Threat profileRussian Federation

The Russian Federation's cyber activity can be subdivided into that of state-sponsored APTs and Organized Crime Groups (OCGs). Its state-sponsored units are highly advanced, mature and professionally integrated into its main intelligence services. Next to that, it houses a wide range of proxies and OCGs and cleverly uses such groups for capability development and talent recruitment. The OCGs are primarily concerned with financial gain and ransomware in particular. Russian OCGs dominate the ransomware business, with the vast majority operating from Russian soil

Request a free membership to access our full research insights

  • Strategic motives: Espionage, information theft, disruption, financial gain
  • Strategic goals: Dominating information warfare
  • Cyber capabilities: ★★★★☆
  • Number of known cyber operations: ★★★☆☆
  • Number of APTs: 74

Top-10 Actors

By amount of Operations

Russian APTs

OUR OBSERVATIONS

0

Advanced Persistent Threats (APTs)

0

Tactics, Techniques & Procedures (TTPs)

0

Attack tools

SWOT analysis

Strengths, weaknesses, opportunities & threats

Strengths

  • Multiple intelligence agencies with offensive cyber capabilities
  • Large arsenal of proxy groups and independent patriotic hackers that contribute to advancing the state’s interest through cyberspace
  • Presence of cyber capabilities to target cyber-physical assets
  • Highly professionalized Russian OCGs dominating the ransomware landscape

Weaknesses

  • Lagging behind in information technologies
  • Fewer financial resources to invest in cyber than other cyber powers (US and China)

Opportunities

  • Using cyber as a means of hybrid warfare against Western influence (mis)using the factor of 'plausible deniability'
  • Use of OCGs to develop cyber capabilities and for recruitment to cyber intelligence units
  • Gathering strategic intelligence on targets situated in the US, East & Western Europe
  • Freedom for OCGs to operate from Russian soil without risking prosecution

Threats

  • Continuing target for foreign APTs
  • Targeted sanctions by the US in reaction to Russian cyber operations

Interested in our fully detailed country analysis?

Learn more about our threat research?

Get in touch