Our website uses cookies to enhance your browsing experience.


Bear Hunting: History and Attribution of Russian Intelligence Operations

Learn about the history of Russian intelligence influence operations and the cyber actors implementing them today.

In June 2016, CrowdStrike exposed unprecedented efforts by Russian intelligence services to interfere in the U.S. election via the hacking and subsequent leaking of information from political organizations and individuals. Election manipulation was not a new activity for the Russians - they have engaged in these influence operations consistently for the better part of the last two decades inside and outside of Russia.

In this CrowdCast, CrowdStrike experts Adam Meyers, VP of Intelligence, and Dmitri Alperovitch, Co-Founder & CTO, will provide a detailed overview of the history of Russian intelligence influence operations going back decades and provide a deep dive overview of various BEAR (including FANCY BEAR AND COZY BEAR) intrusion sets and their tactics, techniques and procedures (TTPs). They will also discuss the considerable attribution evidence that CrowdStrike has collected from a variety of investigations into their operations and lay out the case for the Russian government connection to these hacks.

On December 22nd, CrowdStrike publicly released a report on the Use of Fancy Bear Android Malware in Tracking of Ukrainian Field Artillery Units. Download the full report now and read the latest blog: Tracking of Ukrainian Field Artillery Units.