In 2020, we launched the OODAcast video and podcast series designed to provide insightful analysis and actionable intelligence to decision makers. In this 100th episode, co-hosts Matt Devost and Bob Gourley review some of the key insights from the series. Matt and Bob also discuss a OODA’s recent assessment of
A recent report revealed several private sector Indian companies that have been involved in using corporate cyber espionage tactics against entities involved in litigation in an effort to influence their outcomes. What started off as a hacker-for-hire situation, quickly bloomed into an organized commercial endeavor for the hacker, who recruited and grew a small group of Indian colleagues to be hired out to private investigators employed by clients involved in lawsuits. The reporting focused on three particular companies (BellTroX, CyberRoot, and Appin), though there are several more of these cyber mercenary groups whose customers have ranged from multinationals to individuals with personal grievances they are seeking to satisfy.
Russia appears to have pursued a cyber playbook that has been written about by many cyber warfare authors with respect to using cyber attacks at the onset of engagement and against what targets. As the new Microsoft report relays, Russia conducted extensive cyber espionage against key Ukrainian targets prior to the invasion. Per Microsoft’s findings, Russia espionage and network penetration has been conducted against 128 organizations in 42 countries allied to Ukraine since the start of the war. Russian cyber actors have been approximately 29% successful, a quarter of which has led to the exfiltration of a target’s data. While the statistic is noteworthy, it doesn’t necessarily codify if this percentage is good (akin to a baseball player’s batting average) or poor and does not take into account if any taken material was critical to Russia’s operational success or not. Nevertheless, the report does confirm what many cyber warfare followers have long maintained – an adversary conducts cyber espionage for network mapping and intelligence collection before, during, and after a conflict.
Since the start of Russia’s invasion of Ukraine, the conflict has spilled into cyberspace with state and non-state actors taking sides and conducting a variety of disruptive operations. Russia state actors have executed eight new types of malware attacks against Ukraine, impacting government, business, financial institutions, and energy organizations, as well as a U.S. satellite communications provider. Ukrainian supporters have equally responded in kind. Notorious hacktivist group Anonymous and Ukraine’s volunteer IT Army have retaliated against Russian government and military entities in kind. They have doxed thousands of Russian soldiers information and even disrupted Belarusian rail lines to slow Russian troop movement. The failure to create a cyber “shock and awe” have led many to believe that Russia might lack the capability to produce one.
Promising Research and Analysis Topics and Projects Emerge from the April 2022 OODA Network Member Meeting
To help members optimize opportunities and reduce risk, OODA hosts a monthly video call to discuss items of common interest to our membership. These highly collaborative sessions are always a great way for our members to meet and interact with each other while talking about topics like global risks, emerging technologies, cybersecurity, and current or future events impacting their organizations. We also use these sessions to help better focus our research and better understand member needs. This month’s call was marked by more than the usual number of follow-up commitments on what were clearly promising ideas and projects with great potential for OODA Loop research and analysis (and are also a bit more time-sensitive than usual due to the crisis conditions in Ukraine).
Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger took to the podium yesterday to announce that U.S. Intelligence continues to investigate the Feb 24th hack of a European satellite company, Viasat, which provides internet connectivity to Europe, including the Ukrainian government and military. In light of this attack, on March 17th the U.S. Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint statement which warned of the “possible threats to U.S. and international satellite communication (SATCOM) networks.”
Guide For Business: Final checks for reducing risks in the face of nation state cyber attacks based on White House advisory
The President has just announced he has indications that the Russians are targeting our national infrastructure for a possible cyberattack, saying all companies should prepare and raise defenses asap.
This is an important announcement that should be taken seriously by all companies in every sector of the economy and by individuals as well.
Cyberwarfare related to the Ukraine-Russia conflict is surging as digital volunteers from around the world enter the fight. The number of cyberattacks being waged by — and on behalf of — both countries since the outbreak of the war is “staggering,” according to the research arm of Check Point Software
This OODAcast is a special edition focused on profiling Russian President Vladimir Putin with Dr. Scott Shumate, who has over 30 years of experience evaluating national leaders, terrorists, spies, and insiders. Scott shares his unique perspective’s on Putin informed by his extensive experience and insight. Is Putin suicidal? Is he a rational actor? Will he escalate to cyber attacks? These questions and more are discussed with Dr. Shumate.
The war between Russia and Ukraine has been widely anticipated to play out online, in addition to on the ground. Moscow’s cyberwar capabilities have long been cause for concern. Russia has a record of coordinating cyber-attacks on the US, Ukraine, and other adversaries. And the country has established itself in