Very briefly about cyber defense.
The enemy and its vassals continued their cyber operations, similar to those observed in the past. No new tactics or methods were detected.
This week, the activity of Russian threat actors in Ukraine mainly had a reconnaissance character.
We’ve seen the attempts to distribute malware such as Ramnit, Agent Tesla, RMS Rat, GuLoader, Remcos Rat, and RedLine Stealer.
But there is an increase in cyberattacks from Russian intelligence services, pro-Russian hacktivists groups and ransomware actors targeting primarily EU and US countries, particularly against government institutions and transportation companies, energy sector. The resent sabotage acts (destructive cyber attacks on critical infrastructure in EU and US, intensified influence operations, arson attack in east London in March etc) demonstrates that Russia is in transition to the next phase of the (cyber)war and is ready to sabotage and terrorist acts not only in cyber and informational space but also in physical world in the democratic countries. This should be a sign for Europe on the eve of UEFA EURO 2024 and Paris 2024 Olympics.
Russian intelligence services continue to enhance their capabilities in cyber operations and hybrid warfare, expanding the number of pseudo-activist groups. On April 3, a new "alliance" called High Society was formed, claiming to unite the efforts of 19 pseudo-hacktivist groups, including "People's Cyber Army reborn" and UserSec.
The war continues!