As a result of the war between Russia and Ukraine: will we see more or less online crime? Digital isolation and economic sanctions could reduce or increase Russia's contribution to global cybercrime. An assessment by Chester Wisniewski , Principal Research Scientist, Sophos.
There is growing speculation in the cybersecurity community about how Russia's military offensive against Ukraine could impact online crime. Russia is becoming increasingly isolated, both by Russia itself and by foreign companies going out of business with the federation. The isolation is not only economic, but also digital in nature. Two major Internet backbone operators have stopped routing traffic in and out of the Russian Federation, and Russia's internal censorship apparatus blocks access to many Western services.
Cybercrime is a global business
There is no doubt that many cybercriminals operate out of the Russian Federation, but most groups are by no means exclusively Russian. Cyber criminals have been arrested from all over the world, including Canada, the United States, Latvia, Germany, and even Ukraine. Cybercrime is a truly global business.
Even groups with Russian members, like the recently hacked Conti ransomware gang, rarely have their infrastructure located in Russia. These groups use proxies, Tor, and virtual private server infrastructures hosted in Europe, North America, and Asia. Even if Vladimir Putin decides to flip the "Internet kill switch," it's unlikely that it will actually stop much of this activity. It is more likely that it only temporarily hinders cyber criminals' work.
Qualified unemployment or the dark side of power
Indeed, if Russia stays online, we could see an increase in malicious cyber activity as skilled workers become unemployed within Russia's borders in an increasingly flagging economy.
Most member states of the Commonwealth of Independent States (CIS) have traditionally had strong computer science education offerings, resulting in a highly skilled workforce with limited legal employment opportunities.
Recently, many have sought well-paid contract work for Western companies, while others have turned to cybercrime. As IT contract work dries up, more technology professionals could turn to the dark side to make ends meet. A ransom payment in Bitcoin unhindered by sanctions goes a long way.
It's up to us
The reality we must face is that it is up to us to protect our users, networks and data. Ransomware and other forms of online crime will not go away even if we disrupt the ability of one of our most potent adversaries to communicate across the free and open Internet.
Online crime is global, and cryptocurrencies are intentionally not easily controlled, so with or without Russia's involvement, these activities will continue to grow. The best time to update security strategies is always the same. And now.
More at Sophos.com
About Sophos More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.