Search This Blog

Showing posts with label National Cyber Security. Show all posts

Minister of the Republic of Tatarstan explained how the "sovereign Internet" in Tatarstan works


Airat Khairullin, the Minister of Digital Development of Public Administration, Information Technologies and Communications of the Republic of Tatarstan, told about the main directions of the Ministry's work, the center for digital transformation of the Republic of Tatarstan, as well as about the work of the sovereign Internet in Tatarstan and correspondence in messengers.

"If someone tomorrow decides to physically block the DNS server system for Russia, our IP routing may be disrupted. Therefore, we are talking about allowing traffic to be routed at the junction of Russian and foreign providers."

According to him, Tatarstan has already created the appropriate infrastructure for the sustainable protection of the Internet from external attacks. Thus, all 10 thousand social objects of the Republic are connected to the Internet through the Data Processing Center (DPC) in the IT Park. There is a second data center for disaster resilience in the Council State.

"And technically, if the DPC of the IT Park is destroyed by fire or flood, we have a fault tolerance point, and within this logic, it is also a sovereign Internet," he said.
In an interview with journalists, Khairullin also shared that he uses popular messengers, including the Telegram blocked in Russia.

The Minister also commented on the statement of Pavel Durov regarding the insecurity of using WhatsApp and calls to remove it.

"Any application carries a vulnerability. The question of compromises is to be completely without a phone and use pigeon mail or use messengers," said Khairullin.

On November 12, the Prime Minister of the Republic signed a decree on the establishment of the Tatarstan Digital Technology Center. The new institution was created to improve the quality of life of Tatarstan citizens, accelerate the receipt of public services, as well as simplify the interaction between the state, society and business.

Recall that Khairullin previously said that 7 cyberattacks occur on the DPS every day. Therefore, to improve the security system next year, the Ministry of Digital Affairs of the Republic of Tatarstan has planned a competition for white hat hackers who will have to try to find the shortcomings and vulnerabilities of the Republican website of public services and hack it. The exact date when this experiment will take place has not yet been determined.

The Federal Security Service of Russia opposed applications with an electronic passport


Mobile applications with an electronic passport will not be able to completely replace a physical document. The FSB opposed the idea of placing the full document in smartphones.

The FSB considers it extremely unreliable to place the passport data of Russians in applications based on foreign operating systems iOS and Android, as they will not be able to guarantee the security of data and absolute access control from unauthorized persons. It will be possible to fully use the application as an identity card only when the domestic operating systems will function normally in Russia.

"There is a risk that Apple or Google developers will be able to access the data stored in the application", suggests Alexander Kruglov, senior analyst at Digital Security.

"Theoretically, there is such a possibility, since iOS or Android developers can insert a traffic analyzer into the next update of the system and collect user data", added he.

According to Kruglov, Apple, for example, refuses FBI requests to open access to iPhones of suspects.

It is worth noting that there is a Russian operating system Aurora created on the basis of the Finnish Sailfish. The state was going to supply officials and civil servants with phones with Aurora OS, they were going to spend 160 billion rubles (2,4 million $) on this. But there are practically no devices with preinstalled Aurora OS and applications for this operating system.

During a recent meeting with Deputy Prime Minister Maxim Akimov, it was decided that a smartphone app will appear and will be able to verify the identity of a citizen in most, but not all situations.

Most likely, citizens will be able to use the app only for simple services: for example, to verify the age when buying alcohol or cigarettes. But it will be possible to buy an apartment only through a card with a chip.

Earlier, E Hacking News reported that the Russian government has determined the basic parameters of the future e-passport. It will have two components - a plastic card with a chip and a mobile application. Documents of the new type will be issued to Russians from 2020 in Moscow. Paper passports will no longer be issued, but old documents will remain valid until their expiration date. The e-passport will become a universal carrier of information about a person, necessary for his identification.

ISRO targeted by North Korean Hackers during Chandrayaan-2 Launch


According to the fresh news that has been coming from various experts, it has appeared that Chandrayaan-2 (also known as Mission Moon), a famous mission by the Indian Space Research Organisation (ISRO) was attacked by hackers from North Korea. It also appears that the attacks were organized using a malware named Dtrack, which is connected to a club of North Korean hackers managed by the administration. "The malware was identified by the Financial Institute and Research Centers in 18 Indian states," confirms the reports by Kaspersky, a cybersecurity firm.


