Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to threat actors

russian_state_sponsored_actors

Also known asrussian_state_sponsored_actors

The content references Russia as a foreign adversary conducting cyber operations, specifically citing a 2022 Russian-attributed cyberattack against Viasat’s KA-SAT satellite network that disrupted service for tens of thousands of European customers and impacted Ukraine. The material characterizes Russia as part of a broader set of hostile nation-state actors (alongside China, Iran, and North Korea) targeting U.S. and allied interests, including commercial satellite networks and other IT/OT environments. No specific Russian threat actor unit names, aliases, sub-groups, tooling, or detailed TTPs are provided beyond the attribution to Russia for the KA-SAT incident and the general framing of Russia as an adversary in the cyber threat landscape.

Share:
Are they targeting you?

Know when an actor pivots toward your sector

Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.

Start free trial
ACTIVITY FEED

Recent activity

4 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

4 SOURCESView more in app
the record mediaNews
Dec 10, 2025
Senators return to effort to boost cybersecurity for commercial satellite industry

Russian state-sponsored actors are known for conducting disruptive cyberattacks against satellite communications infrastructure, notably the 2022 attack on Viasat’s KA-SAT satellite, which impacted European customers and Ukraine.

Read more
scworldNews
Nov 25, 2025
Note to Congress: we needed to fund cyber yesterday

Russian state-sponsored actors are actively engaged in cyber operations targeting U.S. critical infrastructure, often collaborating with other hostile nation-states and leveraging advanced technologies.

Read more
socradar blogNews
Oct 21, 2025
Top 10 AI Deepfake Detection Tools to Combat Digital Deception in 2025

Russian state-sponsored threat actors are employing AI-generated deepfakes to support cyber operations, including social engineering, phishing, and information warfare.

Read more
scworldNews
Sep 30, 2025
Broadcom fixes three high-severity VMware bugs

Previously exploited VMware vulnerabilities for espionage or cyber operations, particularly those reported by NSA as having national security implications.

Read more
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: sector and geo overlap with your footprint, the IOCs they’re burning right now, detection coverage, and what to do next.
Start free trial
Target overlap

Match sector + geo + tech-stack targeting against your real footprint.

Tradecraft mapping

Every observed MITRE ATT&CK technique, grouped by tactic.

Malware arsenal

Families this actor is known to deploy, with IOCs and behavior.

Exploited CVEs

CVEs this actor has used in known campaigns.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Observables

Domains, IPs, and hashes tied to this actor, refreshed continuously.