International security agencies brace for Russian state-sponsored hacks

Fancy Bear is coming to eat your network

Ever since Russia launched its invasion of Ukraine earlier this year, there has been a cascade of consequences felt around the world. The people of Ukraine have suffered some devastating losses in their home country, but global fallout is affecting everything from gas prices to Netflix's stock performance. While many of us have remained relatively insulated from the nastiest components of Putin’s aggression, some new warnings suggest we should all be worried about a possible wave of Russian-sponsored cyberattacks.

An alert issued by the Cybersecurity & Infrastructure Security Agency is warning of increased cyberattacks against critical infrastructure in Australia, Canada, New Zealand, the UK, and the US. The warning advises companies to prepare for “destructive malware, ransomware, DDoS attacks, and cyber espionage.”

As much as we love to hate Russian hacker groups, the alert has a pretty good rundown of some of their awesome names: there's Berserk Bear with the FSB, Fancy Bear (aka Iron Twilight) with GRU military intelligence, or Voodoo Bear (Iron Viking) for the GRU’s Center of Special Technologies. The whole alert could almost be used as the inspiration for a (cyber) bear-themed D&D campaign.

This warning is also a good reminder to examine the security of your phone. Ransomware (74% of which is tied to Russian groups) gets most of its money from large institutions, but also affects private citizens — no one wants to help finance the Russian military machine because they sideloaded a sketchy Candy Crush clone. Phones are also increasingly being used as nodes in botnets for DDoS attacks. Thankfully, the risks from both these scenarios can be mitigated by following basic security protocols. Stay safe out there!