Dec 14, 2018
Poking the Bear: Three-Year Campaign Targets Russian Critical Infrastructure
34 min

Poking the Bear: Three-Year Campaign Targets Russian Critical Infrastructure

Nation-state conflict has come to dominate many of the policy discussions and much of the strategic thinking about cybersecurity. When events of geopolitical significance hit the papers, researchers look for parallel signs of sub rosacyber activity carried out by state-sponsored threat actors—espionage, sabotage, coercion, information operations—to complete the picture. After all, behind every story may lurk a cyber campaign.

Rosneft is a Russian company which likes to refer to itself as one of the largest publicly traded oil companies in the world. According to the New York Times, it is also a prominent foreign policy toolof the Russian government. More than half of the company is owned by Moscow and serves as a major pillar of critical infrastructure for Russia as well as other neighboring nation states.

Rosneft is a large company with a very wide reach. It plays a massive role in Russian critical infrastructure as well in surrounding countries. There are HUGE sums of money involved in its privatization. It also wields incredible domestic and international political power. All of these characteristics made it a highly likely and legitimate target of foreign espionage efforts.

In today’s episode of InSecurity, Matt Stephenson talks with Cylance Directors of Threat Intelligence Jon Gross and Kevin Livelli about their new report: Poking the Bear. Their research team took a look at an Advanced Persistent Threat campaign which targeted many state-sponsored fuel and agricultural companies as well as critical infrastructure organizations.

About Jon Gross

Jon Gross is a Director of Threat Intelligence at Cylance. Other than that… he doesn’t tell us much 

About Kevin Livelli

Kevin Livelliis Director of Threat Intelligence at Cylance, where he conducts long-term, complex investigations with the Research and Intelligence team. His work there follows ten years at 60 Minutes, where his investigative reporting and analysis were recognized with Peabody and Emmy awards. Before that, Livelli supervised investigations at the nation’s largest independent police oversight agency. A graduate of Dartmouth, he earned master's degrees from Trinity College Dublin and Columbia University. 

About Matt Stephenson

Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV

Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come

Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.

Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as

ThreatVector InSecurity Podcasts:

iTunes/Apple Podcasts link:

GooglePlay Music link:

Make sure you Subscribe, Rate and Review!

More episodes
Clear search
Close search
Google apps
Main menu