LETSDATA

Our research was cited in a recently published Lawfare piece on narrative integrity risk in financial markets. Here’s what we found: 770 AI-generated ads. One month. Fabricated arrest images of public figures used to funnel victims in the Czech Republic and the UK into crypto scams. These aren't state-level ops anymore. They're commercial-scale fraud campaigns running the same playbook: emotional triggers, social proof, automation. The only thing that's changed is who's running them and who they're targeting. The article argues (and we agree) that organizations treating narrative manipulation as a comms problem are already behind. This requires structured threat visibility, not just crisis response. Read more >> https://lnkd.in/eVtfHxsZ #Lawfare #narrativeintelligence #OSINT #threatintel

Ksenia Iliuk will be joining Phoenix Challenge 2026 with a keynote on how adversaries are evolving their TTPs — and where defensive models still lag behind the reality of the threat. This is exactly the kind of conversation that needs more practical, case-driven discussion: what changed, how the threat adapted, and what defenders need to rethink. Looking forward to this discussion.

What stayed with me from OpenAI’s latest threat report is this: the important question is no longer whether AI-generated malicious content exists. It’s whether your stack can actually see the layer where these operations gain traction. In one romance scam case, the flow included paid social targeting, AI chatbot interaction, Telegram routing, human handoff, multilingual translation, and internal performance tracking across teams called “Lead Generation,” “Reception Team,” and “Supervisor Team.”   In the “Fish Food” influence case, OpenAI found that tweets generated from the same prompt had radically different outcomes depending on the follower base of the accounts that posted them. The content itself was not the decisive factor; distribution power was. That creates a much more operational question for defenders: Do you have tools in your stack that cover these signals? And if yes — which team actually owns them? Because this layer usually sits awkwardly between functions: CTI, trust and safety, fraud, brand monitoring, social intelligence, comms. And when ownership is fragmented, visibility usually is too.

Thanks to Alaian for bringing together such a strong group of cybersecurity leaders — the conversations around zero trust, AI governance, and identity management reinforced just how interconnected these challenges are! I was glad to represent LetsData at this Deep Dive Session alongside leaders from Nucleon Security, SurePath AI, and Apono to talk about why narrative intelligence belongs in the modern security stack. 👉 When adversaries weaponize information, detection has to go beyond traditional threat models. #GSOC #CTI #threatintelligence #SecOps #zerotrust

The cyber kill chain is getting a new "Link 0" 🔗 Before a single line of malicious code is executed, modern threat actors are already inside the information environment—spinning up AI personas, seeding narratives, and mimicking brands to groom targets at scale. Tomorrow, I’ll be speaking at BSides Seattle on a topic that’s been flying under the radar: "Before the Breach: How AI-Driven Information Operations Create the New Cyber Pre-Attack Surface." We’re moving past the era where InfoOps was just about "fake news." Today, it's functional part of the reconnaissance and preparation phase for high-level technical intrusions and fraud. In this session, I’ll be breaking down: - How to spot "pre-attack" signals hiding in plain sight. - Real-world cases of synthetic identities leading to malware delivery. - Practical frameworks for CTI teams to monitor the information space without losing focus. If you’re heading to #Bsides, let’s connect! #CTI #GenerativeAI #InfoOps #ThreatIntelligence

Next stop: MWC26, Barcelona. Information operations don't stop at the app or social media platform layer. Telecom infrastructure is now a frontline in detecting and disrupting them - and telcos need the right tools to play that role. LetsData will be with Wayra at MWC March 2–5, talking with telecom, platform, and security teams about what coordinated threat detection looks like when you're operating at connectivity scale. Live demos available. Find us at📍Wayra booth on March 2, 09:00–14:00 or through Vladyslav Yevstafiev🇺🇦 during the event.

This Thursday, we’re going to Kyiv International Cyber Resilience Forum. Roman Osadchuk, Director of Threat Intelligence at LetsData, will be speaking about how social media becomes part of #cyberattack infrastructure. 🗓 Feb 19 🕑 14:15–14:30 By early 2025, AI-assisted phishing already accounted for more than 80% of observed social-engineering activity of this type worldwide (ENISA Threat Landscape 2025), and AI-generated lures show ~54% click-through rate (2024 Harvard / University of Chicago human-subject study). At the same time, Microsoft is blocking ~1.6 million fake account registrations per hour on its services (Microsoft Digital Defense Report 2025), with over 90% of account-creation traffic coming from bots, which tells you everything about the scale of synthetic identity infrastructure behind these operations. Roman’s talk will focus on the operational layer behind those numbers: • information operations as a functional stage of the cyber kill chain - identity build-up, narrative seeding, and cross-platform amplification as pre-intrusion activity • coordinated, AI-driven campaigns using synthetic personas, paid traffic, automated content, and reusable infrastructure that often appear days or weeks before the main operation, kinetic or informational • early-warning indicators in the information environment - behavioural and infrastructure patterns that expose intent earlier than telemetry This comes directly from real detection and investigation work, the gap between influence analysis and CTI is disappearing. If you’re attending the #KICRF2026, let’s connect.

Information is the new frontline. In a recent conversation with Kent Walker, President of Global Affairs at Google & Alphabet, our co-founder Ksenia Iliuk shared the story of how LetsData was born in the middle of a full-scale invasion. As Kent noted, "the first casualty of war is truth." We built LetsData to ensure that doesn’t happen. By using AI to scan millions of publications in real-time, we help governments and organizations detect weaponized information before it can do damage. Some key takeaways from the talk: • Modern warfare is fought with weapons and information simultaneously. Territory is physical, trust is cognitive. • Thanks to continuous technology advancements, we’ve been able to reduce costs by 10x while increasing our processing speed 5x. • The goal is to move from reactive detection to proactive mitigation. For the first time, technology is giving the "good guys" the upper hand. A massive thank you to the Google for Startups team. Their support hasn’t just been about credits or infrastructure; it’s been about giving a Ukrainian startup the platform to protect democratic values on a global scale. Watch the full conversation here: https://lnkd.in/dCbTbQC5

Cyber risk is no longer “technical.” It’s structural. The Munich Security Report 2026 makes one thing very clear: today’s biggest security threats don’t arrive with tanks — they arrive with data. Across G7 countries:  ◦ Cyberattacks rank among the top national risks for the second year in a row.  ◦ Since 2022, disinformation has climbed from 15th to 3rd place in the G7 risk heatmap, now treated as a core national security threat capable of causing significant damage.  ◦ Trust in political and international institutions is declining, and more people feel these systems can’t keep up with global risks or rapid change, leading to a growing sense of helplessness. When institutions are perceived as slow and rigid, hybrid threats move faster than governance. That’s why data resilience, real-time monitoring, and early #detection are no longer optional — they’re foundational. 📍 This week in Munich, our co-founder Ksenia Iliuk will be at the Munich Security Conference, sharing deeper insights on how #data intelligence can help identify and counter emerging #security risks earlier. If security today is about anticipation, data is where it starts.