Of 62 new crypto ransomware families, 47 can be attributed to Russian-speaking actors. Does the source of an attack matter?
Mike Ahmadi, global director for critical security systems at Synopsys quoted a bit of Sun Tzu at us with, “It is said that if you know your enemies and know yourself, you will not be imperilled in a hundred battles.” His point, and Ahmadi’s, being that ‘knowing who your enemies are empowers you with the knowledge of how well resourced they may be, how motivated they may be, and potentially why they are attacking you in the first place.’
Most others we spoke to agreed that the Kaspersky report, and others, are interesting. “A lot of the C&C infrastructure is based in Russia, this is in part down to the Russians’ relaxed attitude to hosting the fast fluxing and dynamic hosting environments needed by hackers” says Simon Edwards, European cyber-security architect at Trend Micro who continues “but in terms of how important attribution is to companies, I would say in most circumstances not at all.”