The "Big Four": Spotlight on Russia

Eye on Security,
Episode 69
Apr 11, 2021
2 min read

We are wrapping up our “Big Four” series with a country that has been one to watch for quite some time: Russia. And who better to join me for this episode than our Vice President for Mandiant Threat Intelligence, John Hultquist. We started off this episode discussing how Russian cyber threat activity evolved to what we know today, from the days of Moonlight Maze and Agent.BTZ. We then shifted the conversation to some of the most notable Russian threat groups and the difficulties of assigning attribution at the organizational sponsorship level. While many APT groups from the “Big Four” may blend together various types of threat activity, Russia has utilized a particularly interesting mix of cyber espionage, information operations, and disruptive attacks over the years. John brought up many notable Russian incidents, including: the Olympics, the Ukrainian power grid, the targeting of elections, and the SolarWinds supply chain breach. We also discussed some of the challenges in communicating threat intelligence to both customers and wider audiences. To cap off the series, John delved into how organizations should think about not only Russian threat activity, but the operations and campaigns from North Korea, Iran, and China. You can stay ahead of threat actors like those from the “Big Four” by joining Mandiant Advantage Free where you’ll have access to up-to-the-minute threat intelligence: http://feye.io/MA