Russian hackers will step up attacks on Western companies in retaliation for sanctions


Until now, Russian cybercriminals have attacked Western companies with almost impunity, and now that Russia is isolated from the world and on the verge of default, cyber attacks on Western companies may intensify.

The West has long called Russia a “paradise” for cybercriminals, and although many hackers claimed to be apolitical, experts do not attach much importance to these statements, since Western companies have always been the main target for their attacks.

According to David Duncan, director of the New York-based information technology company Redpoint Labs, Russian APT groups will now focus on Western companies and companies in NATO countries supporting Ukraine.

“We have observed a temporary lull in cybercrime operations in the United States. This lull is probably due to the fact that Russia used these groups (APT – ed.) to support its (special – ed.) military operation. However, according to my forecasts, these groups will change their focus to Western companies that have imposed sanctions on Russia for its […]. Russia […] and isolated from the whole world. Russia will use all possible means to take revenge on the West,” Duncan told Cybernews.

Cyberattacks are the main source of funding for the nuclear program in the DPRK, and Russia, against which significant sanctions have also been imposed, may follow its example and use cyber extortion and APT groups as the main source of income, the expert believes.

Nevertheless, cybercriminals associated with Russia may face difficulties, since paying them a ransom in the United States will be considered cooperation with persons against whom sanctions have been imposed, and companies that have paid the ransom will face huge fines.

“Non-payment of ransom and violation of sanctions puts these innocent companies in a dead end and is a real headache for their managers,” Duncan said.

According to the expert, the companies that have become victims of hackers will insist that the extortionists are not from Russia. Already, cybercriminals are changing their names and trying to hide their origin in order to increase their chances of getting a ransom.