Regulation of cyber wars
the USA accused Russia of cracking of communication systems of FBI by means of dachas of diplomats
In the middle of September, 2019 the American Yahoo News portal published article about the Russian espionage. The edition with reference to former employees of the Washington administration wrote that Russia cracked communication systems of FBI by means of dachas of diplomats in the USA.
In the publication it is said that the Russian diplomats sent from the USA in 2016 kept shadowing with dachas of the permanent representative of Russia in the USA upon special forces of FBI earlier.
According to interlocutors of Yahoo News, the Russian diplomats participated in "impudent counterprospecting transaction" as a result of which it was intercepted secret information of FBI that long time allowed the Russian intelligence agents to avoid exposure.
It is noted that the management of FBI and CIA had to stop temporarily communication with the agents and to look for among subordinates of "mole". It was afraid that the Russian intelligence agents, being near government buildings, could get even into the computers which are not connected to the Internet.
The Embassy of Russia in the USA stated that Washington tries to justify capture of the Russian diplomatic property through a shpionomaniya. It is reported on the page of diplomatic mission in Facebook.
Moscow reminds that capture of the Russian dipsobstvennost still explained Washington absolutely differently, namely — "intervention" of Russia in the American elections. Now at Americans appears other explanation of capture of the Russian dipsobstvennost by them is perfect.
The Russian Foreign Ministry connected information of the American media with the beginning of a new electoral cycle in the United States.
| ||We enter now very interesting period which is called "prior to the election of the president of the USA there was exactly a year". And during this period we, unfortunately, will see and hear many fantastic stories, sudden opening, surprising anticipation or, on the contrary, some excavation from the past — the Russian Foreign Ministry spokesman Maria Zakharova "the Kommersant of PSK" told.|| |
Roskomnadzor accused Google and Facebook of intervention in elections
Roskomnadzor accused Facebook and Google of illegal distribution of political materials in "day of silence" before elections of deputies on September 9, 2019. Department said that it is possible to consider such actions as "intervention in sovereign affairs of Russia and hindrance to carrying out democratic elections".
The representative of Roskomnadzor Vadim Ampelonsky reported that it is not the first case when in "day of silence" on platforms of Google and Facebook political advertizing is published. However specific examples of such advertizing in Roskomnadzor were not provided.
The head of the commission of the Civic chamber of the Russian Federation of development of information community, media and mass communications Alexander Malkevich accused Google of intervention in internal affairs of Russia. He said that in attempt to find in the search system information on a phrase "elections to the Moscow City Duma" before links to the reference information and the website of Moscow Election Committee there is an advertizing of the system of "smart vote" advanced by the blogger Alexei Navalny.
The first deputy chairman of the CEC Nikolay Bulayev also assumed that Google can have an impact on voters in Russia, many materials can be carried to "pointwise" influencing the person.
In Facebook in response to charges reported that responsibility for observance of electoral laws is born by advertisers, and the company on demand considers addresses about violations.
| ||If we receive the address that this or that advertizing violates the local law, we consider it and we take adequate measures — said in the company.|| |
Google, commenting on Roskomnadzor about political advertizing, said that the company "supports responsible political advertisements". At the same time in Google did not begin to specify whether really on the websites of corporation political advertizing in the election day extended.
The number of the attacks on resources of the Russian Defense Ministry in 6 years increased almost by 60%
For the last six years the number of cyber attacks to information resources of the Ministry of Defence of the Russian Federation increased by 57%. Such data in June, 2019 were provided by the head of Department of information and mass communications of the Russian Defense Ministry major general Igor Konashenkov during a round table within the forum "Army-2019".
| ||"In six years the number of attempts of removal from a system of objects of critical information infrastructure grew by 57%", - the general reported.|| |
Department constantly faces "different attempts of external information and technical influence" on its systems and Internet resources, Konashenkov noted.
According to him, since 2013 the Ministry of Defence revealed and neutralized more than 25 thousand invasions on information resources of AF.
The western investigation cracked "Yandex" to spy on users
Americans were recognized in cyber attacks to the Russian infrastructure
The The New York Times edition (NYT) published article about increase in number of the American cyber attacks to the Russian electric networks in June, 2019. In material experts referred to unnamed sources among the former government officials who provided the corresponding information within the interview.
In article of NYT it is told that power supply networks of Russia were exposed to massive cyber attacks from the USA throughout spring of 2019. Implementation in the system of a malicious code capable to sabotage operation of power supply networks was the purpose of the attacks. According to sources, this initiative became reaction to statements of FBI and the U.S. Department of Homeland Security in which departments accused Russia of similar crimes. They claimed that Russia aimed to implement own malware not only in the American power supply networks, but also in water supply systems, gas - and oil pipelines as precautionary measures in case between the USA and Russia the new conflicts will break out.
NYT emphasized that the response measure of Americans can be considered as warning. Meanwhile, in material it was not told how successful were cyber attacks and whether it managed to hackers to implement software in the Russian power supply system.
Microsoft accused Russia of intervention in the upcoming elections in the USA
On August 20, 2018 Microsoft accused Russia of intervention in congressional elections of the USA which will take place in November. According to the company, the hackers connected with Russian authorities created the false websites which are potentially interesting to the American politicians.
On the official site Microsoft follows from the message that in August, 2018 the division of Microsoft Digital Crimes Unit (DCU) executed the writ of delivery of control over six Internet domains created "by the group which is closely connected with the Russian government", Strontium (also APT28 is also known as Fancy Bear).
These cybercriminals created three counterfeit websites of the U.S. Senate and also two American conservative organizations: Hudson's institute and International republican institute. At this Microsoft did not provide detailed descriptions of false domains
| ||Now we see one more surge in the attacks. In this case expansion of type of websites which they use is especially important — the president of Microsoft Brad Smith reported.|| |
According to him, the hacker attacks are carried out for the purpose of "undermining democracy" to the USA, and Microsoft "has no doubts in the one who bears responsibility".
Brad Smith also noted that Microsoft is ready to provide free protection against cyber attacks to all candidates for the congress, election campaigns and the political organizations which use its products.
The special prosecutor Robert Müller investigating possible intervention of Russia in elections in the indictment noted that the hacker Strontium group is connected with Main Intelligence Directorate of Russia. This grouping, according to the special prosecutor, was involved in email hacking of national committee of democratic party and also a mailbox of the ex-Secretary of State Hillary Clinton.
The Pentagon is going to prohibit acquisition of software with the Russian code
In July, 2018 it became known that the Pentagon makes the list of vendors which use the Russian or Chinese code in the software products to cease to buy their products and to prohibit it to the partners. At the legislative level the ministry will also be forbidden to buy software to which development process observers from China or Russia had access. Read more here.
In the U.S. NSA the cyberdivision for fight against Russia is created
Paul Nakasone who is heading National Security Agency (National Security Agency, NSA) and at the same time holding a post of the head of cybertroops of the USA confirmed officially in July, 2018 to the news agency Bloomberg the fact of creation of separate special forces "for reflection of the Russian threats in a cyberspace".
"I created group on Russia – Russia Small Group, - said Nakasone. – It is that the prospecting community had to is valid to be made after [events] of 2016 2017".
Reported to The Washington Post that the U.S. NSA and cybertroops entering into it intend to counteract "the Russian security risks of the USA" on intermediate elections in November within which the House of Representatives of the U. S. Congress will be re-elected (lower house) of 35 senators and 39 governors of states.
"Russia has considerable potential, and we, certainly, should be ready to such call, - Paul Nakasone on last days off said during the performance within the annual forum on security (Aspen Security Forum) to Aspen, Colorado. – And if such call follows, I believe, beyond all doubt we will be ready to counteract".
Gain of infrastructure of cybertroops of the NSA
In June, 2018 the The New York Times newspaper wrote that the Pentagon for the last several months considerably expanded possibilities of cybertroops at the U.S. NSA, having provided to them, including, the right of network hacking of the opponent for protection of the American networks. Such powers really considerably expand a field for maneuver to cybertroops of the NSA as earlier it was mainly only protection of networks of the USA is resolved. Also increase in the status, most likely, also opened additional opportunities "for protection against Russia", note in Bloomberg.
Attack on the network switches Cisco
On April 6, the hacker JHT grouping attacked critical infrastructure of a number of the countries, including Iran and Russia that led to failure in work of a number of Internet service providers, data centers and some websites. In the attacks malefactors used vulnerability of CVE-2018-0171 in the network switches Cisco with support of SMI technology (Smart Install). Hackers rewrote an image of the Cisco IOS system and changed a configuration file, leaving in it the message with the text: "Do not mess with our elections...." (Do not interfere with our elections) and the image of the American flag.
The USA officially accused the Russian Federation of cyber attacks to power plants
The U.S. Department of Homeland Security and the Federal Bureau of Investigation warned about the attacks "the Russian hackers" on the American government and commercial organizations and also on objects of critical infrastructure. The corresponding report was published on March 15, 2018, on the website of Computer group of emergency response of the USA (US-CERT).
According to the report, "the Russian hackers" attack the American power plants and other objects of critical infrastructure at least since March, 2016. "The Russian government hackers" launched "a multi-stage campaign of invasion" during which they "infected networks of small commercial objects with the malware, performed targeted phishing attacks and got remote access to networks of the electricity sector". Having got access to networks, malefactors studied them and collected information relating to an APCS.
Neither names of the affected companies, nor the extent of the damage caused to them are provided in the report. Nevertheless, according to authors of the document, hackers attacked controllers of domains and also mail and file servers. In the report FBI and the Ministry of internal security also refer to the research of Symantec published in September, 2017 in which the additional information about the current harmful campaign is provided.
The White House prepared large-scale cyber attack to Russia
The White House prepared cybertransaction against Russia in the summer of 2016 when Barack Obama was the U.S. President, however later development of this plan was cancelled. The Russian Tape measure is told about it in the book ": a story about the Putin's war against America and Donald Trump's election" from which excerpts are published by Yahoo News.
According to Daniel, in addition to him, was engaged in plan development Selest Vallander, supervising the Russian direction in National Security council at the White House.
The plan assumed that the National Security Agency will carry out cyber attacks for neutralization of the Russian websites and the hacker of Guccifer 2.0 who cracked e-mail of the campaign headquarters of Hillary Clinton and National committee of Democratic party. Also it was going to block the website DCLeaks.com which distributed information stolen at democrats.
Authors of cyber attacks suggested to organize information leak about confidential bank accounts in Latvia of Vladimir Putin's daughter, "which will become slap in the face for the President of Russia and will anger him". Among plans was to arrange also a throw in the Russian media of information on Putin's assets, mistresses of officials and corruption in United Russia. Besides, the plan meant implementation of DDoS attacks on the websites of the Russian media and also carrying out the attacks to the Russian reconnaissance structures for violation of work of their communication hubs. As told authors of the book, as a result this plan it was given up as a bad job by Obama's assistant on national security Suzann Rice and the assistant to the ex-president concerning fight against terrorism Lisa of Monaco. They expressed concerns that data on transaction will leak out into mass media.
Investigation of the intervention in the American elections attributed to Russia and also expected communications of Trump with Russia which disprove in the White House and the Kremlin the independent special prosecutor Robert Müller and also the U. S. Congress conducts. In Moscow all charges rejected more than once, calling them unfounded. According to the president Vladimir Putin in an interview to NBC TV channel, Russia has no purposes which could be reached similar intervention.
Investment of the FSO with functions of cybertroops
The Russian President Vladimir Putin signed on February 27, 2018 the decree on making changes in regulations on Federal Guard Service. The list of powers of service was replenished with participation in "holding actions for information confrontation" and ensuring work of "the departmental center of the state detection system, warning and mitigation of consequences of the computer attacks on the information resources of the Russian Federation which are under authority of the FSO". The document became effective from the date of its signing. Read more here.
At the USA estimated threat of cyber attacks from Russia and China to 8 of 10 points
During listenings in the House of Representatives of the USA Dyyuk said that Russia and China pose a serious threat of cyber security of the USA. "On a scale from 1 to 10 I would tell probably 7 or 8", - she noted. As well. MVB emphasized with the lake of the head the growing concern in a type of possible cyber attacks to crucial infrastructure of the country.
You See Also:
- Critical infrastructure of Russia
- Law On security of critical information infrastructure of the Russian Federation
Google forced to fight against the truth, blocking news of RT and Sputnik
The Google company works over creation of an algorithm of filtering of the news containing the Russian propaganda. It in November, 2017 was said by the head of Alphabet holding Eric Schmidt, having called as the main sources of promotion the websites of Russia Today TV channel and the Sputnik agency.
According to Schmidt, intention of Google consists only in concealment of news of RT and Sputnik from Internet users for the purpose of counteraction to "the Russian propaganda" and to "distribution of misinformation", at the same time the speech about a total ban of resources does not go — Google does not use similar methods, the top manager emphasized.
The head of Alphabet also said that he opposes censorship, however 2016 showed that the audience cannot independently distinguish "fakes".
| ||First in the USA by something obvious considered that "bad" content will replace with itself "good", but last year we faced that in certain cases it can be and not so, in particular, when your opponent receives good financing and actively tries to distribute such information — Schmidt specified.|| |
As of November 21, 2017 news of Sputnik were still displayed in search of Google. Eric Schmidt commented on a situation as follows:
| ||We work on detection of similar things and lowering of such websites in news issue. Generally it is about the websites of RT and Sputnik.|| |
However how exactly Google is going to reduce positions of RT and Sputnik in the searcher, the representative of Internet giant did not explain, having added only that he personally is a supporter of "ranging" of the websites.
The State Duma already commented on Schmidt's statement for a method of fight against the Russian propaganda, having called filtering of the Russian media an open form of information war. So, according to the deputy chairman of committee on information policy Andrey Svintsov, sale of Google of the stated plans will turn back the most powerful blow to RT and Sputnik as links to them will actually disappear from news of Google. He also considers that the State Duma should take mirror measures in respect of the American media in the Russian search systems.
It is remarkable that earlier the representative office of the Russian TV channel RT and the translator of the state radio Sputnik upon the demand of the American authorities were registered in the USA as foreign agents. Response of the State Duma adopted the bill entering the similar status for foreign media in Russia. 
The head of CIA accused RFI WikiLeaks of destabilization of the western democracy
Russia and the WikiLeaks organization try to destroy democracy in the West. And WikiLeaks actually is prospecting structure hostile to the USA. Such statement was made by the director of the Central intelligence service of the USA Michael Pompeo.
Activity of the state and non-state characters which aim "blur" democracy and rule of law around the world - one of threats which CIA faces, Pompeo noted.
"It includes groups like WikiLeaks - non-state enemy intelligence service which hires spies, rewards the people stealing legal secrets and uses this information to undermine the western democracies. And it, certainly, includes the Russian government which is the main figure in the world practicing "active measures" long ago. It proceeds decades", - TASS cites words of the director of intelligence service.
Creation of joint cybergroup
In July, 2017 the President of Russia Vladimir Putin and the head of the USA Donald Trump held the first personal meeting on the sidelines of the summit of "Group of Twenty" in Hamburg. One of the topics of conversation was devoted to cyber security which was discussed about 40 minutes. In total negotiations between the Russian and American leaders lasted more than two hours.
After this meeting the Minister of Foreign Affairs of the Russian Federation Sergey Lavrov said that Russia and the USA reached the agreement on formation of the joint working group on cyber security.
| ||It is agreed that all these questions in a complex, including fight against terrorism, with organized crime, hacking in all its manifestations, will become a subject of bilateral Russian-American interaction — the head of the Russian diplomatic service told, having noted that for implementation of these Moscow and Washington are more whole will create the working group.|| |
According to Lavrov, the purpose of creation of the two-sided mechanism for work on a problem of cyber security is the attempt to define how to interact in the field of information protection from now on not to allow intervention in internal affairs of the states.
The U.S. Secretary of State Rex Tillerson also commented on results of negotiations. He confirmed that the countries will create the working group on development of the framework agreement on cyber security and non-interference to affairs of each other.
However later Donald Trump said that he does not trust in a possibility of creation of bilateral group on questions of cyber security.
| ||The fact that the president Putin and I discussed group on cyber security, does not mean that I consider that it can occur. Cannot. But ceasefire can, and it happened! — the U.S. President on the Twitter blog wrote on July 9, 2017.|| |
In this respect Trump in the microblog did not place any further comments. He did not explain whether it is necessary to consider his present expressions as actual rejection from just reached agreement with the President of Russia.
The Washington Post: The USA developed a secret cyber weapon for the response to the hacker attacks from Russia
The U.S. President Barack Obama gave the order about electronic measures in response to intervention of Russia in presidential elections of 2016. It is said in the investigation of The Washington Post published on June 23.
According to the edition, it is about preparation of the special confidential program which assumes detection of vulnerability in electronic infrastructure of the Russian Federation and implementation in the Russian networks of "implants" at the right time to have an opportunity to put them out of action.
Development of "implants" was charged to the U.S. National Security Agency (NSA). It is supposed that the American government will be able to activate them in case of new aggression from Russia, including in case of future hacker attacks.
Transaction is on initial stage. Departments to which program assessment was charged, considered work of "implants" "little giving in to control", however came to a conclusion that in some conditions their application can become the proportional response to aggression from Russia.
Obama's successor on the president's post — Donald Trump will have to make the decision on use of the program. However for continuation of its development the American intelligence agencies do not need approval of the new president though he also will be able to cancel it, having published the special order. Still such order did not arrive, tell sources of The Washington Post.