It is also said that the same malware was used to direct hacks on Kudankulam nuclear factory. The National Cyber Coordination Center that attempts to protect the nation from harmful cyber invasions recently received critical information from a US cybersecurity firm regarding the hack. It said that Kunankulam Nuclear Plant's master domain controllers alongside the ISRO were attacked by the hackers. Following this incident, Kaspersky's specialists detected the malware and notified the issue to the Indian government before the Chandrayaan-2 landing.

"The hack was organized using very simple and basic techniques like phishing emails, an unedited browser, and poor security that resulted in allowing the hackers to easily invade the devices," says Yash Kadakia in an interview, founder, Security Brigade, a cybersecurity firm in Mumbai. He further adds that a similar server was used to send spams to superior nuclear experts at the Nuclear Plant in Kudankulam which was also aimed by the hackers to pick other experts at ISRO later.

About Dtrack Malware- 
Generated by North Korean Hackers, the Dtrack malware provides a full command that permits the hackers to obtain data from the device. The virus can misuse devices with weak privacy and passwords. If the virus invades a device, it can obtain critical information like catalogs, IDs, user history, and IP addresses. "A high number of DTrack attacks were discovered. The hack was carried by Lazarus that has become a major concern for big corporations," said Konstantin Zykov about the virus who is a Researcher at Kaspersky Cybersecurity, at an event in Delhi.

The Ministry of Internal Affairs of Russia to create a Department to combat crimes in the IT-sphere


The Ministry of Internal Affairs will have units to combat crimes committed using IT-technologies. Units will be formed without increasing the staff.

This decision was made by Vladimir Kolokoltsev, the Minister of Internal Affairs of the Russian Federation, at a meeting of the Collegium of the Ministry of Internal Affairs of Russia, which was held as a video conference with all regions of the country. The meeting was attended by representatives of the Central Bank of the Russian Federation, the Ministry of Finance, Roskomnadzor, Rosfinmonitoring and a number of leading financial institutions.

The purpose of the creation of such units is to increase the efficiency of the prevention and suppression of crimes in the IT-sphere, as well as improving the skills and training of the most trained employees in identifying, revealing and investigating crimes committed using information and telecommunication technologies.

According to the Ministry of Internal Affairs, every seventh crime in Russia is committed in the field of IT-technologies. Law enforcement agencies in recent years have noted an increase in the number of crimes committed using the Internet, including fraud, drug distribution, theft of funds and other crimes.

At the moment, Vladimir Kolokoltsev instructed the heads of operational headquarters to prepare documents that will determine the structure, powers and functions of the new units to combat cybercrime.

Currently, the Office “K” of the Ministry of Internal Affairs is engaged in crimes in the field of information technology. In particular, the employees of this Department are engaged in the fight against illegal trafficking in electronic equipment and special technical equipment.

Earlier, E Hacking News reported that the Ministry of Internal Affairs will create a portal for complaints against hackers. The resource will be continuously and automatically collect data about the threats.

The Russian Embassy in Prague denied the statement of a Russian spy network in the Czech Republic


The Russian Embassy in Prague denied the statement of the head of the Czech Security and Information Service, Mikhail Koudelka, who announced the disclosure of the activities of the Russian spy network allegedly operating in the country.

On Monday, the head of the Czech Security Information Service (BIS), Mikhail Koudelka, said that his agency and the Czech police had exposed the activities of a Russian spy network, which operates through the Russian Embassy in Prague.

"This network was completely defeated and beheaded," said Koudelka during a speech in the Czech Parliament.

According to the head of BIS, this network "was created by people associated with the Russian intelligence services, and funded from Russia and the Russian Embassy."

Koudelka claims that members of the network planned attacks against targets in the Czech Republic and other countries via the Internet. He also said that this network was part of a larger structure created by Russia in other European countries. However, he did not name these countries.

Koudelka said that he could not provide any specific information, as the investigation is not yet complete. However, information about this attempted intervention could be included in the BIS annual report, which will be considered by a parliamentary Commission this Thursday, October 24.

Recall that for the first time the Czech Security Forces disclosed the activities of the cyber attack center in early 2018. According to an investigation, the two companies were formally engaged in the sale of computer hardware and software, but in reality their employees were also preparing hacker attacks using their computers. Part of the equipment for companies in the Czech Republic was brought from Russia and also through the diplomatic mission.

The investigation said that the hacker group included both Czechs and Russians who received Czech citizenship.

