Events , RSA Conference , RSA Conference Videos

Cyberattacks: How Russia Intensified Its Ukraine Targeting

Eset's Jean-Ian Boutin Details Russia-Aligned Wiper, Phishing and Ransomware Trends
Jean-Ian Boutin, director of threat research, Eset

When Russia launched its all-out invasion of Ukraine on Feb. 24, 2022, Moscow-aligned hackers who had been targeting the country for the past decade followed suit. "Since the beginning of the conflict, what we saw is really an intensification," said Jean-Ian Boutin, director of threat research at Eset.

See Also: 'Deepfake' Technology: Assessing the Emerging Threat

The firm has been working closely with Ukrainian organizations on defense, in part by tracking the tactics, techniques and procedures being used by Russia-aligned hackers.

Since at least 2014, attackers had been hitting government, finance and other organizations in Ukraine especially hard, and they doubled down on those attacks, Boutin said. When the conflict intensified, those hackers "really used all the prior accesses that they had into organizations to launch these wiper attacks," he said. "So this is something that we still see today: They are trying to use these wipers. The organization will have a hard time to operate normally, because all of their systems have been completely rendered useless."

In this video interview with Information Security Media Group at RSA Conference 2023, Boutin discusses:

  • How ransomware, wipers and phishing attacks are being used by Sandworm and other Russia-affiliated groups;
  • What's surprising about the tactics and targets being used - and also not used - as part of Russian cyber operations;
  • Predictions for how nation-state cyber operations and cyberespionage attacks will evolve.

For 12 years, Boutin has probed malware trends, reverse-engineered binaries and developed effective countermeasures for emerging threats. With almost two decades of industry experience, he also has served as a member of the scientific advisory committee at Smart Cybersecurity Network. He has presented at multiple security conferences, including RSA Conference, Black Hat, REcon, BlueHat, Virus Bulletin and ZeroNights.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.