Women are increasingly stepping up to fill roles in Russian-speaking cybercrime outfits, according to research from the Sans Institute, which found that women are increasingly taking on top roles within threat actor groups.
“Historically, the landscape of Russian-speaking cybercrime has been predominantly male-dominated, with men occupying most visible roles in the underground," Sans reports.
“However, women, though fewer in number, are also involved in various capacities within this hidden world.”
The report paints a complicated picture of the role women are expected to conform to in Russian-speaking nations. While it is perceived that women are meant to be caregivers and domestic workers for the most part, in some cases they are breaking thorough and taking charge of business affairs.
This is particularly the case with the younger generations, as women have been seen taking charge of operations such as malware administration. One such example is Alla Witte, a cybercriminal said to have been a key figure in the TrickBot malware operation.
“Despite a wide announcement of Witte as a Latvian national, she is Russian by her origin and cultural background. Alla Witte (maiden name Klimova) was born in the Soviet Union, Rostov-on-Don in 1965 and moved to Riga, Latvia in 1983,” Sans wrote.
“Latvia was a popular place to live for many Russians who immigrated there during the post-war immigration period. It became a home to a significant Russian-speaking population sharing linguistic and cultural connections to Russia.”
Wisse is not alone. The Sans team also pointed to a number of forum posts in which female hackers are forced to hide or at least make efforts to conceal their gender in order to get work.
“Being a woman in a field dominated by men, she was constantly met with skepticism, and her advanced technical skills were often disregarded or belittled. Her capabilities were seen as an anomaly, and those in her circles — both allies and rivals — tended to downplay her achievements, often crediting her successes to luck rather than recognizing her talent and expertise,” they wrote.
“This gender bias not only challenged her ability to gain respect and trust within hacker networks but also forced her to repeatedly prove her skills in ways her male counterparts were rarely asked to do.”
A more cynical party than us might note that these talented female security experts could obtain ready and supportive employment should they opt to contact lawful security providers and institutes. While Western tech vendors are not without their shortcomings, they carry the noted benefit of not punishing errant workers with a trip to Siberia.
