Reformed Russian Cybercriminal Warns That Hatred Spreads Hacktivism

Here are highlights of his interview at the WSJ Pro Cybersecurity Forum on Wednesday, edited for clarity. 

How he got into criminal hacking:

“During this time in Russia, there was no law for cyber and at some point I believed I wasn’t committing any crimes. It felt easy.”

The relationship between ransomware groups and the Russian government: 

“If we talk about financially motivated hackers, what happens is directly or indirectly, they know someone from the government and they pass information or help in this or other cases. It doesn’t mean they’re employed [or] it doesn’t mean they’re on a paycheck with the state but there is a connection. Sometimes we see it clear, sometimes not.”

How the war in Ukraine has changed Russian hackers:

“When Russia attacked Ukraine, some groups there declared loyalty to the Russian government. …Those groups, they consist not only of Russian criminals. They consist of former Soviet Union bloc citizens, including [from] Ukraine.”

“I don’t see Russia asking them directly because that’s not what’s really happening. What I see, a lot of groups who made some money with ransomware, they decided to be loyal to the state and create hacktivism. Instead of making money, they create destruction, they develop new ransomware payloads that have no intention to decrypt. That’s malware to disrupt the network, not to ask for ransom. That’s growing, unfortunately. This war caused a lot of hatred on both sides, people just jumping into this boat of hacktivism without thinking of consequences.”

Advice on preventing ransomware attacks:

“We see that almost 50% of attacks start with compromised credentials of the employees, so that’s the angle I suggest everyone to look at. It’s very important for you to learn when your employee is compromised.”

Write to Catherine Stupp at [email protected]