Russia’s most notorious cyber unit—Seashell Blizzard (also known as Sandworm, APT 44 and Iron Viking)—has taken down shipping giants, Olympic systems, and Ukraine’s power grid.

In this Threat Talks deep dive, Lieuwe Jan Koning, Yuri Wit (Red Team), and Rob Maas (Blue Team) reveal exactly how these attacks unfold, why they’re so hard to stop, and how Zero Trust can tip the balance back to defenders.

• (00:00) - – Cyber warfare in the Ukraine conflict: setting the stage
• (01:10) - – Who is Seashell Blizzard? Names, aliases, and Russian GRU ties
• (04:00) - – NotPetya, Olympic Games, and high-profile disruption campaigns
• (07:31) - – Initial access: stealth exploits on edge devices
• (11:40) - – Privilege escalation via Living-off-the-Land (LOLBin) tactics
• (15:23) - – Weaponizing Group Policy Objects with “Tank Trap” for mass wipers
• (19:13) - – Objectives: disruption, damage, and public bragging rights
• (23:40) - – Zero Trust defenses, segmentation, and last-resort recovery

Related ON2IT Content & Referenced Resources
• ON2IT Threat Talks Playlist: https://www.youtube.com/@ThreatTalks/playlists ON2IT Zero Trust Resources: https://on2it.net/zero-trust
• MITRE ATT&CK – Sandworm Team (APT 44): https://attack.mitre.org/groups/G0034/

🔔 Follow and Support our channel! 🔔
===
► YOUTUBE: https://youtube.com/@ThreatTalks
► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E
► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520

👕 Receive your Threat Talks T-shirt
https://threat-talks.com/

🗺️ Explore the Hack's Route in Detail 🗺️
https://threat-talks.com

🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX