Understand The Threats To Preemptively Protect Your Organization From Russian And Chinese Cybercriminal Groups

By Naomi Yusupov and Delilah Schwartz

The cybercriminal communities in Russia and China have emerged and evolved as a result of their respective regional cultures and circumstances. Understanding the underlying motives, dependencies, characteristics, and moda operandi of each community is critical in order to truly discern the threats they pose, and to preemptively prepare for the manner in which these threats could potentially evolve.

While these two ecosystems have historically remained separate, recently, the Russian and Chinese cybercriminal worlds seem to have collided in a fledgling alliance, with Russian-speaking dark web forums adapting their platforms to make them accessible to Mandarin- and English-speaking users, and Russian threat actors actively seeking to collaborate with their Chinese counterparts. Given Russian-speaking cybercriminals’ sophistication and their constantly evolving modus operandi, the transfer of this knowledge to Chinese threat actors is especially concerning.


Download the report to learn what this collaboration might mean to the cyber threat landscape:

  • China’s cybercriminal community is dedicated to its own, helping one another to build a stronger, more experienced Chinese hacking collective.
  • Russian cybercriminals are highly advanced, ruthless, and motivated by one thing above all else – money.
  • Russian-speaking forums and marketplaces on the deep and dark web are focused on organizing and classifying communications based on level of expertise and area of activity.
  • Due to the strict internet restrictions imposed by their government, the Chinese cybercriminal underground exists in two parallel arenas: on the clear web and Chinese-language dark web platforms.