The Red Square - Mapping the Connections Inside Russia’s APT Ecosystem

Explore the intricate connections within Russia's Advanced Persistent Threat (APT) ecosystem in this 17-minute conference talk from BSidesSF 2020. Delve into Ari Eitan's research study, which outlines the stages of analyzing Russian cyber attacks. Learn about two open-source tools that can be utilized by the information security community for further investigation. Gain insights into the methodology, including sample collection, genetic analysis, and the challenges of naming conventions. Discover various types of connections, theories about the ecosystem, and the presenter's findings. Conclude with an understanding of the second tool presented and its implications for future research in this critical area of cybersecurity.

Introduction
What is a connection
Questions
Public information
Four steps
Collecting samples
No naming convention
Template
Genetic Analysis
Gaffey
Types of Connections
Our Present
Our Disappointment
Theories
The Second Theory
The Second Tool
Conclusion