LetsData

Weekly Piece of Intel #1. The 3-Hour Rule 🔍 "CopyCop registers over 100 new websites per month" - a Russian disinformation factory creating 3-4 fake news sites daily, using AI-generated journalists to spread false narratives at industrial scale (Kettering Foundation). Story Time: October 10, Prague. A Czech citizen scrolls Facebook during lunch. Posts from "Selský rozum" (Common Sense) flood her feed: "Our media lies about Russia. Brussels controls our news." She doesn't know that 3 hours earlier, RT Russian published nearly identical content. The message traveled 1,500 miles from Moscow to Prague, translated and repackaged as authentic Czech discourse. Our investigation tracked 179 posts over 72 hours. Each followed the same pattern: Russian state media publishes → 1-3 hour delay → Czech "patriotic" pages echo the narrative → Local amplification begins. The catch? - Czech citizens sharing "Czech" content. - No Russian fingerprints.  - Just neighbors warning neighbors about media manipulation, while being manipulated themselves. The Pattern: Information laundering works like money laundering. Dirty narratives need clean faces. Detection markers: - Russian state media attacks Czech media credibility - Within 3 hours, local Facebook pages echo identical messages Translation perfect. Localization flawless. Emotional arc preserved 93,000 views. Zero attribution to Moscow. What This Means for Governmental Security: Information operations are reconnaissance. They test narrative vulnerabilities before network vulnerabilities. Detection strategy: 1. Track the relay, not just content 2. Map the 1-3 hour window 3. Identify accounts consistently echoing foreign narratives 4. Document coordination patterns When narratives move this fast, they're not organic. They're infrastructure. What patterns are you seeing? #ThreatIntelligence #InfoOps #CyberSecurity #DisinformationDefense

The Economics of InfoOps Defense Just Shifted 🎯 Our COO Ksenia Iliuk breaks down the transformation with Center for Data Innovation: Misinformation campaigns used to be cheap to deploy, expensive to detect. We've reversed that equation. The evolution is clear: - From keyword tracking → semantic pattern detection - From platform-specific tools → unified ML models - From reactive alerts → preemptive intervention Real impact: Detected and neutralized a Vietnam-based AI impersonation campaign targeting a U.S. tech company before product launch. Malware distribution prevented. Brand protected. Users secured. The game-changer? One core ML model adapts across platforms and contexts. Bad actors now face the economics problem, not defenders. Read the full breakdown: https://lnkd.in/eiPvdfzi #InfoOps #CyberDefense #ThreatIntelligence #MachineLearning

It’s inspiring to see our alumni LetsData teaming up to make the world a safer place from cyber crimes by shifting into active defense methods with preemptive cybersecurity threat intelligence such as: - Spotting information collection to prevent phishing schemes 🔍 - Identifying impersonation operations to stave off fraud 👥 - Halting pressure narratives that manipulate victims into scams 🛑 Check out this powerful read from Ignacio Sbampato on where CTI stands in 2025. 👉 https://lnkd.in/e-rj7yvP #CybersecurityAwarenessMonth

770 Ads, 2 Countries, 1 Russian Operation: Industrial Fraud Deconstructed 📈 "Single Facebook page launches 770 scam ads in 30 days. ~25 ads daily targeting Czech Republic + UK simultaneously." This industrial scale weaponizes trusted faces, Andrej Babiš, Martin Lewis, Jakub Prachař, in fake arrest scenarios to drive crypto theft. Our take: This isn't amateur fraud. It's information warfare tactics repurposed for financial extraction. When scammers adopt Doppelganger infrastructure and geo-cloaking from state-level playbooks, the threat landscape fundamentally shifts. We track 3 critical layers: #1. 🎭 Trust Weaponization. AI-generated arrests, perfect media replicas, manufactured social proof via bot comments #2. 🏗️ Russian Infrastructure. Disposable domains (spitecho[.]top, sermontaskez[.]xyz), code fragments in Cyrillic, international front administrators #3. ⚠️ Hybrid Objectives. Financial theft + data harvesting + institutional trust erosion Key finding: Same FIKED (Front, Intermediary, Destination) architecture used in Russian InfoOps now powers criminal networks. Full investigation ➜ https://shorturl.at/7u2nY 💬 Have you noticed sophisticated scams targeting trusted public figures in your region? #InfoOps #CyberFraud #ThreatIntelligence #FinancialSecurity #LetsData

Moldova as InfoOps Laboratory: LetsData at CYBERWARCON 2025 🎯 Our COO, Ksenia Iliuk, takes the stage at CYBERWARCON to expose a critical truth: Moldova has become the testing ground for next-generation information operations. The data is stark. Moldova faces record-high InfoOps activity, cyber-enabled media manipulation that serves as reconnaissance for broader campaigns. What happens in Moldova doesn't stay there. These tactics migrate to larger targets. The Stakes Are Clear: Russian state actors are perfecting their playbook. - They're examining 700+ incidents across elections and political milestones.  - Testing narrative channels.  - Measuring response times.  - Weaponizing social fragmentation. Ksenia, alongside our Director of Threat Intelligence, Roman Osadchuk, will decode these patterns for defense and intelligence leaders. Their analysis will reveal how state-sponsored InfoOps evolve from regional experiments to global threats. Why This Matters Now: Has AI fundamentally changed state-sponsored operations, or are we witnessing digital-age tactics with analog roots? The answer shapes how enterprises and governments defend against narrative warfare. Our research shows Moldova's experience predicts tomorrow's threats. Small nations become laboratories. Successful tactics scale globally. The window between test and deployment shrinks. Join the conversation at CYBERWARCON, November 19, Arlington, VA. Where military, government, and private sector leaders confront the specter of cyber-enabled disruption. More details on the event: https://lnkd.in/eCENqrXg The future of InfoOps defense starts with understanding today's experiments. #CYBERWARCON #InfoOps #ThreatIntelligence #CyberSecurity #GeopoliticalRisk

InfoOps Meets Enterprise Security: Google for Startups Alumni Selected for CISO Spotlight 🎯 As a Google for Startups alumni, LetsData has been selected for the exclusive Startup Spotlight at Google Cloud's CISO Community event. Our CEO, Andriy Kusyy, and COO, Ksenia Iliuk, will be engaging with security executives from Citi, JPMorganChase, The Walt Disney Company, Ford Motor Company, McDonald's, and other Fortune 500 leaders in New York City, November 4-5. The Security Paradigm Shift: Enterprise CISOs are recognizing a critical truth: Information operations are breach precursors, not just brand risks. The conversation has evolved from crisis response to threat prevention. Our approach transforms InfoOps detection: - Semantic discovery catches threats at patient zero - 89% detection rate before escalation - 40-second intelligence delivery - Infrastructure and narrative layer monitoring Why This Matters Now: Synthetic identities, impersonation clusters, and coordinated narratives aren't just reputation threats. They're the reconnaissance phase of modern cyberattacks. While traditional solutions monitor keywords, we identify threat patterns before they pivot to intrusion. The future of enterprise security isn't reactive defense. It's preemptive intelligence that protects revenue, prevents operational disruption, and stops incidents at inception. See you at the forefront of security evolution. #CyberSecurity #ThreatIntelligence #InfoOps #EnterpriseRisk #GoogleCloud

When we started, we didn’t plan to build a company. Andriy Kusyy and I just wanted to solve the problem we were passionate about. A side project, if you will. We didn’t expect that the problem we identified and the solution we envisioned would lead to such strong demand. From being born in Ukraine as a side experiment to working with Fortune 500 companies and governments across the world, it’s been quite a journey. Read more about our journey in the piece from Center for Data Innovation

Roman Shutov from International Media Support speaking about LetsData contribution at prebunking in Moldova.