Unique Presentation Identifier:
V12
Program Type
Graduate
Faculty Advisor
Wendi Kappers
Document Type
Poster
Loading...
Location
Online
Start Date
29-4-2025 8:00 AM
Abstract
Russian cyber-espionage groups have a focus on western-countries such as the United States and has multiple state-sponsored cyber espionage groups such as Advanced Persistent Threat (APT) 29, also known as Cozy Bear. Since 2008, Cozy Bear has spearheaded multiple high-profile, and destructive attacks against U.S. organizations and government This poster will analyze Cozy Bear’s cyberattack tactics, techniques, and procedures through U.S. based case studies and proposes recommendations on how to prepare for future cyber-attacks. This research paper will focus on five major incidents that occurred in the United States, the 2014 U.S. government email breaches, the 2016 Democratic National Committee (DNC) breach, 2020 cyber-attack on COVID-19 vaccine research, the 2020 SolarWinds Supply Chain Compromise, and the 2024 Microsoft Corporate email breach. Each case will go through the background of the attack, tactics and techniques used to breach the organization’s system(s). The attacks cause significant damage to organizations including intellectual theft, reputational damage, monetary losses, and compromised national security. Based on the similarities of strategies used in the various attacks the study will offer recommendations for preventing future attacks which includes cybersecurity training and awareness for employees, staying up to date threat intelligence, continuous threat monitoring, and enhancing identity and access management (IAM). Public and Private sectors in the United States must adopt proactive cybersecurity practices so they can effectively defend against Cozy Bear and other advanced persistent threats (APT).
Recommended Citation
Sierra, Wendy M., "Cozy Bear Understanding Cyber Espionage Strategies Against the United States for Future Cybersecurity Preparedness" (2025). ATU Student Research Symposium. 8.
https://orc.library.atu.edu/atu_rs/2025/2025/8
Cozy Bear Understanding Cyber Espionage Strategies Against the United States for Future Cybersecurity Preparedness
Online
Russian cyber-espionage groups have a focus on western-countries such as the United States and has multiple state-sponsored cyber espionage groups such as Advanced Persistent Threat (APT) 29, also known as Cozy Bear. Since 2008, Cozy Bear has spearheaded multiple high-profile, and destructive attacks against U.S. organizations and government This poster will analyze Cozy Bear’s cyberattack tactics, techniques, and procedures through U.S. based case studies and proposes recommendations on how to prepare for future cyber-attacks. This research paper will focus on five major incidents that occurred in the United States, the 2014 U.S. government email breaches, the 2016 Democratic National Committee (DNC) breach, 2020 cyber-attack on COVID-19 vaccine research, the 2020 SolarWinds Supply Chain Compromise, and the 2024 Microsoft Corporate email breach. Each case will go through the background of the attack, tactics and techniques used to breach the organization’s system(s). The attacks cause significant damage to organizations including intellectual theft, reputational damage, monetary losses, and compromised national security. Based on the similarities of strategies used in the various attacks the study will offer recommendations for preventing future attacks which includes cybersecurity training and awareness for employees, staying up to date threat intelligence, continuous threat monitoring, and enhancing identity and access management (IAM). Public and Private sectors in the United States must adopt proactive cybersecurity practices so they can effectively defend against Cozy Bear and other advanced persistent threats (APT).