Unveiling Digital Miscreants: The Identities of Cyber Criminals Targeting Russian Businesses and Strategies to Escape their Digital Traps
In the ever-evolving digital landscape, state-owned enterprises and the energy sector remain attractive targets for hacktivists and groups backed by unfriendly states. These attacks can range from disruptive DDoS attacks and spamming to more sophisticated operations aimed at financial gain or espionage.
Russian government-linked hackers, such as those from the Federal Security Service (FSB) Center 16, often choose targets based on their strategic interest to the Russian government. Telecommunications, manufacturing, and education sectors worldwide, with a significant focus on Ukraine and its allies, are common targets. These actors aim to conduct reconnaissance and gain access to critical infrastructure, often exploiting vulnerabilities in networking equipment to support military and intelligence objectives.
On the other hand, hacktivist groups opposing Russian authorities, like Belarusian Cyber Partisans and Silent Crow, attack major Russian state institutions and corporations primarily as a political statement or to cause disruption. Their motives include retaliation against repressive state apparatus and highlighting vulnerabilities in Russian institutions by leaking data and causing operational damage without demanding ransom.
During conflicts such as Russia’s war with Ukraine, Russian hackers emphasize military advantage by targeting communication infrastructure, government websites, and defense industry entities. This cyber orientation supports broader disinformation campaigns and kinetic military actions.
For Ukrainian and allied hacker groups, the motivations are principally counteroffensive defense, intelligence gathering, and undermining Russian operations. They target Russian databases holding millions of records, medical data, and other sensitive information as forms of resistance.
Revealing security architecture details to insurance companies is undesirable due to the risk of expanding the perimeter of trust. Other notable cyberattacks include the breach of the largest oil transportation system in the U.S., Colonial Pipeline, in 2021, the hack of Bybit cryptocurrency exchange in February 2021, and the hack of the SCADA system of a major oil and gas company in Saudi Arabia in 2012.
In summary, the choice of targets by hackers related to Russia revolves around political, military, and strategic value, with attackers motivated by government-directed espionage and disruption, retaliatory hacktivism, and war-related cyber operations. Identifying phishing websites can be simple by checking for gibberish in the address bar or slight misspellings of official resources. It's advisable to use complex and unique passwords for different resources and to use two-factor authentication.
However, the demand for information risk insurance is growing but not at a significant pace due to numerous restrictions. The cost of insuring against fraud for individuals can range from 499 rubles per month to tens of thousands of rubles per year. Cybersecurity insurance might not be cost-effective due to the low risk of significant reputational damage and relatively low fines for data leaks in Russia.
Cybercriminals are expected to increase attacks in the near future, particularly on service industries and small companies. Small businesses, freelancers, and employees without cybersecurity knowledge are ideal targets for hackers. Clicking on links, even from friends, should be avoided unless specifically asked for.
In July 2025, hackers attacked at least five Russian companies unrelated to these sectors, including "Aeroflot", "Vinlab", "Stolichki" and "Neofarm" pharmacy chains, and "Family Doctor" clinic. High-profile cyberattacks around the world include the hack of RSA in 2011, the hack of Garmin in 2020, and the SolarWinds hack in the same year.
In conclusion, as the digital world continues to evolve, it's crucial for businesses and individuals to prioritize cybersecurity measures, invest in employee training, and stay vigilant against potential threats.
- Due to their strategic importance, state-owned enterprises and the energy sector, often associated with financial gain or espionage, remain attractive targets for Russian government-linked hackers.
- Cyberattacks in the future are likely to increase, especially against service industries and small companies, as cybercriminals seek vulnerable targets such as small businesses, freelancers, and employees without extensive cybersecurity knowledge.
- In the realm of cybersecurity insurance, while there is growing demand, the cost-effectiveness is often questionable due to the low risk of significant reputational damage and relatively low fines for data leaks in Russia.
