Verena Wingerter

Verena Wingerter works as Lead Threat Intelligence Analyst at Cloudflare, specializing in the intersection of technical cybersecurity and geopolitics. An expert on threats originating from Russia and Belarus, she previously conducted research for DCSO and the German Council on Foreign Relations. She holds a Master of International Affairs from the Hertie School and is currently a PhD candidate at the Helmut Schmidt University.

‍

Talk: The Anomaly of NastyShrew: Unmasking FSB Operations Through Their Own Noise (with Brian Carter) [TLP:AMBER-STRICT]

In the complex landscape of Russian cyber operations, Gamaredon (NastyShrew) stands out not for its sophistication, but for its noise. As an FSB-subordinate group broadly targeting Ukraine, their strategy relies on a spray-and-pray approach. But this lack of finesse leaves a massive, exploitable digital footprint.

This presentation will dissect the anatomy of NastyShrew’s high-volume campaigns, focusing on the critical blunders they commit while operating at scale. We will share the story of how Cloudflare's Russia Team, utilizing proprietary traffic data, partnered with researchers across the industry to connect the dots. We will walk the audience through the methodologies used to exploit Gamaredon's mistakes, turning their operational volume into their greatest vulnerability. This talk proves that when defenders reach across corporate boundaries, even the most prolific state actors have nowhere to hide.

‍