The Ministry of Justice of the USA officially accuses officers of FSB of cracking of Yahoo
In March, 2017 the U.S. Department of Justice brought official charges to three citizens of Russia and the citizen of Kazakhstan of cracking of servers of Yahoo corporation in 2014 owing to which there was a date leak of 500 million mail accounts. From these four two in charge are called officers of intelligence agencies, and two others — hackers, "the employed Russian authorities".
One of defendants - Dmitry Dokuchayev, the officer of FSB, in December, 2016 the arrested in Moscow on a charge of high treason. He is suspected of transfer of the classified information to intelligence agencies of the USA.
Among other defendants Igor Sushchin, Alexey Belan also famous as Magg, and Karim Baratov known under names Karim Taloverov, Karim Akekhmet Tokbergenov and under the alias Kay are called (Kai).
Ministry of Justice of the USA brought them tens of charges, including of fraud using electronic intermedia, massive theft of personal data and trade secrets, economic espionage.
Representatives of the ministry specify in the published statement that hackers used the stolen information "for receiving unauthorized access to contents of accounts in Yahoo, Google and other operators of mail services, including, accounts of the Russian journalists, the American and Russian government officials and employees of business companies in financial, transport and other sectors of economy".
In the indictment it is said that hackers aimed to get access to accounts of the Deputy Prime Minister of Russia, the officer of the Russian Ministry of Foreign Affairs, the trainer working in the Ministry of Sport and other high-ranking officials. Accounts of the journalist of the edition Kommersant-daily and one of heads of the Russian service provider were also hacked.
According to charge, Dokuchayev and the company also actively hacked accounts of foreign politicians and entrepreneurs. Names of victims in charge are not entered, only positions and if it is about business companies, sectors of economy which those treat.
In the indictment it is said that Dokuchayev and Sushchin were a staff of Center 18, cyberdivisions of FSB. As for two other suspects, the name of Alexey Belan at FBI is listed the most wanted cybercriminals. He was already accused of attempts of cracking of the state organizations of the USA. Karim Baratov has citizenship of Kazakhstan and Canada. And in Canada he was also arrested — the only thing from all defendants.
Belan and Karimov, in addition, are accused of carrying out spam campaigns using the hacked accounts for personal earnings. Malefactors used the complex circuit of falsification cookie to bypass password protection and to get access to contents of mailboxes.
The Yahoo company for the first time announced massive cracking in September, 2016. Then representatives of the company said that behind the attack there is a certain unnamed state. In December by Yahoo it was forced to recognize even more massive cracking (then the given 1 billion Yahoo accounts flowed away).
Putin was accused of direct participation in the hacker attacks in the USA
In January, 2017 the U.S. intelligence accused Vladimir Putin of participation in cyber attacks in the USA during elections of the head of state. In the report published by management of the director of the national intelligence of the USA it is said that allegedly Vladimir Putin disposed to begin "a campaign for intervention" in presidential elections. "blasting public trust to democratic process in the USA" and discredit of the candidate for president from Democratic party Hillary Clinton was her purpose. In the report it is said that CIA and FBI "are firmly sure of it";
The U.S. National Security Agency expresses "moderate confidence" in such version. According to U.S. intelligence, behind cyber attacks there is a Main Intelligence Directorate of the General Staff of armed forces of Russia. It allegedly used the help of the hacker (or hacker grouping) Guccifer 2.0, and made public the acquired information using the websites of WikiLeaks and DCLeaks. Guccifer 2.0 denies communication with Russia.
The report does not contain convincing proofs of participation of Putin in cyber attacks. The published document is the public version of the confidential report in which there is no part of intelligence information.
"Many of key outputs in the document rely on a complex of messages from different sources which separate our understanding of the Russian behavior", said in the report.
Authors base other outputs on the analysis of behavior of politicians loyal to the Kremlin, the state media (in particular, Russia Today TV channel) and certain users of social networks — the "trolls" executing, according to U.S. intelligence, the order of Russian authorities.
Intelligence of the USA considered Russia by large threat in a cyberspace
Intelligence of the USA considers that in Russia there is a developed offensive cyberprogram which threatens the government of the United States and important infrastructure of the country. Such outputs contain in a joint statement of the director of the national intelligence, Kiberkomandovaniya of the U.S. Armed Forces and the Pentagon prepared for the congress.
— Russia is a full-scale character which represents large threat to the U.S. Government, military, diplomatic, commercial and crucial infrastructure and also key resource networks, thanks to the advanced offensive cyberprogram and sophisticated tactics, the equipment and procedures — it is said in the statement.
Obama imposes sanctions against Russia "for the cyber attacks which affected the election of the president of the USA"
The Ministry of Finance of the USA announced at the end of 2016 imposition of new sanctions against Russia in connection with cyber attacks which purpose was to affect the course of elections of the American 
Sanctions are imposed against FSB and GRU and also three companies — TsOR Security (Esage Lab), Autonomous nonprofit organization "Professional Association of Designers of the Systems of Information Science" (APO software KSI) and "The special technology center". According to the statement of the U.S. President Barack Obama, these companies performed material security of cybertransactions of GRU.
The chief of Head department of the General Staff of Russian Armed Forces (GRU) Igor Korobov, his deputies Vladimir Alekseev, Sergey Gizunov and Igor Kostyukov and also hackers Alexey Belan and Evgeny Bogachyov fell under personal sanctions.
According to Barack Obama, the USA also declared personas non grata 35 Russian diplomats. According to Reuters, it is offered to them to leave the country within 72 hours.
After Intelligence agency of the USA prepared two reports: one — confidential which was provided to Obama, the second — "public" he was promulgated later. Follows from data which the American intelligence agencies managed to receive that the Russian officials "celebrated" a victory of the former candidate of Republican Party Donald Trump on elections. They could obtain this information after the publication of results of vote thanks to interception of messages in which officials congratulate each other. WP writes that a part of Russian authorities estimates this victory as geopolitical.
Sources of WP emphasize that though these messages are estimated as rendering strong preference to a victory of Trump, nevertheless they cannot be considered as indisputable proofs of participation of the Russian intelligence agencies in intervention in the election of the president of the USA.
