I am excited to share that today I sent a new book to the printer titled CYBER GRU: Russian military intelligence in cyberspace. As this title states, it is a book where I delve into the GRU in cyberspace, ended in May and that, after some retouches and a foreword, is being printed to arrive in bookstores, both physical and virtual, in approximately one month. Its almost 400 pages bring together the work of many nights and weekends over the past few months, based on material I had already written about the GRU, including some sections that had already been published on this blog.
To talk about the GRU in cyberspace, first this book introduces basic concepts regarding security, intelligence and defense, as well as cybersecurity, cyber intelligence and cyber defense. Probably, all these concepts are known by those who work in these scopes, but not for everybody, and they are mandatory to understand the rest of the work. In the same way, the book states the basic concepts to understand Russia and its intelligence ecosystem, where state agencies work together with private and public companies, with citizens and even with criminal gangs.
Once the basis has been established, we delve into the GRU, the most obscure Russian, and previously Soviet, intelligence agency, analyzing its organization, structure, mindset… and, particularly, its SIGINT and Information Operations capabilities, the closest disciplines to what it is known as Cyberspace Operations. And, obviously, it is this cyberspace that contains most of the book’s content: the most relevant military units, the main APT groups, the relationships between the GRU and third parties in cyberspace, its tactics and techniques, its arsenal and infrastructure and its main capabilities and operations.
Next, to end this book, the path between intelligence and threat detection is exposed. In this path, attribution is included, and it explains how it is possible to pivot from low-level indicators to a wide knowledge about a threat actor, its goals, its tactics and techniques and its tools. The work is closed with the main conclusions and some personal opinions. Also, some appendices are included, being the main one devoted to the GRU in Spain: what it does, or tries to do, and why. For sure, a politically incorrect appendix.
Before finishing, I would like to publicly thank retired Lieutenant General Rafael COMAS for his kindness in writing the foreword for this work. In addition to the fact that Rafa is an expert in some of the topics of the book, I know that when you deal with thorny issues, it is difficult to find a public figure willing to write some lines for a book, so my gratitude is even bigger.
I hope this work helps to shed some light on the activities in cyberspace of one of the world’s most capable and opaque intelligence agencies. Its publication will be announced shortly. Until then, here is the table of contents.
Leave a Reply