Two of the most dangerous Russian-language hacker groups over the past year have almost stopped attacking Russian banks and concentrated on foreign banks. Damage from targeted attacks on credit institutions fell by 14 times.
"Until 2018, Russian-speaking groups often attacked banks in Russia and the CIS, but over the past year, this trend has changed. Now the attackers focus mainly on foreign banks and organizations," said experts.
"New hacker groups often start working in their region: this was the case with Cobalt, with Silence in Russia, this is happening now with SilentCards in Africa. Home regions are a testing ground for them. Having worked out the techniques, they move on. For example, the same Russian-speaking groups focused on goals in Asia, Africa, Europe and America," added the representative of Group-IB.
Recall that in the world, according to Group-IB, there are five major hacker groups that hack financial institutions, three of them Cobalt, Silence and MoneyTaker are Russian-speaking.
A representative of Kaspersky Lab confirmed the statement about this trend. He noted that the attackers switched to the countries of Eastern Europe and the CIS, which are less protected.
"But a new generation of hackers will soon grow up who will again attack banks in their homeland," predicts the representative of Group-IB.
Experts have already recorded an increase in the number of Russian-speaking young people who are still engaged in "harmless attacks".
In addition, cyber experts Group-IB identified the most frightening trend of 2019. This is the use of cyberweapons in open military operations. According to the representative of the company, interstate conflicts have now acquired new features and cyber activity has begun to play a key role in this confrontation. Thus, experts found many previously unknown groups sponsored by states.
However, the activities of such hackers can go unnoticed for years. And their actions can destabilize the situation in the states, as well as cause social and economic damage.