Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers

Kleist, Virginia Franke

doi:10.1080/1097198x.2021.1914503

Cited by 8 publications

(9 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…While it is generally difficult to determine the exact costs and damages resulting from a cyber attack on critical infrastructures [38], experts recognise that a defender's ability to timely detect an attack, and recover from it, significantly affects the overall impact of malicious conduct [39], [40]. Therefore, we consider three categories of impact resulting from cyber attacks, based on the impact that such attacks may produce on critical infrastructures:…”

Section: Experimental Designmentioning

confidence: 99%

A Bayesian Network Approach to Hybrid Threat Modelling

Vonk,

Sweijs,

Minicozzi

2024

Preprint

View full text Add to dashboard Cite

Western governments have adopted an assortment of counter-hybrid threat measures to defend against hostile actions below the conventional military threshold. The impact of these measures is unclear because of the ambiguity of hybrid threats, their cross-domain nature, and uncertainty about how countermeasures shape adversarial behaviour. This paper presents a model to simulate the impact of countermeasures on hybrid threat behaviour through a Bayesian Network approach - a probabilistic modelling technique. The model balances the costs of countermeasures, their ability to dissuade the adversary from executing hybrid threats, and their potential to mitigate the impact of hybrid threats. We run 1000 variants of a semi-synthetic scenario simulating the strategic interaction between attacking agent A and defending agent B over a cyber attack on critical infrastructure to explore the effectiveness of a set of five different counter-hybrid threat measures. Counter-hybrid measures range from strengthening resilience and denial of the adversary's ability to execute a hybrid threat to dissuasion through the threat of punishment. Our analysis primarily evaluates the overarching characteristics of counter-hybrid threat measures This approach allows us to generalize the effectiveness of these measures, rather than attributing results to measures individually. In addition, we discuss policy relevance and outline future research avenues.

show abstract

Section: Experimental Designmentioning

confidence: 99%

A Bayesian Network Approach to Hybrid Threat Modelling

Vonk,

Sweijs,

Minicozzi

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…56 E. Kovacs, U.S., Canada, Australia attribute NotPetya attack to Russia, Security Week, 16.02.2018, https://www.securityweek.com/us-canada-australia-attribute-notpetya-attack-russia (dostęp 30.09.2020). formacji dziennikarza A. Greenberga za przeprowadzenie ataku odpowiedzialna jest grupa Sandworm, znana również jako TeleBots 57 lub GreyEnergy, w opinii autora działająca w ramach GRU 58 , czyli wywiadu wojskowego Federacji Rosyjskiej, a wcześniej ZSRR 59 . Podobnego zdania są firma ESET 60 , ukraińska ISSP 61 oraz brytyjskie National Cyber Security Centre (NCSC) 62 .…”

Section: Atrybucja Atakuunclassified

NotPetya – analiza z perspektywy kryminalistyki i polskiego prawa karnego

Słowiński¹

2023

PWK

View full text Add to dashboard Cite

Celem artykułu jest przeanalizowanie ataku cybernetycznego NotPetya pod kątem kryminalistyki oraz polskiego prawa karnego. Omówienie aspektów kryminalistycznych obejmuje charakterystykę technik, taktyk i procedur wykorzystanych przez sprawców do ataku, w tym zastosowanego szkodliwego oprogramowania, oraz wskazanie ofiar wraz z uzasadnieniem ich doboru przez atakujących. Ponadto podkreślono trudności z atrybucją sprawców. Analiza prawna obejmowała wskazanie możliwych kwalifikacji prawnych czynów popełnionych przez sprawców na gruncie polskiego kodeksu karnego. Praca zakończona jest oceną znaczenia ataku i wnioskami de lege ferenda zarówno dla kryminalistyki, jak i prawa karnego.

show abstract

“…What used to require extensive technical skills can now be purchased on dark web marketplaces with crypto-currency. Custom spyware, hacking-for-hire mercenaries, botnets-for-rent and more enable wideranging cybercrimes and surveillance (Greenberg, 2019). Cyber-attacks now come from various motivated actors including [14]:…”

Section: B the Evolving Cyber Threat Landscapementioning

confidence: 99%

Personal Data Protection as a Tool to Fight Cyber Corruption

Gulyamov,

Raimberdiyev

2023

Irshad J. Law and Policy

View full text Add to dashboard Cite

As digital technologies proliferate, personal data vulnerabilities enable new forms of systemic corruption. Robust data protection frameworks are essential safeguards, yet remain underutilized in anti-corruption efforts. This paper analyzes the complex intersection between privacy, cyber-security and corruption. Rapid technological change has led to exponential growth in personal data generation. However, legal and ethical oversight lags behind. Vast troves of user data are harvested, often without full consent or transparency, creating information asymmetries ripe for abuse. Data may be exploited, manipulated, or weaponized to enable digital authoritarianism, cybercrime, discrimination, elite capture, and other corrupt ends. Users lack control over or visibility into data misuse once obtained. Case examples showcase vulnerabilities across sectors. Tighter constraints on data collection, use and sharing, coupled with oversight and accountability measures, can help rein in these risks. While data protection principles increasingly shape global governance frameworks, considerable implementation and enforcement gaps persist. Integrating privacy into anti-corruption programs as a core pillar, alongside transparency and ethics initiatives, is vital to secure the data flows underpinning digital societies against corrupt interests.

show abstract

Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers

Cited by 8 publications

References 0 publications

A Bayesian Network Approach to Hybrid Threat Modelling

A Bayesian Network Approach to Hybrid Threat Modelling

NotPetya – analiza z perspektywy kryminalistyki i polskiego prawa karnego

Personal Data Protection as a Tool to Fight Cyber Corruption

Contact Info

Product

Resources

About