Special attention is paid to the purposes of "intervention of Russia" in elections. According to the American officials, initially Moscow allegedly was going "undermine confidence to elections of the USA" and "undermine legitimacy of an expected victory [the former U.S. presidential candidate Hillary] Clinton". However over time, when Trump became "more competitive", the purposes of Russia changed, became "more ambitious", and a task began "incline hotly disputable presidential race to the candidate" whose views match the foreign policy pursued by Moscow. At the same time, as writes the edition, the high-ranking Russian officials expected a victory Clinton. The interlocutor of the edition emphasizes that for Moscow the republican's victory on elections became the same surprise, as well as for the rest of the world.
One of the officials polled by The Washington Post considers that in addition to cyber attacks Russia used social media and false news to hurt reputation of the candidate of democrats. Such actions, according to officials of investigation, could be caused by "personal hostility of [President of Russia Vladimir] of Putin to Clinton whom he accused of incitement of demonstrations in Moscow in 2011-2012".
Other politician of the USA who studied the report submitted to Obama, told that "there are different physical evidences and factors which with a high share of probability allow prospecting community to judge" that actions of Russia were aimed at the help to Trump.
USA: the evidence of participation of the Russian hackers in cracking of recording systems of voters is detected
In September, 2016 it was announced that 6 of 8 IP addresses which are allegedly used in the attacks belong to the Russian hosting company. Specialists detected communication between recent attacks on recording systems of voters in the USA and the harmful campaigns performed by the hackers who are presumably connected with the Government of the Russian Federation
Specified technical details of the attacks, including the IP addresses appearing in both incidents in the notification of FBI. According to analysis results, ThreatConnect which is carried out by experts, these IP addresses repeatedly contacted underground Russian hacker forums. In particular, some of them belong to FortUnix Networks company whose infrastructure was operated in attacks to the Ukrainian power companies in December, 2015.
According to specialists, one of the IP addresses (220.127.116.11) in the past was used in the phishing attacks directed to political parties of Turkey and Germany and also parliament of Ukraine. During the research of activity the IP address a number of the additional factors testimonial of its communication with one of the Russian groupings which are presumably working by request of the Government of the Russian Federation was also detected.
Researchers managed to get access to C&C-серверу, used in the above-stated phishing campaign. They detected in total 113 letters written in the Ukrainian, Turkish, German and English languages. As it became clear during the further analysis, one of the domains used for a hosting of phishing content was registered on the e-mail address connected with the domain which was earlier appearing in campaigns of the APT 28 group also known as Fancy Bear, Pawn Storm, Sednit and Sofacy.
FBI began investigation of the attacks of "hackers from Russia" to the American media
In August, 2017 it was announced that FBI and other intelligence agencies of the USA investigate the cyber attacks to The New York Times recorded in recent months and other American editions, reports with reference to the informed sources.
According to interlocutors of TV channel, the investigation believes that attacks to the American media were made by hackers behind whom there is the Russian intelligence, and cracking a part of broader series of attacks aimed including on the Democratic Party of the USA.
According to sources of TV channel, representatives of the American intelligence agencies consider that a series of recent cracking shows that the Russian intelligence agencies use a wave of the attacks, including concerning think-tanks in Washington, for collection of information from a wide range of the non-governmental organizations having reaching political system of the USA.
Media are considered as main goals because can provide valuable information on contacts of reporters in the government and also unpublished materials with confidential information, tells sources of CNN.
The American spyware in networks of authorities and military structures is revealed
FSB announced in July, 2016 detection of the spy software in the computer networks of public authorities, scientific and military organizations, enterprises of defense industry complex and other objects of crucial infrastructure.
It is said in the statement of FSB that viruses infected "computer networks about 20 organizations located in the territory of Russia". Names of these organizations in the message are not specified.
FSB reported that the malware was implemented within professionally planned transaction. Viruses, according to FSB, were in investments to e-mails.
The vice-chairman of the State Duma Committee on Security and Anti-Corruption Activity Dmitry Gorovtsov said that the virus for cyber espionage which was revealed by FSB in the computer networks of state agencies and a MIC was started by the USA, the Govorit Moskva radio station tells .
"It is profitable first of all to Americans. Companies Microsoft Oracle. Their software (I do not speak about "iron" any more) were captivated by everyone and everything, and, of course, they pose a threat for ours information security and not only information security" — he reported.
The deputy noted that detection of a virus is the conclusive proof of the fact that behind the software in Russia control is not set. He added that more than ten years ago the initiative of transfer of all software to domestic analogs did not find support of the majority in this connection, according to the parliamentarian, the country appeared under the threat.
According to Gorovtsov, "the database management system is a key which allows to put aircraft in action, rockets" and it is "not in our hands".
Symantec and Kaspersky: The American state hackers attack Russia
In August, 2016 experts in the field of cyber security announced a mass hacker attack on a number of the countries, including Russia. State institutions, the military and scientific organizations, mobile operators and became the purpose of grouping behind which presumably there are American intelligence agencies.
The USA accuses Russia of cracking of e-mail of Democratic party
In June, 2016. The U.S. Government stated that the computer network of National committee of Democratic Party of the USA was twice hacked: in the summer of 2015 and in April, 2016. The attacks performed the hacker Cozy Bear and Fancy Bear groupings. Criminals got access to chats and mail of politicians of a democratic wing and also found them the file on the candidate for president from republicans Donald Trump.
As hackers did not become interested in financial data of democrats, defined the purpose of cracking not as enrichment, and as espionage. The most probable candidate for a role of the cyberspy of the USA considered Russia which denied any participation in the attacks. During the discussion some Americans started talking that it is impossible to accuse other countries of cyber espionage when Washington too constantly is engaged in it.
Correspondence of DNC was published on July 23 on the WikiLeaks website. In leak there were more than 19 thousand e-mails and more than 8 thousand documents from office correspondence of key functionaries of DNC (the chief financial officer Jordon Kaplan, the director of communications Louis of Miranda and some other) during the period from January, 2015 to May, 2016.
The U.S. President Barack Obama in an interview of NBC did not exclude that the Russian hackers can be involved in cracking of servers of Democratic Party of the USA and leakage of correspondence of the party management.
The Russian President's Press Secretary Dmitry Peskov responded to charges of democrats of the USA with a denial about any participation of the authorities or authorities of Russia in the hacker attacks.
The hackers who cracked the Democratic Party of the USA could leave "the Russian mark" intentionally. Representatives of U.S. intelligence told Reuters agency about it. Experts on the condition of anonymity told that hackers intentionally wanted to expose themselves Russians, leaving the Cyrillic characters in metadata and stopping activity on religious and public holidays of Russia.
Sources of Reuters in the American intelligence community told why it is undesirable to accuse Russia of participation in the last hacker attacks. According to them, it can lead to global confrontation with Moscow. if the White House publicly accuses the Russian intelligence agencies of hacking, then from it will demand to open proofs of their participation which base on information from absolutely confidential sources and absolutely confidential methods. Response of the USA against Russia in a cyberspace will lead, according to interlocutors of Reuters from an intelligence community, to fast escalation of mutual counter-measures. They are afraid that at worst the Russian hackers will get into the American power supply systems, financial institutions and other significant infrastructure facilities.
The Russian President Vladimir Putin considers that cracking of National committee of Democratic Party of the USA and the subsequent publication of the stolen e-mails and documents brought undoubted benefit to society, however Russia has no relation to it.
"Unless matters who cracked? The main thing – information provided to society, – the president said in an interview to journalists of Bloomberg on September 2, 2016. – You should not distract public attention from a true problem, bringing up the unimportant questions connected with search of those who made it. However I repeat once again that I do not know of it, and at the state level Russia has no relation to it".
The head of the NSA called Russia the most dangerous country in a cyberspace
In April, 2016 the head of US Cybercom, the director of National Security Agency and the head of the Central security service admiral Michael Rogers turned on Russia in the list of the main threats in a cyberspace. Moreover, in the report it mentioned it first of all. The report was submitted to the Armed Services Committee which chairman, John McCain adhering to tough policy in relation to Russia by the way, is .
Michael Rogers called Russia the main threat in a cyberspace
In the report it is said that Russia along with China, Iran and North Korea is included into group of the countries for which activity in a cyberspace a command Rogers "observes most fixedly".
The states that we watch most closely in cyberspace remain Russia, China, Iran, and North Korea. Russia has very capable cyber operators who can and do work with speed, precision, and stealth. Russia is also home to a substantial segment of the world's most sophisticated cyber criminals, who have found victims all over the world. We believe there is some overlap between the state-sponsored and criminal elements in cyberspace, which is of concern because Russian actions have posed challenges to the international order.
"In Russia there are rather powerful cyberforces capable to work with a high speed and accuracy, remaining in the shadow. In Russia some of the most professional cyberswindlers also live in the world whose victims are around the world. We assume that there is a communication between the hackers acting at the request of the authorities and criminal elements in a cyberspace. It causes concern because actions of Russia break a world order" — Rogers said.
Russia is forced to spend $250 million for cybercontrol of the USA
Thus, Russia intends to follow the doctrine similar to nuclear control. She assumes that weapon is created not for approach and to keep the opponent from use of the same weapon.
Annually Russian authorities are going to spend $200-250 million for creation of a cyber weapon, SC Magazine UK told the source close to the Ministry of Defence of the Russian Federation. A part of these means will be directed to development of the harmful computer programs capable to cause damage to operations control rooms enemy troops and to elements of critical infrastructure, including banking systems, power plants and airfields.
The representative of FSB of Russia on the condition of anonymity reported to SC Magazine UK that formation of a system of control in a cyberspace is response on the similar measures announced by the USA at the beginning of 2015. He added that Russia is among the countries which aim to find opportunities to prevent the conflicts in a cyberspace.
Charges of Russia of the attacks to the American companies working with confidential data
Researchers of the Californian company FireEye specializing in protection of cyber security tried to find out who made the way in the summer of 2014 in corporate network of one of the American companies in which confidential military these were stored.
They found out that the virus capable to infect the computers which even are not connected to the Internet got into a local network and also to disappear from detection.
The program which received the name Sofacy was created using Russian, and development took place in working hours Moscow time. Researchers came to a conclusion that in this case spyware sponsored the state — and it is about Russia.
Analysts of FireEye note that they were surprised when this company addressed them: in spite of the fact that it lost confidential data, cracking was made obviously not by hackers from China.
The tools used for cracking were reliably protected: they ciphered the stolen data so that they reminded traffic from e-mail of the victim. According to in FireEye, the group which developed them is active at least since 2007 and regularly updates the programs.
Artem Baranov, the leading virus analyst of ESET Russia, reported to Gazeta.ru that the data provided by FireEye are comparable to observations of analysts of ESET and other anti-virus companies. In particular, it is about attacks on the Georgian users in August, 2008 when there was a conflict of Russia and Georgia. In these attacks the malware of the Russian origin BlackEnergy written by the Russian author was used. The mechanism of its distribution is similar to the mechanism described by FireEye company in the report.
As for countries of Eastern Europe, our research laboratory already published information on participation of a bot of BlackEnergy in the attacks on these countries.
Computers with confidential information often disconnect from the Internet for protection against leaks, however to transfer to them data, USB sticks were used. Through them Sofacy could also get on the protected computers.
Authors of the code regularly made changes to it from 8 in the morning to 6 in the evening Moscow time that suggests researchers an idea that the program was written in office. On the majority of computers on which hackers worked Russian was used.
Except FireEye earlier other companies which are engaged in protection against cyber crime published three more reports in which it was announced connection of Russia with the difficult hacker attack which took place in 2007. The attacks are more whole NATO, the governments of the countries, neighboring to Russia, and also Science Applications and Academi LLC companies cooperating with the Ministry of Defence of the USA were among.
From these researches the American experts draw a conclusion: Russia has a team of high quality hackers using which the country spies on other states.
The director of the National intelligence of the USA John Klepper noted that if to speak about cyber attacks, Russia disturbs him more, than China.
Besides, it is difficult to distinguish the Russian hackers criminals from the hackers working for the state as both that and others use as the tools developed by criminal groups of hackers and the tools developed by the state, Klepper added. So, the USA still did not manage to be found out who exactly stood behind date leak about a confidential military system in 2008.
Charges of Russia of cyber espionage
At the beginning of 2014 the American company on cyber defense of CrowdStrike accused Russia of large-scale espionage in the western and Asian companies, follows from the report of CrowdStrike. CrowdStrike stated that it locates proofs of the espionage in the American, European and Asian energy and medical companies and public institutions organized by the Russian government. The purpose of Russia is gain of economic positions in primary branches of the industry, the technical director of CrowdStrike Dmitry Alperovich said.
The group of the Russian hackers whose activity CrowdStrike monitored within two years — in 2012-2013 is called Energetic Bear. According to the company, hackers implemented implementation of the malware through popular programs for reading documents, such as Adobe Reader. Believe in the companies that activity of group was performed for the benefit of some Russian structures, perhaps, with assistance of the Russian government organizations what point technical performances to and also the analysis of objects of espionage and the stolen data. So, according to CrowdStrike, all subjects to the attacks of the Energetic Bear group were outside the Russian Federation: the most part from them (about 25%) in the USA, more than 25% — in the European Union countries, about 12% in Japan, etc., in only 23 countries.
Also hackers from China and Iran and "The Syrian electronic army" are mentioned in the annual report of CrowdStrike on cyberthreats. Earlier CrowdStrike accused of espionage of the power of China in 2005, however China actively rejected charges.
Intelligence of the USA: Russia uses computers for theft of technology data at the American companies
Times of Cold War passed long ago, but the USA does not cease to see an aggressor in Russia: this time the American government seriously is afraid of the cyberthreats proceeding from the former Soviet Union.
Aggressively carrying out cyber espionage worldwide, the USA is afraid of response from China, Russia and other countries. They believe that such attacks can be aimed at collecting of strategic information on pharmaceutical and industrial enterprises. It is said in the official report of National administration of counterintelligence of the USA (Office of the National Counterintelligence Executive). It also contains recommendations about gain of protection of corporate information networks.
"Figures from China are the most active participants of economic espionage, moreover – on their conscience the greatest load of fault", the report says. lies. The following is told about Russia: "The Russian intelligence agents hold a number of events for collection of information, including about technologies, in the territory of the USA".
Times of Cold War passed long ago, but the USA does not cease to see an aggressor in modern Russia and is afraid of a cyber war
Information on smartphones and laptops is also the attractive purpose for cyberspies. Cryptographic tools, multilevel authentication and monitoring of networks in real time should help with protection of these devices.
So, in the report as the negative example is given a case with Dongfan Chung, the engineer of Rockwell and Boeing who worked on creation of the B-1 bomber and stored about 250 thousand documents on the project at home.
In November, 2011 "the Russian hackers" were unsubstantially accused of the attack as a result of which on water station near the American Springfield the water pump servicing about 2 thousand inhabitants in rural areas was put out of action.
The American experts consider this incident the first in own way – foreign hackers carry out the successful cyber attack aimed at an industrial facility in the territory of the USA.
CIA blows up the Soviet gas pipeline
Staff of the American CIA implemented a bug in the Canadian software managing gas pipelines. The Soviet investigation received it software as object of industrial espionage and implemented on the Trans-Siberian pipeline. The most Big non-nuclear Bang in the history of mankind which happened in 1982 became result.
- Censorship on the Internet. World experience
- Censorship (control) on the Internet. Experience of China
- Censorship (control) on the Internet. Experience of Russia, Roskomnadzor
- Law on regulation of Runet
- VPN and privacy (anonymity, anonymizers)
- Protection of critical information infrastructure of Russia
- Law On security of critical information infrastructure of the Russian Federation
- National Biometric Platform (NBP)
- Single Biometric System (SBS) of these clients of banks
- Biometric identification (market of Russia)
- Directory of solutions and projects of biometrics
- Digital economy of Russia
- Information security of digital economy of Russia
- SORM (System for Operative Investigative Activities)
- State detection system, warnings and mitigations of consequences of the computer attacks (State system of detection, prevention and elimination of consequences of computer attacks)
- National filtering system of Internet traffic (NASFIT)
- Yastreb-M Statistics of telephone conversations
- How to bypass Internet censorship of the house and at office: 5 easy ways
- The auditor - a control system of blocking of the websites in Russia
- The Single Network of Data Transmission (SNDT) for state agencies (Russian State Network, RSNet)
- Data network of public authorities (SPDOV)
- Single network of telecommunication of the Russian Federation
- Electronic Government of the Russian Federation
- Digital economy of Russia
- Cyber crime in the world
- Requirements of a NIST
- Global index of cyber security
- Cyber wars, Cyber war of Russia and USA
- Cyber crime and cyber conflicts: Russia, FSB, National coordination center for computer incidents (NKTsKI), Information Security Center (ISC) of FSB, Management of K BSTM of the Ministry of Internal Affairs of the Russian Federation, Ministry of Internal Affairs of the Russian Federation, Ministry of Defence of the Russian Federation, National Guard of the Russian Federation
- Cyber crime and cyber conflicts: Ukraine
- Cyber crime and cyber conflicts: USA, CIA, NSA, FBI, US Cybercom, U.S. Department of Defense, NATO, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA)
- Cyber crime and cyber conflicts: Europe, ENISA
- Cyber crime and cyber conflicts: Israel
- Cyber crime and cyber conflicts: Iran
- Cyber crime and cyber conflicts: China
- As the USA spied on production of chips in the USSR
- Security risks of communication in a mobile network
- Information security in banks
- Digital transformation of the Russian banks
- Overview: IT in banks 2016
- The policy of the Central Bank in the field of data protection (cyber security)
- Losses of the organizations from cyber crime
- Losses of banks from cyber crime
- Trends of development of IT in insurance (cyberinsurance)
- Cyber attacks
- Overview: Security of information systems
- Information security
- Information security (world market)
- Information security (market of Russia)
- The main trends in data protection
- Software for data protection (world market)
- Software for data protection (the market of Russia)
- Pentesting (pentesting)
- Cybersecurity - Means of enciphering
- VPN - Virtual private networks
- Security incident management: problems and their solutions
- Authentication systems
- Law on personal data No. 152-FZ
- Personal data protection in the European Union and the USA
- Quotations of user data in the market of cybercriminals
- Virus racketeer (encoder)
- WannaCry (virus racketeer)
- Petya/ExPetr/GoldenEye (virus racketeer)
- Malware (malware)
- APT - Targeted or target attacks
- DDoS and DeOS
- Attacks on DNS servers
- DoS-attacks on content delivery networks, CDN Content Delivery Network
- How to be protected from DDoS attack. TADetails
- Fraud Detection System (fraud, fraud, fraud detection system)
- Solutions Antifraud directory and projects
- How to select an antifraud system for bank? TADetails
- Security Information and Event Management (SIEM)
- Directory of SIEM solutions and projects
- Than a SIEM system is useful and how to implement it?
