Accenture provides mitigation tips, including patching vulnerabilities that Conti has used in recent incidents. Accenture’s research can be accessed here.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson+Cole Data Privacy + Security Insider | Attorney Advertising

Written by:

Robinson+Cole Data Privacy + Security Insider
Robinson+Cole Data Privacy + Security Insider
Contact
more
less

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide