Protecting Against Russian Cyber Attacks In Salina

Mar 14, 2022 2 min read
Protecting Against Russian Cyber Attacks In Salina

An active neighborhood watch group can make your home a safer place. Similarly, your organization can recognize the advantages of belonging to a robust, active, community committed to fighting cybercrime. As a trusted security partner, Overwatch LLC is uniquely positioned to deliver community protection to you as a member of its customer community. Overwatch LLC’s expertise comes from analysts, experts, and incident responders who are constantly scanning and reacting to the latest attacks, geopolitical triggers, and cyber events across multiple countries and industries. Overwatch LLC collects machine, victim, and attacker intelligence, and quickly codifies and shares it with the community based on size, depth, and breadth. Overwatch LLC has the largest base of major breaches, attackers, and attack techniques and patterns, and delivers early detection capabilities that improve protection for every member of the community. As a result, customers in Overwatch LLC’s community - regardless of industry, size, or geography - know what to expect and how we will respond.

Case Study on APT29: Overwatch LLC community protection in action.

In 2021, a law firm with high-profile customers involved in sensitive cases was targeted by a “spear-phishing” email. Because the targeted company was a customer of Overwatch LLC Security Operations Center-as-a-service, Overwatch LLC could collect artifacts and intelligence including the original spear-phishing email. Overwatch LLC analyzed and correlated the evidence to APT29, a Russian-based cyber threat group it had been tracking. APT29 was discovered to have sophisticated custom-developed tools, an extensive command and control infrastructure, and savvy operational know-how. Overwatch LLC correlated the observed activity to an extensive dossier on APT29 to identify their probable next steps. Overwatch LLC then notified the victim and helped them focus their response. At the same time, Overwatch LLC expanded protection against APT29 across its entire customer base. Security and intelligence researchers quickly integrated the new knowledge into deployed Overwatch LLC detection products. Combining years of intelligence about this particular threat actor with characteristics specific to this attack, Overwatch LLC identified a subset of industries that were at particular risk. SOC as Service customers within these industries was placed under heightened attention, received proactive sweeps for threat activity within their environment, and was given threat briefings through their Engagement Managers. The end result was that more Overwatch LLC customers – the community – were protected and quickly recognized indicators and the full scope of any future attacks.

The threat: APT29 •Attribution: Russia-based cyber threat group •Operational profile: Custom-developed tools, extensive C2 infrastructure, savvy operational know-how •Targets: Governments, universities, law firms, news agencies, financial services Learn how to join our community at

Join the conversation

Great! Next, complete checkout for full access to Salina311.
Welcome back! You've successfully signed in.
You've successfully subscribed to Salina311.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.