Feb 19 2025 22 mins 38
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by two Microsoft security researchers to analyze the latest Russian nation-sponsored cyber threat activity. They discuss how Russian threat actors—collectively referred to by Microsoft with the Blizzard suffix—are primarily targeting Ukraine and NATO member states, focusing on espionage, influence operations, and cyber disruption. The conversation covers Russia’s reliance on cybercrime infrastructure, the vulnerabilities of academic and IT supply chains, and the evolving tactics of groups like Secret Blizzard and Seashell Blizzard.
In this episode you’ll learn:
- Why 90% of Russian cyber-attacks target Ukraine and NATO member states
- How Russian threat actors exploit academic identities to infiltrate government networks
- The role of cybercriminal marketplaces in supplying tools and access to nation-state actors
Some questions we ask:
- How does Secret Blizzard leverage infrastructure from other threat groups?
- Is there evidence of collaboration between different Russian cyber groups?
- Why is identity security such a critical factor in cyber defense?
Resources:
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