The Head of the FSB spoke about the threat of massive terrorist hacker attacks


Director of the FSB Alexander Bortnikov said that terrorist can disguise their hacking attacks under the actions of special services of specific States and this threatened to political and military conflicts. He stated this at the XVIII international meeting of heads of intelligence, security and law enforcement agencies in Sochi.

According to the FSB, terrorist groups create and develop their own cyber units.

Bortnikov called on intelligence agencies of other countries to support Russia's demand to deposit encryption keys for mobile devices. Fighting terrorism is ineffective as long as they use closed channels of communication on the Internet, he explained.

"The main tool of communication between bandits are still Internet Messengers with high crypto protection. In this regard, we consider it a serious problem that a number of the world's leading IT companies do not want to cooperate with intelligence agencies in the field of information security,” Bortnikov said.

He also called on the special services to join efforts in identifying and blocking terrorist and extremist materials on the Internet and to establish cooperation with leading technology companies for this purpose.

Bortnikov also noted that the capabilities of terrorists in the future can grow due to the growing availability of artificial intelligence technologies. And with their help, the militants will be able to analyze large amounts of information, including illegally obtained databases.

In addition, the FSB Director said that international terrorists are increasingly using "confidential cryptocurrencies" to financially fuel their criminal activities. According to Bortnikov, terrorists create shell companies that legally participate in trading on stock exchanges, invest in real estate and various sectors of the economy. At the same time, criminals are increasingly using not bitcoin, but so-called “confidential cryptocurrencies”, which guarantee the anonymity of transactions.

Also, Alexander Bortnikov said about the threat of massive terrorist attacks using unmanned aerial vehicles. According to Bortnikov, the use of unmanned aerial vehicles capable of delivering various cargoes by terrorists will become a "real challenge" for the world's intelligence services.

It is important to add that this year the FSB has identified 39 terrorist attacks in preparation and eliminated 32 terrorists.

Russian experts created protection for ships and ports from cyber attacks


Russian company Engineering Technologies has developed a Poseidon system to protect ships and ports from cyberattacks. Domestic and foreign customers are already interested in this development.

Currently, 90% of the world's cargo is transported by sea. Objects of marine infrastructure due to their high automation and computerization are often victim of hackers. So, in 2017 and 2018, cyber attacks were carried out on the largest sea carriers Maersk (Denmark) and COSCO (China), as a result of which cargo terminal systems were blocked. In Russia in early 2018, hackers tried to disrupt the work of the Administration of the Sea Ports of Azov Sea.

"The Poseidon complex is being developed to protect ships and marine infrastructure facilities – ports, shipyards, drilling platforms from cyberattacks," said Artem Dolgikh, Poseidon Project Manager and Technical Director of Engineering Technologies.

Currently, most ships are protected using standard software, as well as security rules and policies on network equipment.

Poseidon uses the author's database of cyber vulnerability scenarios for the marine area and an automated threat detection algorithm implemented on the basis of neural networks and artificial intelligence.

According to Artem Dolgikh, the application of the program will reduce the costs of shipowners. So, a number of industry-specific marine companies, both in Russia and abroad, are already interested in it.

It became known that the software part of the system is planned to be developed in Russia, and the hardware part can be produced both on the territory of the Russian Federation and abroad.

Earlier, E Hacking News reported that now shipping companies are considering moving into the digital era and to work out a system which will integrate blockchain technology into one vast platform. A number of different shipping lines, such as A.P. Moeller- Maersk A/S have teamed up with technology companies, and they are about to revolutionize the shipping industry and upgrade the world’s most complex logistics network.

Russia suspects Western countries interfered with Internet resources of Russian government agencies


Russia suspects that the Western countries have interfered with the work of Russian government agencies websites, said Russian Foreign Minister Sergei Lavrov, speaking to students and faculty of Moscow State Institute of International Relations and to the Diplomatic Academy of the Ministry of Foreign Affairs. He also confirmed that the topic of information security over the past couple of years has become quite popular.

In addition, Lavrov recalled that Russia was repeatedly accused of hacking American Internet resources. The US authorities are convinced that the Kremlin interfered in the 2016 US presidential election.

According to the Russian Minister, the accusations against Moscow “have not been convincingly confirmed.” Nevertheless, the myth of Russian intervention "continues to spread through the American and Western media and some Western politicians continue to raise this topic."

“We also have a reason, and more serious, to suspect that our Western colleagues are paying increased attention to our Internet resources. And this happened more than once. Representatives of the Central Bank of Russia, Sberbank and other government agencies also spoke about this.” But Lavrov did not give examples of alleged Western intervention.

