039| Deconstructing the Dukes: A Researcher's Retrospective of APT29
Cyber Security Sauna05/06/20 • 34 min
APT29, aka Cozy Bear or the Dukes, is a cyber espionage group whose misdeeds include famously hacking into the DNC servers in the run-up to the 2016 US election. Now, as the subject of MITRE's latest ATT&CK Evaluation, the group is in focus again. The Dukes are familiar to F-Secure's Artturi Lehtio, who extensively researched them in 2015. But hindsight is 20/20, and Artturi joins the show to discuss how his views on the group have changed since his research.
Also in this episode: How APT groups behave after being burned and why the Dukes are different; why calling them a single organization is too strong; and why published APT research has generally dwindled in recent years.
Links:
The Dukes: 7 Years of Russian Cyberespionage - F-Secure whitepaper
MITRE ATT&CK Evaluation: APT29
No Easy Breach by Matthew Dunwoody & Nick Carr - DerbyCon 2016
05/06/20 • 34 min
Episode Comments
0.0
out of 5
No ratings yet
eg., What part of this podcast did you like? Ask a question to the host or other listeners...
Post
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/cyber-security-sauna-136085/039-deconstructing-the-dukes-a-researchers-retrospective-of-apt29-6670478"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to 039| deconstructing the dukes: a researcher's retrospective of apt29 on goodpods" style="width: 225px" /> </a>
Copy