Yusuf Polat

Senior Threat Researcher at Sophos

Yusuf Polat

Yusuf Polat is a Senior Threat Researcher at Sophos. Yusuf has a decade of front-line experience, notably in leading cyber espionage and cybercrime investigations. Prior to joining Sophos, he honed his expertise as a Threat Intelligence Manager for a cyber intelligence startup. In this role, he built and led a high-performing threat intelligence team. He specializes in the proactive identification, assessment, and dissemination of emerging cyber threats. His research interests include the interplay between geopolitical developments and the evolving cyber threat landscape; cyber-enabled influence operations; and disinformation, alongside the history of intelligence and covert action. He holds a Master's degree in Cyber Security from Sabanci University.

Talk: Election Ops: Dissecting a Multi-Vector Influence Campaign Targeting the European Elections

The digital battlespace has taken on a new dimension, one that extends far beyond the conventional realms of cybersecurity and network defense. Adversaries have evolved their cyber capabilities into formidable instruments of influence – leveraging the very technologies that underpin modern society to insidiously shape narratives, manipulate public perception, and advance strategic agendas. This emerging frontier, where the lines between cyberattacks and influence operations become increasingly blurred, represents a grave and insidious threat to the integrity of the global information ecosystem.

In this presentation, I will dissect a recent multi-vector Russian nexus influence operation that targeted European elections while conducting parallel cyberattacks against organizations across the continent. Leveraging comprehensive threat intelligence techniques and data sources spanning passive DNS, WHOIS, certificate transparency logs, web fingerprinting, and more, I will reveal the adversary's tactics, techniques, and procedures (TTPs). Attendees will gain empirical insights into how rigorous threat intelligence can unmask even advanced cyber influence campaigns.

To conclude, I will provide indicators of compromise (IOCs), TTPs, and any supplementary data. Additionally, I will propose avenues for future research as an initial step to foster exploration in the field of cyber influence operations. Lastly, I will issue a call for collaboration and cooperation to collectively advance our understanding of this critical domain.