Cybersecurity Secrets, Courtesy of the Russian FSB

Blog Cybersecurity Secrets, Courtesy of the Russian FSB

Cybersecurity Secrets, Courtesy of the Russian FSB

December 9, 2021

Effective cybersecurity depends on understanding the threat: who is attacking a system, what tactics and techniques they are using, and what they hope to accomplish. Security professionals get these answers from a wide variety of sources, but Gregory Crabb used a particularly interesting one—the Russian FSB.

During Owl’s recent event, Elevating the Federal Cybersecurity Discussion, Mr. Crabb, former CISO of the United States Postal Service and now founder of 10-8 LLC cyber consultancy, presented an animated talk on Cybersecurity Secrets for CISOs: Courtesy of the Russian FSB.

Mr. Crabb shared compelling stories about working with an official in Russia’s national security service to track an international crime ring, and the unique insights he gained into Russian security operations and cyber threats in general.

In detailing his experiences, Mr. Crabb shared four lessons he learned from interacting with Russian intelligence and cyber criminals. These lessons have direct bearing on preventing and detecting U.S. critical infrastructure assets:

Influence operations are key in the Russian culture. They regularly apply techniques, tactics and procedures to control those they wish to influence (like the citizenry), and are very good at disinformation.

Supply chains depend on trust, but supply chains are where Russians aim many attacks. The SolarWinds attack should have come as no surprise, nor should the next attack. This reality creates massive urgency for the government to address the imperative of Zero Trust architecture. As Mr. Crabb put it, “Zero Trust can’t be applied 10 years from now. It needs to be applied yesterday.”

Ransomware attacks originating in Russia will continue to be a threat in the long term. The overlap between Russian businessmen, politicians and organized crime figures means that little if anything will be done to mitigate the problem at its source.

Risk management and security operations need to be tuned to understanding the threat. Mr. Crabb emphasized the importance of seeking out information and learning from others, then applying those learnings to our own organizations.

The full presentation is available below. To learn more about how Owl’s hardware-enforced security solutions can enhance Zero Trust architecture and protect critical assets against advanced cyber threats, contact us for a consultation today.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cybersecurity Secrets, Courtesy of the Russian FSB

Cybersecurity Secrets, Courtesy of the Russian FSB

Insights to your Inbox

Recommended Articles

AI’s Role in Defense – Accelerating Decision Dominance in the Next Era of Warfare

Hidden Threats in AI Data: Protecting Against Embedded Steganography

Owl Cyber Defense Featured on Fed Gov Today Television