Threats from China and North Korea in new data from Solar.
According to the latest data from Solar, in 2023, a significant number of cyber attacks on Russian organizations came from the Asian region, in particular from hacker groups from China and North Korea. These attacks were most often aimed at cyber espionage and data theft, mainly from the telecommunications sector and Russian state services.
The Lazarus group from North Korea demonstrated activity on the territory of the Russian Federation, attacking, among other things, state authorities. According to information from September 2023, from 20 to 40 systems of Russian organizations were infected daily, and the activity of intruders decreased only a month after they were discovered by security vendors.
The most serious threat to Russian organizations turned out to be APT groups (Advanced Persistent Threat), among which Chinese groups were particularly prominent. They pursued the goals of cyber espionage and data theft, and their main victims were the telecom industry and the public sector.
There was an increase in the number of incidents with devastating consequences for organizations in the Russian Federation. In addition, most of the incidents under investigation were related to cyber fraudsters who encrypted, stole and resold data. Cyber hooligans who conduct DDoS attacks and deface sites were also active, but their share decreased in 2023 compared to the previous year.
Solar Group experts predict that in 2024 the volume of cyber attacks by advanced groups will continue, and an increase in the number of incidents with destructive consequences is expected. It is also predicted that hackers will start using Russian software to penetrate software vulnerabilities.
Experts note that in the cyberspace of Russia there are not only Asian hackers, but also groups associated with Western countries. According to the National Center for Coordination of Computer Security Incidents in Russia, Western countries also actively coordinate the activities of hackers aimed at finding vulnerabilities in Russian systems and stealing sensitive data.
According to the latest data from Solar, in 2023, a significant number of cyber attacks on Russian organizations came from the Asian region, in particular from hacker groups from China and North Korea. These attacks were most often aimed at cyber espionage and data theft, mainly from the telecommunications sector and Russian state services.
The Lazarus group from North Korea demonstrated activity on the territory of the Russian Federation, attacking, among other things, state authorities. According to information from September 2023, from 20 to 40 systems of Russian organizations were infected daily, and the activity of intruders decreased only a month after they were discovered by security vendors.
The most serious threat to Russian organizations turned out to be APT groups (Advanced Persistent Threat), among which Chinese groups were particularly prominent. They pursued the goals of cyber espionage and data theft, and their main victims were the telecom industry and the public sector.
There was an increase in the number of incidents with devastating consequences for organizations in the Russian Federation. In addition, most of the incidents under investigation were related to cyber fraudsters who encrypted, stole and resold data. Cyber hooligans who conduct DDoS attacks and deface sites were also active, but their share decreased in 2023 compared to the previous year.
Solar Group experts predict that in 2024 the volume of cyber attacks by advanced groups will continue, and an increase in the number of incidents with destructive consequences is expected. It is also predicted that hackers will start using Russian software to penetrate software vulnerabilities.
Experts note that in the cyberspace of Russia there are not only Asian hackers, but also groups associated with Western countries. According to the National Center for Coordination of Computer Security Incidents in Russia, Western countries also actively coordinate the activities of hackers aimed at finding vulnerabilities in Russian systems and stealing sensitive data.
