Russia’s most notorious cyber unit—Seashell Blizzard (also known as Sandworm, APT 44 and Iron Viking)—has taken down shipping giants, Olympic systems, and Ukraine’s power grid.

In this Threat Talks deep dive, Lieuwe Jan Koning, Yuri Wit (Red Team), and Rob Maas (Blue Team) reveal exactly how these attacks unfold, why they’re so hard to stop, and how Zero Trust can tip the balance back to defenders.

• (00:00) - – Cyber warfare in the Ukraine conflict: setting the stage
• (01:10) - – Who is Seashell Blizzard? Names, aliases, and Russian GRU ties
• (04:00) - – NotPetya, Olympic Games, and high-profile disruption campaigns
• (07:31) - – Initial access: stealth exploits on edge devices
• (11:40) - – Privilege escalation via Living-off-the-Land (LOLBin) tactics
• (15:23) - – Weaponizing Group Policy Objects with “Tank Trap” for mass wipers
• (19:13) - – Objectives: disruption, damage, and public bragging rights
• (23:40) - – Zero Trust defenses, segmentation, and last-resort recovery

Related ON2IT Content & Referenced Resources
• ON2IT Threat Talks Playlist: https://www.youtube.com/@ThreatTalks/playlists ON2IT Zero Trust Resources: https://on2it.net/zero-trust
• MITRE ATT&CK – Sandworm Team (APT 44): https://attack.mitre.org/groups/G0034/

🔔 Follow and Support our channel! 🔔
===
► YOUTUBE: https://youtube.com/@ThreatTalks
► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E
► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520

👕 Receive your Threat Talks T-shirt
https://threat-talks.com/

🗺️ Explore the Hack's Route in Detail 🗺️
https://threat-talks.com

🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

One mis-typed contact detonates Signal Gate, turning “secure” messaging into a classified-data leak.Host Lieuwe Jan Koning (Co-founder, ON2IT) and Thomas Manolis (Security Officer, AMS-IX) lay out the breach blow-by-blow—then drop the Zero Trust, Shadow IT and information-governance tactics every CISO needs before the next incident hits.High stakes, hard lessons—compressed into actionable steps you can brief to the board.Timestamps00:00 Cold-open: “wrong recipients” analogy00:37 What really happened in Signal Gate01:38 Mistake #1 – Choosing a consumer app over classified03:34 Mistake #2 – Human error: the mis-added journalist07:55 Shadow IT, usability & Secure Messaging Apps 09:10 Information Governance, audits and technical controls12:02 Zero Trust takeaways & action planKey Topics Covered• Anatomy of the Signal Gate breach & timeline• Why Shadow IT sabotages secure operations• Building airtight Information Governance for secure messaging apps• Operationalizing Zero Trust: least privilege, continuous verification, human-centric trainingRelated ON2IT Content & Referenced Resources• “Understanding Zero Trust – Lessons from Experts” whitepaper: https://on2it.net/resources/?• Zero Trust Readiness Assessment (PDF): https://on2it.net/wp-content/uploads/2022/05/Zero-Trust-Readiness-Assessment-EN-US.pdf• Threat Talks podcast hub: https://threat-talks.com/🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

ON2IT’s Lieuwe Jan Koning goes one-on-one with AMS-IX CEO Peter van Burgel to expose why the once-open internet is splintering into rival, firewalled regions. Discover the geopolitical forces fueling this cybersecurity trend. Learn the Zero Trust resilience moves CISOs must deploy to stay sovereign in the future of the internet.Key Topics Covered• Drivers behind the Splinternet & what they mean for CISOs• Scenario-planning methodology for threat forecasting• Aligning Zero Trust with data-localization mandates• Resilience vs. redundancy: how to build real business continuity• Earth-IX concept: keeping critical flows alive amid fragmentationRelated Content & Resources• ON2IT Zero Trust Framework → https://on2it.net/zero-trust/• AMS-IX MORE-IP Conference insights → https://www.ams-ix.net/ams• EU Digital Services Act overview → https://digital-strategy.ec.europa.eu/en🔔 Follow and Support our channel! 🔔► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX