039| Deconstructing the Dukes: A Researcher's Retrospective of APT29

APT29, aka Cozy Bear or the Dukes, is a cyber espionage group whose misdeeds include famously hacking into the DNC servers in the run-up to the 2016 US election. Now, as the subject of MITRE's latest ATT&CK Evaluation, the group is in focus again. The Dukes are familiar to F-Secure's Artturi Lehtio, who extensively researched them in 2015. But hindsight is 20/20, and Artturi joins the show to discuss how his views on the group have changed since his research.  Also in this episode: How APT groups behave after being burned and why the Dukes are different; why calling them a single organization is too strong; and why published APT research has generally dwindled in recent years. Links: Episode 39 transcript The Dukes: 7 Years of Russian Cyberespionage - F-Secure whitepaper MITRE ATT&CK Evaluation: APT29 Operation Ghost - ESET No Easy Breach by Matthew Dunwoody & Nick Carr - DerbyCon 2016 Dukes activity after their "return" in 2016 - Volexity

Om Podcasten

Cyber Security Sauna brings you expert guests with sizzling insight into the latest information security trends and topics. WithSecure's Janne Kauhanen hosts the show to make sure you know all you need to about the hotter-than-ever infosec game. Join us as we sweat out the hot topics in security.