We are wrapping up our “Big Four” series with a country that has been
one to watch for quite some time: Russia. And who better to join me
for this episode than our Vice President for Mandiant Threat
Intelligence, John Hultquist.

We started off this episode discussing how Russian cyber threat
activity evolved to what we know today, from the days of Moonlight
Maze and Agent.BTZ. We then shifted the conversation to some of the
most notable Russian threat groups and the difficulties of assigning
attribution at the organizational sponsorship level. While many APT
groups from the “Big Four” may blend together various types of threat
activity, Russia has utilized a particularly interesting mix of cyber
espionage, information operations, and disruptive attacks over the
years.

John brought up many notable Russian incidents, including: the
Olympics, the Ukrainian power grid, the targeting of elections, and
the SolarWinds supply chain breach. We also discussed some of the
challenges in communicating threat intelligence to both customers and
wider audiences. To cap off the series, John delved into how
organizations should think about not only Russian threat activity, but
the operations and campaigns from North Korea, Iran, and China.


You can stay ahead of threat actors like those from the “Big Four” by
joining Mandiant Advantage Free where you’ll have access to
up-to-the-minute threat intelligence: http://feye.io/MA