"Critical Infrastructure Threat as Ransomware Groups Target Enemies of Russia"

According to new research from Accenture, the cybercrime underground has fractured into pro-Ukraine and pro-Russia camps.  The pro-Russia threat actors are increasingly focused on critical national infrastructure (CNI) targets in the West.  The researchers stated that the ideological schism could spell mounting risk for Western organizations as pro-Kremlin criminal groups adopt quasi-hacktivist tactics to choose their next victims.  The researchers noted that some threat actors are exclusively selling their services, such as network accesses, to pro-Russian actors, and some are even extending discounts to pro-Russian actors.  The researchers noted that attacks on CNI had fallen out of favor on the cybercrime underground after high-profile outages at companies like Colonial Pipeline attracted the attention of the U.S. government.  However, according to researchers, threat actors are now likely to feel encouraged to go after such targets as they seek to punish enemies of Russia.  The researchers noted that organizations in the government, media, finance, insurance, utilities, and resources sectors should expect and prepare for more cyberattacks in the future.

Infosecurity reports: "Critical Infrastructure Threat as Ransomware Groups Target Enemies of Russia"