When you hear about ransomware attacks and ransom demands, more often than not, it can be traced back to Russian threat actors (or ransomware gangs).
When you hear about intellectual property theft, government hacks and intrusions, more often than not, it's traceable to Chinese threat actors.
Did you ever stop and think...why? Here's our thoughts.
The Language of the Dark Web
The "traditional" dark web market places tend to use English for selling drugs, weapons,
credentials, etc., so they get a wide audience of buyers. The darker communities and their
forums, however, tend to use the native language of the traders. Chinese (both forms) and
Russian dominate these forums, so unless you understand these languages it's not easy to
find your way around. Translation technology is useful here though! They make it possible
for non-native speakers to translate references in order to read them.
Chinese dark web forum and community members gravitate towards a powerful sense of
community and patriotism. They're a group of highly technical people hoping to build a
utopian society based on their shared values. You'll find nation-state threat actors here,
funded and sponsored by the Chinese military, trading code and malware, with a shared goal of stealing intellectual property, intelligence, designs, code, etc., that will benefit China. It's a tight knit group and infiltrating them isn't easy.
...and the Russians
Russians, however, are all about business. There's not much small talk and reputation and
trust are built on successful exploits and financial gains. They actually rate each other,
with lower rated members struggling for breakthrough exploits and higher rated members
gaining status. Just like any market, members and sellers give away discounts, referral
bonuses, and provide customer service. They've been known to help ransomware victims
create accounts to buy and send cryptocurrency, with some even having a call center! For these organized crime gangs, it's all about money.
Want to learn more about how to protect your business from cyber threats? Contact us!