Adversary Universe Podcast

Inside Russia’s Laboratory of Cyber Operations — and Beyond

Jan 11, 2024

Russian adversary VOODOO BEAR targets Ukrainian telecom provider Kyivstar, using it as a testing ground for cyber attacks. The hosts discuss the disruptive behavior and history of VOODOO BEAR, as well as the broader context of Russian intrusion operations. They explore the tactics and targets of the threat actor group Voodoo Bear, highlighting their involvement in destructive attacks on power infrastructure. The podcast also examines the impact of Russian cyber operations on the world stage and raises questions about the need for reassessment of security programs and partnerships.

41:23

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The recent cyber attack on Ukraine's telecom provider, Kivestar, carried out by Russian military intelligence unit Voodoo Bear, exposes the ongoing conflict and the destructive techniques employed by the adversaries.

The podcast sheds light on the Russian intelligence structure and its three main organizations engaged in offensive cyber operations - FSB, SVR, and GRU - highlighting the tactics and trade craft of Voodoo Bear, a prominent threat actor associated with GRU.

Deep dives

Russian cyber threat actors target Ukraine's telecom provider, Kivestar

The podcast episode discusses the recent cyber attack on Ukraine's telecom provider, Kivestar, carried out by a Russian military intelligence unit known as Voodoo Bear or Sand Worm. The attack resulted in the disruption of data services for millions of mobile and home internet subscribers in Ukraine. The episode explores the motivations behind the attack, which have been a part of the ongoing conflict between Russia and Ukraine. It also delves into the tactics and techniques used by Voodoo Bear, highlighting their history of targeting Ukraine and their involvement in previous disruptive attacks, such as the power outages in 2015 and 2016. The episode points out the significance of the attack on Kivestar and its potential connections to kinetic actions, suggesting a coordinated strategy by the attackers. It also mentions the presence of fake DIVA groups, such as Sultan's PEC, claiming responsibility for the attack. Overall, the episode provides insight into the evolving cyber threat landscape and the need for organizations to assess their defenses and understand the motives and techniques of Russian threat actors.

Introduction

2min

Russian Military Unit Conducts Cyber Attack on Telecom Provider in Ukraine

3min

Overview of Russia's Intelligence Structure and Offensive Cyber Operations

2min

Voodoo Bear: Tactics and Targets

13min

Russian Cyber Operations and Their Impact

20min

Discussion of Show Notes, Future Guests, and CrowdStrike Intelligence

2min

In mid-December 2023, an adversary CrowdStrike tracks as VOODOO BEAR targeted Ukrainian telecom provider Kyivstar, wreaking havoc and disrupting thousands of systems and assets.

The Russia-linked adversary has for years treated Ukraine as its “lab of offensive cyber operations”, testing attack techniques and demonstrating the destructive behavior it has become known for since it emerged in late 2010.

In this episode, Adam and Cristian dive into the details of the recent Kyivstar attack and how it aligns with VOODOO BEAR’s history of disruptive cyberattacks, both in Ukraine and around the world. They also pull back the curtain on the broad, complex history of Russian intrusion operations, shedding light on adversaries operating within the country and what has motivated them over the years.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Adversary Universe Podcast

Inside Russia’s Laboratory of Cyber Operations — and Beyond

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Russian cyber threat actors target Ukraine's telecom provider, Kivestar

Understanding the Russian Intelligence Structure and Offensive Cyber Operations

Strategies for Defending Against Russian Adversaries

The Evolving Nature of Russian Cyber Threats and Implications for Global Security

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Adversary Universe Podcast

Inside Russia’s Laboratory of Cyber Operations — and Beyond

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Russian cyber threat actors target Ukraine's telecom provider, Kivestar

Understanding the Russian Intelligence Structure and Offensive Cyber Operations

Strategies for Defending Against Russian Adversaries

The Evolving Nature of Russian Cyber Threats and Implications for Global Security

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights