F.A.C.C.T. (formerly Group-IB in Russia)

History

2024

TAdviser interview with Business Development Manager Indira Kayumova

The company's experts AUXO , the head of the security Aleksei Medvedev department and the Indira Kayumova business development manager TAdviser , spoke in an interview about the new partnership with F.A.C.C.T., about the information security solutions of the new partner, plans for future cooperation and, of course, about the current situation on the Russian market. cyber security Read more here [2]

Cybersecurity partnership with Auxo

IT integrator AUXO and the F.A.C.C.T., a developer of technology to combat, cybercrimes announced a partnership on April 10, 2024 to prevent the topical. cyber threats Read more here.

2023

Kazakhstan extradites F.A.C.C.T. employee accused of hacking company's IT systems to Russia

On December 21, 2023, the Prosecutor General's Office of the Russian Federation announced the decision of the Kazakh authorities to extradite to Russia an employee of the F.A.C.C.T. (former Group-IB) Nikita Kislitsin, accused under Part 3 of Art. 272 of the Criminal Code of the Russian Federation (illegal access to computer information protected by law) and sub-item "a," "g" part 2 of Art. 163 of the Criminal Code of the Russian Federation (extortion). Read more here.

Verdict to the founder of the company Ilya Sachkov - 14 years in prison in the case of treason

The founder of Group-IB (the new name of the company is F.A.C.C.T.) Ilya Sachkov received 14 years in prison in the case of treason (Article 275 of the Criminal Code of the Russian Federation). The corresponding verdict was passed on July 26, 2023 by the Moscow City Court. Read more here.

Creating a 24-hour Cybersecurity Center

On July 6, 2023, F.A.S.S.T. announced the creation of a 24-hour Cybersecurity Center - the Central Committee of the F.A.S.S.T. (Cyber ​ ​ Defense Center). The purpose of this structure is to continuously respond 24/7 to complex cyber attacks and proactive threat detection against the backdrop of a growing number of information security incidents among Russian companies - banks, telecom operators and IT corporations, retail, industrial enterprises and fuel and energy complex facilities.

Yaroslav Kargalev, ex-head of CERT-GIB (Cybersecurity Incident Response Center 24/7/365), has been appointed head of the F.A.S.S.T. Cybersecurity Center. Unlike the classic Security Operation Center (SOC), whose specialists are responsible for monitoring cyber threats and interacting with clients, experts from the F.A.S.S.T. Central Committee themselves respond to incidents for their operational localization, and also conduct a proactive search for cyber threats (Threat Hunting).

In the Central Committee of F.A.S.S.T., two support lines are structurally allocated. The former conducts round-the-clock alert monitoring, incident analysis and attribution of cyber threats to a criminal group or specific attacker based on F.A.C.C.T. Threat Intelligence's own cyber intelligence data.

The second line of support for the Central Committee of F.A.S.S.T. focuses on proactively identifying traces of cybercriminals in the customer infrastructure, as well as actively responding to incidents and countering attackers, thereby protecting companies from complex targeted attacks involving financially motivated cyber-criminal groups, including ransomware, or pro-state hackers.

In 2023, the number of cyber incidents continues to grow in Russia. In the first six months of 2023, F.A.C.C.T. experts recorded 114 leaks from Russian commercial companies and government organizations. For the same period in 2022, there were 109. In the first half of June 2023, compared to the first half of June 2022, the number of leaked lines of user data increased more than 11 times - to 62.1 million. The growth of Incident Response - responses to cyber incidents in January-May was 43% (9 out of 10 attacks were related to ransomware).

The company noted that in the arsenal of specialists of the Center for Cybersecurity are the developments of F.A.C.C.T., included in the Register of Domestic Software: Managed XDR solution for proactive search, protection against complex and unknown cyber threats, as well as the Threat Intelligence system (cyber intelligence) to prevent cyber attacks at the stage of their preparation, as well as other technologies patented in Russia to study activity on the darknet, search for connections between infrastructure for attack and specific attackers, etc.

Arrest of the head of the network security development department

On June 22, 2023, Nikita Kislitsyn was detained in Kazakhstan, who is in charge of the F.A.C.C.T. (formerly Group-IB in Russia and the CIS) for developing a network security business. This was reported in the press service of the company. Read more here.

Sale of Russian business to local management

Local management bought out the Russian business Group-IB. At the same time, the new owners retained all contracts with Russian customers, as well as products, technologies and services developed in the country. In turn, Group-IB will be represented only on the international market. This was reported on April 20, 2023 in RBC with reference to the official statement of the company.

As specified, the Russian company will continue to operate under the F.A.C.C.T. brand (stands for Fight Against Cybercrime Technologies) and will provide cybersecurity services in the same volume. The head of F.A.S.S.T. was Valery Baulin, who previously held the post of regional director of Group-IB.

The start of the process of separating Russian business from the global Group-IB was announced in early July 2022. During the final stage of asset separation, co-founder and CEO of Group-IB Dmitry Volkov sold his stake to Baulin and resigned from the shareholders. The amount of the transaction was not disclosed. The main shareholder of the Russian legal entity under the F.A.S.S.T. brand is still the founder of Group-IB Ilya Sachkov.

As of April 20, 2023, the shares of ownership in the Russian company F.A.C.C.T. are distributed as follows: Ilya Sachkov - 37.5%, Altera Capital - 25%, Alexey Kozyrev - 15%, Cyberinvest - 12.5%, Valery Baulin - 10%.^[1]

2022

Launch of the Information Security Laboratory at the Moscow Aviation Institute

Group-IB announced on October 18, 2022, the launch of a pilot project of the Information Security Laboratory based on the IT Center and Department 806 of the Moscow Aviation Institute (MAI). As part of the partner master's course, MAI students were the first to be able to conduct laboratory work using Group-IB Managed XDR, a complex of high-tech solutions for advanced detection, response and protection against complex and unknown cyber threats. After completing the course, the best of the graduates will be able to take an internship at the company. Read more here.

Appointment of Valery Baulin as Regional Director in Russia and the CIS

On July 8, 2022, Group-IB announced the appointment of Baulin as Regional Director in Russia and SNGValeriy, who was previously responsible for business development in the direction of Cybersecurity Services. Read more here.

Group-IB began to separate its Russian business from the global

On July 6, 2022, Group-IB announced the beginning of the separation of Russian business from global. It is planned to create a new autonomous structure, which will be managed by local managers.

The company's business in Russia and the CIS will now develop independently, - said the press service of Group-IB. Who will lead the Russian structure is not specified.

It is noted that restructuring means a complete separation of financial flows of Russian and international assets of Group-IB. The company's Russian revenue will be fully spent on the development of local business. Over the next six months, the ownership structure and composition of shareholders in global and local assets will also be changed, Group-IB said in a statement on July 6, 2022.

By this time, the first stage of the separation of Russian assets from international business has been completed. The company emphasizes that each regional division of Group-IB - in, in Russia, To Europe Southeast, Asia on - Middle East is self-sufficient and has the necessary technological infrastructure, as well as a staff of experts capable of ensuring the functioning of key business areas (product development for prevention, cyber attacks incident response, computer forensics, 24/7 CERT, data collection and analysis, Threat Intelligence pentesting, cybercrime research, etc.).

At the same time, Group-IB plans to accelerate the global program for the exchange of expertise and relocation, which began in 2019 simultaneously with the opening of the global headquarters in Singapore. At the same time, in all regions of its presence, Group-IB will continue to search for and hire talented specialists.

Amid global and market uncertainty, we have made a number of decisions to be able to continue to follow this mission regardless of external circumstances. We believe that this step will give us more market freedom and will speed up business development in all regions of Group-IB's presence, "explained Dmitry Volkov, CEO of the company.[2]

Group-IB Offices, Products and Services

Group-IB is one of the developers of solutions for detecting and preventing cyber attacks, detecting fraud, researching high-tech crimes and protecting intellectual property on the network. The global headquarters is located in Singapore. The company's cyber threat research centers for May 2022 are located in the Middle East (Dubai), Asia-Pacific (Singapore), Europe (Amsterdam) and Russia (Moscow).

The headquarters of the regional division of Group-IB (Russia and the CIS) is located in Moscow. The company is a resident of Skolkovo and Innopolis.

The company's technological position and capabilities in the field scientific of research and development are based on practical experience in cybercrime research around the world and more than 70,000 hours of incident response information security accumulated computer in the forensic laboratory and the 24-hour CERT-GIB rapid response center (data as of July 2022).

Products and Services

Unified Risk Platform is a single platform for Group-IB solutions and services to protect against cyber risks associated with targeted attacks, data breaches, fraud, phishing, illegal brand use. The platform combines the capabilities of protecting the company's internal infrastructure, its external perimeter, its intellectual property (brand), as well as protecting the services it provides from fraud directed at its customers.

As of July 2022, the Group-IB Unified Risk Platform included:

• Group-IB Threat Intelligence opens access to data on the behavior of attackers.
• Group-IB Managed XDR enables organizations to respond quickly to threats. At the same time, it provides a return on investment.
• Group-IB Digital Risk Protection reduces digital risks to brands and protects intellectual property from fraud, piracy, data breaches. The Group-IB solution detects pirated content and fixes violations.
• Group-IB Fraud Protection detects and prevents attempts at financial fraud, reduces the number of false positives of transactional anti-fraud systems.
• Attack Surface Management monitors IT assets forgotten by the company, unprotected sections of the infrastructure, incorrectly configured network elements that attackers can use. Within the Unified Risk Platform, the solution allows you to see the entire attack surface from the point of view of the attacker in order to quickly and proactively strengthen weaknesses.
• Business Email Protection protects corporate email from complex attacks. The solution tracks compromise indicators, identifies behavioral markers of malicious activity, and retrieves artifacts to identify dangerous emails before they are delivered.

Company services (as of July 2022):

• Prevention. Audit and, consulting check the reliability of employees and partners, proactive protection against DDoS-attacks
• Response. 24-hour assistance from CERT-GIB Rapid Response Center.
• Investigation. Forensic laboratory involved computer in international investigations.

Participation in the operation to detain the leader of the hacker group SilverTerrier

On May 25, 2022, Interpol announced the arrest of the alleged leader of the hacker group SilverTerrier (also known as TMT). The Russian company Group-IB took part in this international operation, called Delilah. Read more here.

Main activities

The main activities of the company as of May 2022 were:

• Cyber Threat Early Warning System: An ecosystem of threat monitoring, detection and prevention solutions based on the Group-IB team's extensive experience, in-depth analysis of targeted attacks and the most relevant intelligence from the world of cybercrime.
• Threat Intelligence & Attribution. A system for investigating and attributing cyber attacks, hunting threats and protecting network infrastructure based on data on attackers' tactics, tools and activity.
• Threat Hunting Framework. Reactive protection and proactive threat hunting inside and outside your network
• Fraud Hunting Platform. From preventing online fraud in real time to identifying an attacker
• Digital Risk Protection. Identification and elimination of digital risks based on artificial intelligence

Group-IB Threat Intelligence is a cyber attack research and attribution system that contains structured data on attackers' tactics, tools and activity with the ability to personalize for a specific industry or company. Group-IB TI allows you to build a proactive information security system focused on protecting the company's assets with a low number of false incidents.

This is the result of the combination of Group-IB's great experience in investigating, collecting and analyzing information about information security incidents, attacks, attackers and their infrastructure.

Italian authorities asked government agencies to replace Group-IB information security solutions

At the end of April 2022, the National Agency cyber security Italy (ACN) issued a circular recommending government agencies to replace, and software Kaspersky Lab Group-IB for Positive Technologies products from other manufacturers. More. here

2021

Sanctions of Ukraine

In early November 2021, President of Ukraine Volodymyr Zelenskyy introduced new sanctions against Russian companies and institutions, including:

• Information security company Group-IB;
• Reg.Ru Domain Name Registrar

Read more here.

Dmitry Volkov - the new head of Group-IB

At the end of September 2021, Dmitry Volkov headed Group-IB after the arrest of its CEO Ilya Sachkov, who was accused of high treason. Read more here.

Searches, arrest of the founder of the company on suspicion of treason

On September 28, 2021, searches were carried out at the Group-IB office in Moscow. The founder and CEO of the company, Ilya Sachkov, was detained and subsequently arrested for 2 months by decision of the Lefortovo District Court. He is suspected of treason. More on the charge here.

RTVI became aware of the conduct of operational measures at the Group-IB headquarters from a law enforcement source. Journalists of the TV channel said that near the headquarters on Sharikopospipnikova Street there were armed people in camouflage, who refused to comment on the situation. Later, correspondents failed to get through to either Sachkov or co-owner of the company Dmitry Volkov.

On the morning of September 29, 2021, the press service of Group-IB issued a statement in which it confirmed the operational measures in its office, specifying that law enforcement officers left the building in the evening of the same day.

The company also noted that as of the morning of September 29, 2021, they do not have information about the reasons for the operational-search activities, and the top management and legal services are working to clarify the situation.

Group-IB assured that customer service is proceeding normally, "the territorial distribution of the company's infrastructure in 24/7 mode ensures the security of customer data and the operability of all Group-IB services, as well as critical business processes in Russian and international offices of the company."

Opening of headquarters in Dubai

At the end of May 2021, Group-IB announced the opening of a headquarters in Dubai. Within a year and a half, the company intends to hire at least 50 local specialists. First of all, it is planned to recruit experts in the field of computer forensics, trethunters and analysts Threat Intelligence & Attribution.

Group-IB calls its Dubai headquarters a center for research and attribution of cyber threats in the Middle East and Africa, which, according to the company, will help more effectively interact with international law enforcement agencies and cyber police in various countries.

This is an important stage towards achieving a strategic goal: the creation of the first ever decentralized global cybersecurity company with research centers in key financial regions of the world, "said Group-IB CEO Ilya Sachkov, quoted in a press release.

According to him, the office in Dubai should become one of the key strongholds for coordinating the international fight against cybercrime.

The Group-IB team in Dubai will play a key role in exploring the regional threat landscape, Interpol Director of Cybercrime Investigation Craig Jones said at the opening ceremony of Group-IB's headquarters in the Middle East.

As part of the development of Interpol's global cybercrime program in the world, we plan to further expand our partnership with Group-IB, including as part of operational activities to combat cybercrime. In the Middle East, this will be facilitated by interaction with the new office of the company, he said.

The opening ceremony of the Group-IB headquarters in Dubai was also attended by representatives of more than 30 Group-IB clients in the region - banks, insurance companies, energy sector enterprises and government agencies.^[3]

Distribution Agreement with Axoft

Group-IB, an international company specializing in the prevention of cyber attacks and the investigation of high-tech crimes, and Axoft, a global service IT software distributor, announced the signing of a distribution agreement on April 13, 2021. Read more here.

2020

Group-IB's research and development capabilities are based on 17 years of practical investigation experience cybercrimes around the world and more than 65,000 hours of incident response information security accumulated in a computer forensics laboratory and a 24-hour rapid response center. CERT-GIB The company is a resident. Skolkovo Group-IB is a Europol partner, a provider of solutions in the field cyber security recommended by the OSCE.

Status as a Trusted Solution and Service Provider from Gartner

Group-IB Fraud Hunting Platform technologies to protect against online fraud in Internet banking and e-commerce services have been recognized by Gartner, and the agency has awarded Group-IB the status of a reliable provider in the category "Online Fraud Detection Solutions." In addition, Gartner has assigned Group-IB the status of a reliable service provider (Representative Vendor) in the category "Computer forensics and response to information security incidents."

Main activities

As of 2020, Group-IB (formerly the Information Security Group, AIBI TDS Group) is a developer of solutions for detecting and preventing cyber attacks, detecting fraud and protecting intellectual property in a network headquartered in Singapore. It was founded in 2003 as an IT incident investigation team. He works in the field of computer forensics, consulting and audit of information security systems. The Group-IB experience is embodied in the early detection system of cyber threats - a line of products for monitoring, detecting and preventing cyber threats, based on threat intelligence data and analysis of real hacker attacks.

"Information Security Group " is the first Russian non-state company^[4], providing services for investigating incidents in the field^[5] information technology, as well as providing a full range of information security services on a commercial basis.

Group-IB's expertise in threat searching and cyber intelligence has been integrated into a range of solutions that brings together extremely sophisticated software and system software, with the goal of monitoring, detecting and preventing cyber attacks. Group-IB's mission is to protect customers in cyberspace by creating and using innovative products and solutions.

The brand promoted in foreign markets is Group-IB.

The main activities of the company in 2020 were:

• Monitoring and Prevention of Cyber Threats
• Protect customers from targeted attacks, including those using previously unknown malicious code
• Incident Response information security by 24-Hour Center Specialists CERT-GIB
• Information Security Audit and Consulting
• Fighting piracy
• Brand protection on the Internet
• Computer crime investigation
  • conducting a computer examination
  • search for information and analyze data for investigation
  • legal support on legal matters
  • computer forensics
  • investigations, financial investigations

Subscription cyber intelligence: monitoring, analyzing and predicting threats to the company, its customers and partners

• Strategic Information for Weighted Risk Assessment and Prioritization of Threats
• Operational data for preparing for attacks and configuring protection systems
• Tactical indicators that minimize response time to an incident

Opening of headquarters in Europe

On November 12, 2020, Group-IB announced the opening of a European headquarters. The office is located in Amsterdam.

The choice of a place to open a representative office in the European Union in the company was explained by the fact that Holland is one of the key players in the world of cybersecurity. The country has the head office of Europol, The Hague Security Delta security cluster, the NATO Cybersecurity Agency and the European Cybersecurity Information Center, Group-IB noted.

The Group-IB team in Amsterdam will deal with the following areas: cybercrime investigation, computer forensics, incident response, information security audit, protection against digital risks. The new headquarters is staffed by Threat Intelligence analysts, who research cyber threats relevant to the region, track the activity of both pro-state (APT, Advanced Persistent Threat) and financially motivated groups attacking government and business targets around the world.

According to Group-IB, by November 2020, Europe is attacked by at least 16 APT groups, numerous ransomware virus operators and Internet scammers. Also found in the Netherlands were victims of banking Trojans, including the infamous Dridex, Qbot and Trickbot.

The CEO and founder of Group-IB Ilya Sachkov noted that the company operates in most countries, Europe protecting customers in,,,, and France. Germany Italy Spain Great Britain According to him, even before the official announcement of the opening of an office in Amsterdam, Group-IB received several offers of cooperation from potential European partners.

Previously, Group-IB has already organized training events in the Netherlands and conducted training for bank security services and local law enforcement agencies, including employees of the European Cybercrime Center (EC3).

Group-IB participates in TAdviser IT Security Day conference

On June 30, Anton Fishman, Head of System Solutions at Group-IB, at the TAdviser IT SECURITY DAY 2020 conference , will talk about current cyber threats in 2020, as well as new technological trends in preventing cyber attacks. The challenges of this year related to the pandemic, the transition to remote work and the increase in the number of cyber attacks and financial fraud have set business non-standard tasks. How to protect your infrastructure, employees and assets?

Anton Fishman will tell:

• What cyber threats have appeared recently for small and medium-sized businesses, bank customers
• How to make sure employees return to offices completely safe from remote work and# StayCyberSafe
• Group-IB Threat Detection System Cases and Capabilities as a Defense Against Today's Changing Threats

Group-IB is an official partner of the IT SECURITY DAY 2020 conference.
Join for details.

US authorities accused Group-IB top manager of selling social network data

In early March 2020, it became known about the accusations made by the US authorities against the head of the network security department of the Russian Group-IB Nikita Kislitsin. He is suspected of trying to sell the data of users of the social network Formspring in 2012. Read more here.

2018: Global headquarters opened in Singapore

In November 2018, it became known about the plans of Group-IB to open a global headquarters in Singapore as part of international expansion. This was reported by the Reuters news agency with reference to the co-founder and CEO of the company Ilya Sachkov. Read more here.

2017

Open Brand Protection

On September 28, 2017, Group-IB announced the opening of the Brand Protection direction. Its specialists will be responsible for monitoring and preventing economic crime and brand fraud. With the opening of a separate area, the company plans to launch an online service where customers will monitor the process of eliminating violations, and actively develop their own TECont, including for the foreign market. Read more here.

Partnership with MTS

In September 2017, MTS PJSC, a telecommunications operator in Russia, and Group-IB signed an agreement on cooperation in the field of preventing computer crimes and investigating incidents, as well as protecting MTS and its customers on the Internet. The ultimate goal of joint projects of companies is to increase the overall level of information security in Russia.

Within the framework of the agreement, MTS and Group-IB will exchange data in the field of cyber threats, provide each other with organizational and methodological support, and assist with technical, financial and personnel resources. In particular, MTS will provide access to the knowledge base of its information security center (SOC), created to provide services to third-party customers, and Group-IB will provide its expert support. In addition, Group-IB will provide MTS with incident prevention and investigation services using its hardware and software solutions and services.

Partnership with EclecticIQ

In July, Group-IB and EclecticIQ announced a partnership agreement and integration of Group-IB's Threat Intelligence data into the EclecticIQ platform. Thanks to this cooperation, analysts, threat hunters, employees of information security operational centers and information security incident responders will have access to comprehensive information about current cyber attacks. As conceived by partners, this will identify threats posed by Russian-speaking cybercriminals. You can read more about this here.

Joint venture with NCI

A resident of the Skolkovo Foundation's IT cluster, Group-IB, a company engaged in the prevention and investigation of high-tech crimes, and the National Center for Informatization (NCI), a subsidiary of Rostec Group of Companies, engaged in the development, development and implementation of IT products, signed an agreement providing for the creation of a joint venture (JV). The document was signed on May 25 at the Digital Industry of Industrial Russia forum in Innopolis (Republic of Tatarstan).

As part of the agreements, Group-IB will provide its technologies to the joint venture. NCI, in turn, will promote products in the markets of the presence of Rostec Group of Companies and will take over operational activities, including interaction with state authorities, product certification and other issues.

The creation of the joint venture will allow Group-IB to implement to protect objects with a critical information infrastructure:

• threat intelligence system, which allows real-time monitoring of trends in the development of information security threats emanating from the underground community of cybercriminals, relevant for a specific industry, for the competent distribution of investments in information security in the enterprise;
• TDS and Polygon intrusion detection solutions that allow you to protect yourself from previously unknown malicious code, as well as detect targeted attacks on the network infrastructures of organizations even before attackers could cause real damage;
• Secure Portal state portal protection system, developed with the support of Skolkovo, countering unauthorized access to users' personal accounts, using bots (for guessing passwords and disrupting online voting), collecting data on payment cards and other personal data;
• analytical security systems using big data.

The joint venture being created is the first in a number of technological consortia that Group-IB intends to create in the coming years. The company is in talks to open several competence centers abroad with major international companies. First of all, the plans include the creation of such centers in the Middle East, Latin America and East Asia, as well as in the United States.

2016: Altera Capital and Run Capital become Group-IB shareholders

In mid-August 2016, it became known that the AlteraKirill Androsov investment fund and the Run Capital fund, founded by entrepreneur Andrei Romanenko, were included in the equity capital of Group-IB. Each participant in the transaction acquired a 10% stake in the Russian developer of information security solutions, Kommersant reports, citing representatives of Run Capital.

The investment will focus on the development of think tanks in the Middle East, Southeast Asia and Latin America, hiring local forensic scientists, as well as expanding sales in the American, European and Asian markets. Earlier, Group-IB announced plans to open a think tank in Thailand in 2017.

The founder of Altera Investment Fund SICAV-SIFKirill Androsov is confident in the company's success in new markets.

We invest in companies with global potential. The interest that clients from Europe, the USA, Asia and the Middle East show in Bot-Trek solutions shows that Group-IB's offer can compete with world market leaders. Kirill Androsov

Group-IB CEO Ilya Sachkov said that as part of the investment deal, the company receives "smart money," since Altera Capital has expertise in the US information security market, and Run Capital "is well versed in how the financial industry works."

Altera Capital and Run Capital's investments in Group-IB were not disclosed. A source close to the deal Kommersant says that investors valued the entire Group-IB at about $80-100 million, and the cost of the funds' share was about $16-20 million. For the current level and dynamics of Group-IB development, these figures look overestimated, said the managing director. Prostor Capital Aleksei Solovyov^[6]

2015

Group-IB plans to raise $20 million in investments

Group-IB, a company specializing in information security, is in search of an investor and plans to raise $20 million, increasing its authorized capital to 25%. This was announced to CNews by Group-IB CEO Ilya Sachkov. The cost of the company today, according to him, is $80-100 million. The broker for attracting investments is Otkritie Bank^[7].

The funds raised will be used to accelerate the launch of a Group-IB product called Bot-Trek to the international market. It is designed to monitor botnets and cyber intelligence. Bot-Trek provides large intellectual property owners, such as financial institutions and telecommunications companies, with direct access to compromised data and their customer identifiers, which were identified during the analysis of networks of infected computers and underground sites.

IIDF may invest 210 million rubles in Group-IB

The Internet Initiatives Development Fund (IIDF) tentatively approved in April 215 a deal with Group-IB, which is engaged in the prevention and investigation of cybercrime, Kommersant reported.

The amount of the possible transaction and other details were not officially disclosed, but a source familiar with the negotiations said that IIDF could invest 210 million rubles in Group-IB.

Ilya Sachkov, CEO and founder of Group-IB, clarified that investments will go to the company upon reaching certain KPIs. An IIDF spokesman said the fund plans to use the Group-IB brand and established sales channels of larger companies to accelerate the growth rate of young technology startups.

2014: Lawsuit against Roskomnadzor and Rostelecom for blocking the site

In April 2014, Group-IB information security filed a lawsuit with the Arbitration Court Moscow against Roskomnadzor and "for Rostelecom erroneously blocking its website, they report." Sheets Group-IB requires 150 million. rubles Group-IB notes that the company is engaged in information security, so the performance of the site is fundamentally important. According to the corporate adviser of the company Anatoly Zemtsov, the main problem is that after blocking, a warning appeared on the site about the presence of illegal information on it. Group-IB CEO Ilya Sachkov adds that although the site was blocked by mistake, this error caused serious reputational damage to the company. The Group-IB site was temporarily blocked in November 2013, as Roskomnadzor ordered operators to restrict access to the drugspace.info resource, with one IP address hosting a couple of hundred sites (including the Group-IB site). Rostelecom does not have the technical ability to block individual pages, only the entire IP addresses - so all these sites were blocked. According to statistics from the Roskomsvoboda project (which provides anonymous access to sites blocked by Roskomnadzor), in mid-April 2014 Russia , 137,320 sites were blocked, of which 1964 were blacklisted, that is, blocked legally.

2013: LETA Group withdraws from Group-IB founders

In October 2013, LETA Group announced its withdrawal from Group-IB as a result of MBO. The proceeds from the transaction will be sent to a venture capital subsidiary - LETA Capital fund. In 2010, LETA Group acquired 50% of Group-IB. For three years, the staff of Group-IB has grown 5 times.

"During cooperation with LETA Capital, Group-IB created the largest Computer Forensics Laboratory in Eastern Europe (the capacity of which, to date, allows about 80% of the most complex and resonant cases in the field of cybercrimes and crimes committed in the field of high technology), the first private CERT in Eastern Europe was launched, a direction was opened to protect the brand on the Internet, as well as a strong direction to prevent computer crime. It is also worth noting that during this time, with the help of the company's capacities and the competencies of its employees, it was possible to detect and stop the existence of 5 of the largest criminal groups that committed fraudulent actions in the RBS systems in the CIS. We will continue to strengthen our position as a leader in the market for the investigation and prevention of cybercrime in Eastern Europe and by 2017 we plan to be among the TOP10 world leaders in this market, "commented Group-IB CEO Ilya Sachkov

.

2012

Obtaining a license from the FSB

In December 2012, Group-IB received a license from the FSB of the Russian Federation to work with information constituting a state secret. The license (GT No. 0064472, registration number 4490) was issued to the company by the FSB Directorate for Moscow and the Moscow Region for a period of three years. The condition for the implementation of this type of activity is compliance with the requirements of legislative and other regulatory acts of the Russian Federation to ensure the protection of such information.

Start of Bot-Trek system development

Since 2012, the company has been developing a system for early detection of cyber threats Bot-Trek, which includes a cyber intelligence service, a threat detector in the corporate network, as well as Solution SaaS for banks, state structures and e-commerce, which identify preparations for fraud and theft. Unlike antiviruses, Bot-Trek products allow you to control the full range of risks - from attacks using social engineering methods to illegal use of the brand.

2011

CC Agreement

In December 2011, the Coordination Center for the National Internet Domain (CC), which is the regulator of the domain zones of.RU and the RF, concluded agreements with Group-IB to counter cyber threats. In accordance with the new domain registration rules that came into force in November 2011, registrars have the right to suspend the delegation of domains according to the representations of authorized organizations selected by the CC. Group-IB has become an authorized organization in the field of combating two categories of sites: phishing (used to obtain confidential information from third parties by misleading these persons about its ownership due to the similarity of domain names, registration or content of information); and botnet managers (used for unauthorized access to third-party information systems or for infecting or managing malware on these systems).

Launch of CERT-GIB: Russia's first private information security incident response team

In October 2011, Group-IB announced the launch of CERT-GIB, Russia's first private information security incident response team . CERT-GIB is a Computer Emergency Response Team based on Group-IB. The mission of this structure is to provide operational assistance to organizations and individuals in responding to incidents. At the same time, CERT-GIB not only assists customers who are in constant service in accordance with the terms of contracts, but also provides services to any other legal entities and individuals as part of the collection of incident information and coordination of response. CERT-GIB provides comprehensive information risk minimization support, consisting of technical, organizational and legal advice, to the contacted clients. Incident response services are countermeasures aimed at identifying the nature of the violation and neutralizing it, restoring the normal functioning of the information system, analyzing the causes of the incident, identifying the persons involved and bringing them to justice. It is due to the correct and prompt response to the incident that the reduction of financial and reputational damage resulting from the violation is ensured. Ensuring a continuous operational cycle of information gathering and incident response is carried out around the clock thanks to the simultaneous presence of Group-IB experts in Moscow, New York and Singapore.

Opening of a representative office in the USA

In September 2011, Group-IB announced the opening of its representative office in the United States. The new division is responsible for strengthening the company's position and expanding its activities in the North American market. The creation of the first foreign representative office of Group-IB was another step in the implementation of the strategy for bringing the company's services to the international market for investigating computer crimes. The division will present in North America a full package of Group-IB services and solutions, including the latest achievements in the field of protecting brands from network threats and preventing fraud in Internet banking systems. Alexey Kuzmin has been appointed head of the representative office located in New York. Alexey stood at the origins of the formation of the first private computer incident response group (CERT) in France. Prior to moving to Group-IB, he headed CERT in Canada from 2007.

2010: Joining Leta Group

In September 2010, it became known that the Leta Group will include Group-IB.

2008: Partnership with GuardianEdge Technologies and Sourcefire

In the spring of 2008, the company became the exclusive representative of GuardianEdge Technologies, Inc. in Russia^[8],^[9]

In the fall of 2008, the company became a representative of Sourcefire, Inc - the creators of Snort, their products are sold ^[10], ^[11].

2007: Separation from MSTU-TEST

By mid-2007, the company was separating from the MSTU-TEST laboratory, becoming an independent organization, providing a full range of information security services, successfully engaged in its profiling activities - investigating IT incidents.

2005: Entry into NIL MSTU-TEST

In 2005, the company merged with NIL MSTU-TEST and works as a special division of this laboratory, investigating computer crimes, IT incidents and other information security violations.

2003: Establishing a Company

The company was organized in 2003 as an organization that positions itself as the first company in Russia to investigate computer crimes on a commercial basis.

Notes