The WSJ just posted a very interesting article by Nathan Hodge confirming what we have been saying here for the last few years.
Russian President Vladimir Putin suggested in St Petersburg that what he called "patriotic Russian hackers" could have been behind cyberattacks that have soured relations with the U.S. and other countries, adding fresh nuance to his denials that the Russian state was involved.
“If they [hackers] are feeling patriotic they will start contributing, as they believe, to the justified fight against those speaking ill of Russia. Is that possible? In theory, yes. At the government level, we never engage in this,” Putin told international media at an investment conference."
Putin is changing his story about Russian cybercrime
Russian officials up to now have consistently denied being behind any interference with elections in America or European countries. The WSJ said that "Putin's suggestion that Russian hackers may have played a freelance role in election hacking—and his clear implication that such efforts were “justified”—appears to mark a change of narrative for the Kremlin." That is putting it mildly.
Related story: Why All This Russian Cybercrime In Five Minutes
This change in narrative is basically freely admitting that criminal hackers are one of Russia's admitted points of leverage in what Putin feels their asymmetrical cold war against America; the attitude of "anything goes when my defense budget is 10% of that of my adversary." Putin provides air cover for Russian organized cyber crime while they are on their ransomware attack campaigns, as long as they help him shut down a power plant of a former Soviet satellite state or help hack elections with sophisticated phishing attacks.
Email Becomes the Weapon of Choice
Symantec's 2017 Internet Security Threat Report (ISTR) detailed that email has become a dangerous and efficient threat to users: one in 131 emails contained malware, the highest rate in five years. And Business Email Compromise (BEC) scams, relying on spear-phishing emails, targeted over 400 businesses every day, draining 3 billion dollars over the last three years.
if you are not a KnowBe4 customer yet, at times like this, it is very good to know what percentage of your users are vulnerable to social engineering attacks like described above. We recommend you do your free Phishing Security Test and find out what your phish-prone percentage of your users is.
PS, if you do not like to click on buttons with redirects, here is a URL you can cut/paste:
Let's stay safe out there.
Founder and CEO, KnowBe4, Inc.