- For what the SIEM system is necessary and as it to implement TADetails
- Intrusion detection and prevention systems
- Reflections of local threats (HIPS)
- Confidential information protection from internal threats (IPC)
- Phishing, DMARC, SMTP
- Botha's botnet
- Worms Stuxnet Regin
- Information loss preventions (DLP)
- Skimming (shimming)
- Sound attacks
- Antispam software solutions
- Classical file infectors
- Cybersecurity: means of protecting
- Backup system
- Backup system (technologies)
- Backup system (security)
- ↑ Exclusive: Russia carried out a 'stunning' breach of FBI communications system, escalating the spy game on U.S. soil
- ↑ Google and Facebook responded to charges of intervention in elections
- ↑ Americans were recognized in cyber attacks to the Russian infrastructure
- ↑ We are taking new steps against broadening threats to democracy
- ↑ In the U.S. NSA the cyberdivision for fight against Russia is created
- ↑ of the USA officially accused the Russian Federation of cyber attacks to power plants
- ↑ of Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors
- ↑ the White House prepared large-scale cyber attack to Russia
- ↑ [http://www.vestifinance.ru/articles/94062 of Google wants to filter "the Russian propaganda" Learn more: http://www.vestifinance.ru/articles/94062]
- ↑ the Head of CIA accused RFI WikiLeaks of destabilization of the western democracy
- ↑ Trump says discussed forming cyber security unit with Putin
- ↑ by The Washington Post: The USA developed a secret cyber weapon for the response to the hacker attacks from Russia
- ↑ of Obama's secret struggle to punish Russia for Putin's election assault
- ↑ Justice Dept. charges four Russia-backed hackers over Yahoo breach
- ↑ US indictments over Yahoo hacks
- ↑ Putin accused of direct participation in the hacker attacks in the USA
- ↑ U.S. intelligence: Putin personally ordered to begin the hacker attacks in the USA
- ↑ U.S. intelligence: Putin personally ordered to begin the hacker attacks in the USA
- ↑ Intelligence of the USA considered Russia by large threat in a cyberspace
- ↑ U.S. President imposed new sanctions against Russia in connection with a kiberatakamiministerstvo
- ↑ of internal security and Federal bureau of investigation of the USA published the joint report on cyber attacks which, according to departments, were organized by the Russian intelligence and are directed against the American government and private institutions. The text of the report is available on the website of the Computer command of the emergency readiness of the USA — divisions of the National Cyber Security Division of the ministry of internal security. According to the report, the attacks were directed to objects of critical infrastructure, government agencies, the political organizations, scientific institutes and the universities and corporations; theft of data was their purpose.
- ↑ of media disclosed report details about "intervention of Russia" in elections of the USA
- ↑ of company ThreatConnect ThreatConnect Identifies Infrastructure Nexus Between Attacks Against State Election Boards and Spearphishing Campaign Against Turkish, Ukrainian Governments
- ↑ [http://www.securitylab.ru/news/483749.php of 6 of 8 IP addresses used in the attacks
- ↑ belong to the Russian hosting company].
- ↑ [http://edition.cnn.com/2016/08/23/politics/russia-hack-new-york-times-fbi/index.html CNN First on CNN
- ↑ : FBI investigating Russian hack of New York Times reporters, others]
- ↑ of FBI began investigation of the attacks of "hackers from Russia" to the American media
- ↑ Hackers attacked the Moscow bureau The New York Times
- ↑ In Yarovaya's committee accused the USA of cyber attacks to state agencies
- ↑ [http://www.cnews.ru/news/top/2016-08-09_symantec_i_kasperskij_amerikanskie_goshakery Symantec and Kaspersky banks
- ↑ : The American state hackers attack Russia]
- ↑ RBC: Russia is accused of email hacking of democrats
- ↑ Peskov Clinton disproved participation of the Russian Federation in email hacking
- ↑ the American intelligence agents considered unprofitable to accuse Russia of hacking
- ↑ STATEMENT OF ADMIRAL MICHAEL S. ROGERS COMMANDER UNITED STATES CYBER COMMAND BEFORE THE SENATE ARMED SERVICES COMMITTEE 5 APRIL 2016 (PDF)
- ↑ [http://www.cnews.ru/news/top/2016-04-07_glava_anb_nazval_rossiyu_glavnoj_ugrozoj_v_kiberprostranstve the Head of the NSA
- ↑ called Russia the most dangerous country in a cyberspace]
- ↑ SC Magazine UK CNews: Russia will spend $250 million for cybercontrol of the USA
- ↑ [http://www.gazeta.ru/tech/2014/10/27_a_6279345.shtml Russian hackers
- ↑ frightened America]
- ↑ Russia accused of large-scale cyber espionage