Crimicon Valley: Russia’s Cybercrime Underground

Posted: February 24th, 2017

By Ed Cabrera

Ed Cabrera is the Chief Cybersecurity Officer at Trend Micro. He is a 20-year veteran and former CISO of the U.S. Secret Service with experience leading information security, cyber investigative, and protective programs in support of the Secret Service integrated mission. He started his career investigating transnational cybercriminal groups and served on the Presidential Protective Division for President George W. Bush before transitioning to lead cyber forensic operations in support of Secret Service large-scale data breach investigations. He served as the Secret Service Strategic Advisor to the DHS National Cybersecurity & Communications Integration Center (NCCIC) where he led an interagency effort to share real-time actionable threat intelligence with Information Sharing and Analysis Organizations (ISAO) and critical infrastructure partners.

Understanding the Russian criminal underground is essential when discussing Russian proxies in cyberspace. How do cybercriminal entities interact with each other and what is their relationship with the Russian government? The Cipher Brief spoke with Ed Cabrera, the Chief Cybersecurity Officer at Trend Micro and the former Chief Information Security Officer for the U.S. Secret Service, about how the Russian cybercriminal underground functions and the blurry distinction between criminal and state-sponsored activity in cyberspace.

The Cipher Brief: How would you characterize the Russian criminal underground?

“The Cipher Brief has become the most popular outlet for former intelligence officers; no media outlet is even a close second to The Cipher Brief in terms of the number of articles published by formers.” —Sept. 2018, Studies in Intelligence, Vol. 62

Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.

Subscriber+