Russian cyber experts' advanced capabilities are downplayed by threat hunters

In the midst of Russia's invasion of Ukraine, the country's cyber defenders have demonstrated an unprecedented level of sophistication and resilience, according to Sandra Joyce, EVP and head of global intelligence at Mandiant.

Despite Russia's cyber activities in Ukraine, the impact has been surprisingly limited, as noted by Joyce. This resilience is something that U.S. organizations could learn from, according to Dmitri Alperovitch, cofounder of CrowdStrike and executive chairman of the Silverado Policy Accelerator.

Ukrainians have shown remarkable resilience amidst the chaos of war. They have been able to rebuild their networks with backups ready to go within hours, a feat that most U.S. organizations would struggle with, taking weeks to recover from a similar attack and facing serious consequences during that downtime.

The Ukrainian cyber defenders have thwarted more damaging attacks under hostile conditions and a constantly shifting technical landscape. This includes routinely enduring blackouts, shelling, locked IP addresses, and setting up operations in bomb shelters.

One of the most significant successes for Russia was the cyberattack against Viasat's KA-SAT management network during the first hours of the invasion. The attack blocked the Ukrainian military's ability to communicate in the initial days, according to Dmitri Alperovitch. However, the gain from this attack was short-lived, as the White House and federal cybersecurity authorities continue to caution organizations to remain vigilant.

Attorney General Merrick Garland has pointed to the Russian government's use of similar infrastructure to attack Ukrainian targets. In a strategic move, the Department of Justice disrupted the state-backed Russian botnet Cyclops Blink in April.

Despite tactical successes in Ukraine, Russia has failed to turn those into potentially more devastating campaigns, according to Dmitri Alperovitch. This lack of foresight and planning in Russia's cyber activities has been evident since it invaded Ukraine more than 100 days ago.

As the world watches the ongoing conflict, corporate stakeholders are increasingly seeking to understand the risk calculus of their technology stacks, asking the question: Are we a target? Ukraine, prepared following eight years of Russian cyberattacks, including NotPetya ransomware and the Bad Rabbit variant strain, serves as a reminder of the importance of being prepared.

The search results do not provide specific information about which companies or organizations were affected by the Russian cyberattack on Viasat's KA-SAT management network during the invasion of Ukraine. However, the repeated resiliency showcased by Ukraine's cyber defenders is a testament to the power of preparation and adaptability in the face of adversity.