Threat Intelligence Lead at Check Point Research
Alexandra Gofman is a Threat Intelligence Lead at Check Point Research. Alexandra brings eight years of enterprise cybersecurity experience, having worked in various technical and customer-facing positions. Starting from 2019, Alexandra has been a member of the Threat Intelligence Analysis team, dedicating her research efforts towards APT campaigns and malware analysis, with the aim of devising effective strategies to protect customers from advanced threats. Alexandra has presented her research at public and private conferences around the world, including Virus Bulletin, AVAR, and others.
While the world's attention remains riveted on the Russia-Ukraine war, one of its indirect implications is yet another dangerous escalation in a decades-old highly militarized ethno-territorial conflict between Armenia and Azerbaijan over Nagorno-Karabakh. The region receives little attention from the cybersecurity community, although both countries over time have recognized the increasing importance of cyberspace to assert their influence and protect their interests.
In this context, while the cyber implications of the conflict have primarily taken the form of DDoS attacks and disinformation campaigns on both sides, part of the operations also included custom tools and backdoors. In this talk, we will deep dive into TTPs of one such threat actor, linked to Azerbaijan's government, known both to be engaged in information operations, as well as in targeted surveillance using spyware against Armenian and Azerbaijani targets.