Second #cybertracker for 2023
A quick reminder: The Cybertracker I produce for the Russia-Ukraine war is based on Intent of the threat actors, not capability.
I will start this with an apology, I have had many reach-out to ask when the next cybertracker would be released as I missed March and April for updates.
To all those waiting my apologies, hopefully the May edition provides the insights and information you need. I will have likely missed something as it gets harder and harder for one person to monitor the whole situation, if you see anything that should be added please reach out — either via email or Twitter DM.
Some notes from the 23rd cybertracker:
- pro-Russian groups continue to outnumber pro-Ukraine (that does not include impact of attacks — purely groups numbers)
- Pro-Russian groups continue to seek improved capabilities to match their high intent.
- Increased shift into cyber-crime for pro-Russian groups.
- Killnet now has access to Titan Stealer and a new botnet — Tesla botnet — expect improved attack capability from them.
- AS Sudan continues to shift away from geopolitical motivations to religious motivations.
- noname057(16) would be the most active of all the pro-Russian groups.
- pro-Ukraine groups continue to be smaller in number due to 2 reasons. 1, IT Army Ukraine is well organized and accounts for a large amount of people who would support Ukraine in hacktivist activities. 2, many Anonymous affiliate groups continue to operate on other targets and don’t exclusively target Russia.
For live updates on the ongoing Russia-Ukraine war cyber events please follow — https://twitter.com/Cyberknow20