APT29, aka Cozy Bear or the Dukes, is a cyber espionage group whose misdeeds include famously hacking into the DNC servers in the run-up to the 2016 US election. Now, as the subject of MITRE's latest ATT&CK Evaluation, the group is in focus again. The Dukes are familiar to F-Secure's Artturi Lehtio, who extensively researched them in 2015. But hindsight is 20/20, and Artturi joins the show to discuss how his views on the group have changed since his research.  Also in this episode: How APT groups behave after being burned and why the Dukes are different; why calling them a single organization is too strong; and why published APT research has generally dwindled in recent years. Links: Episode 39 transcript The Dukes: 7 Years of Russian Cyberespionage - F-Secure whitepaper MITRE ATT&CK Evaluation: APT29 Operation Ghost - ESET No Easy Breach by Matthew Dunwoody & Nick Carr - DerbyCon 2016 Dukes activity after their "return" in 2016 - Volexity

Ver todos los episodios