The report comes on the eve of the Munich Security Conference later this week, where cybersecurity officials will gather to discuss international efforts to defend countries against the growing barrage of cyberattacks, among other security issues.
The new research showed an increasingly blurred line between state-to-state cyber aggressions on the one hand and defending governments and industry organizations against cybercrime on the other. The latter has traditionally been seen as more financially motivated.
Other benefits are that it obfuscates who is behind a hack and that, if an operation using certain malware is discovered, the cost of developing a new tool does not fall with the intelligence agency, researchers said.
As an example, Russia’s notorious military intelligence hacking unit APT44 (also called Sandworm) has used tools acquired from cybercrime gangs to conduct espionage and disrupt Ukrainian war efforts since the beginning of the war in 2022, researchers said.
Crime gangs like CIGAR (also known as RomCom) were found to deploy ransomware to carry out undercover operations against the Ukrainian government, they added.
