This is myth. Russian systems are suffering from malware just like others. And probably more, because it's easier for local criminals to target local companies. It might be true for a very tiny fraction of malware, but that's definitely an exception, rather than rule.
Of course if there are state-sponsored hackers (I'm not really aware if those exist, but I allow this possibility), they will target whatever their management points at. And with corruption it's pretty possible that some local business could be targeted as a part of some financial wars.
But majority of hackers are just some guys with some IT knowledge and zero morale. They'll buy some exploits and tools on black markets, duct tape them into something and release in the wild, waiting for profits (or police). They'll rob banks or babushkas, they don't care.
It is not myth for ransomware. Many documented cases. It's essential to the survival of these groups; local cops more likely to leave them alone if they leave local businesses alone.
> It's essential to the survival of these groups; local cops more likely to leave them alone if they leave local businesses alone.
Which is a huge misconception outsiders have about this scene. They are Russian-speaking, not Russian, just like English speaking gangs are not necessarily English. These groups may (and often do) consist of nationals of different exUSSR countries, sometimes without even knowing each other personally. They might not even be a single group, just some individuals doing different parts of the scheme. (including "press releases" and "interviews" they sometimes do)
It has been the case long before all this ransomware fad. Russia, Ukraine, Kazakhstan, Belarus, and partially Lithuania had world's top CC theft gangs for a couple decades, and they always been of mixed origin. They mostly steal EU and US cards because it offers better reward/risk ratio, compared to the home countries which are poor. But nothing stopped them from stealing CCs in Russia or Ukraine either, certainly not some mythical cops (who couldn't care less in reality); in fact, skimmers are widespread in those countries as well.
Ransomware groups are the same as CC thieves, it's just a different scheme; they probably avoid home countries for the same reason (same risk, less reward). The state can't possibly have too much influence on them, it just triggers the bullshit detector for anyone who lives in any former Soviet republic and knows about this stuff at least superficially.
It's specifically because Russian prosecutors couldn't care less if there are no Russian victims. By doing this they know there is next to zero chance of criminal proceedings.
There's a reason why Russian malware software does not attack systems that have an RU locale for the keyboard: don't sh_t where you eat.