Recall, the State Duma has prepared a mirror response to accusations of alleged Russian interference in the electoral process in the United States. In August, speaker Vyacheslav Volodin announced the creation of a parliamentary Commission to investigate the facts of foreign interference in the internal Affairs of the Russian Federation. Deputies found two examples of “cynical interference”, these are tweets of Deutsche Welle and the US State Department, which the Foreign Ministry considered calls to participate in unauthorized actions in Moscow. However, Mr. Volodin promised to present other "materials", mentioning, in particular," manuals", which allegedly "were distributed by employees of foreign embassies."

An expert in International Relations doubts that the West will listen to Russian statements about intervention, as Russia does not accept similar accusations of the West.

Ivan Timofeev, the Director of the Russian Council on Foreign Affairs, suggests that in the end there will be people in the West who will say: "Look, Russia is creating the scandal out of nothing. Surely they do it to distract attention from their own interference in other people's elections.”

Estonia started cooperation with India in the field of cybersecurity


The Estonian Information System Authority (RIA) signed a cyber security cooperation agreement with India last Wednesday.

In accordance with the new Agreement, the parties will provide security in the field of cyberspace with doubled efficiency.

The Ministry of Electronics and Information Technology of India agreed on the Agreement and Margus Noormaa, the Head of Estonian RIA (Information System Authority), endorsed it.

The contract involves the exchange of operational information, conducting special consultations, as well as providing extensive assistance to the parties and communication with experts and specialists in addressing the complex issues.

It is worth noting that on August 21, Vice-President of India Muppavarapu Venkaiah Naidu, who is visiting Estonia, met with the Head of the Estonian Government Juri Ratas.

"I am very pleased that the relations between Estonia and India have become closer in recent years. For example, interest in Estonia has been noticeably increased for both Indian students and start-up entrepreneurs," Juri Ratas said.

During a conversation with the Vice-President of India, the Estonian Prime Minister said that in recent decades Estonia has made a huge leap in economic development and has become a world leader in the field of e-state. Also, as Ratas noted, there are impressive achievements in the field of cybersecurity and blockchain technologies.

"We are happy to share our experience with India. Many local companies have already become excellent investment partners for us, and even wider cooperation in many areas of the economy can grow from this,” the Estonian Prime Minister said.

At the moment, Estonia is one of the most active countries in the field of IT-development.

So, this year the first summer school of cyber diplomacy begins in Tallinn for about 80 diplomats, scientists and experts from 26 countries of the world. The participants of the school will consider the law and norms in cyberspace, the role of cyber operations in modern conflicts and other relevant topics.

The total cost of creating the Cybersecurity Training Center exceeded 18 million Euros. NATO itself invested six million, and Estonia’s alliance partners donated two million.

However, the political scientist Vitaly Gaychonok said that this is crazy. According to the expert, it is extremely difficult to use the same laws in the cybersphere that are applied in real life.

Estonian authorities and the military are focusing on ensuring cybersecurity. In April this year, a Training Center on Cybersecurity was opened in Tallinn, where it is planned to train NATO specialists and conduct international cyber studies.

Cryptographer hacked an online voting system in Moscow


According to the results of the meeting of the technical working group on electronic voting, it became known that the French cryptographer, who pointed out the shortcomings in the electronic voting system, will receive a reward of one million rubles (15 000$).

Last week it became known that Pierrick Gaudry, an employee of the French National Center for Scientific Research, said that the encryption used in the Russian electronic voting system is “completely unsafe” and can be hacked by attackers in about 20 minutes.

Recall that the Russian Government offered a cash prize of 1.5 million rubles (23 800 $) to a hacker who can hack the electronic voting system.

However, according to Artem Kostyrko, the Deputy Head of the Moscow Department of information technology, nobody, including the French cryptographer, managed to hack the system. However, since Pierrick Gaudry pointed out the weakness of the system and drew attention to its testing, he will receive a reward of one million rubles, provided that no one will be able to hack the system during the next testing on August 21.

Other sources reported that Pierrick hacked the system, as he managed to restore all three secret keys. He has published a command-line script, so anyone can hack the voting system. Therefore internet users repeated the experiment and the calculations took the same amount of time - a little more than 20 minutes. When the private keys are known, decrypting the message becomes a trivial task.

It is interesting to note that before Pierrick published his work, Stanislav Smyshlyaev, the Deputy General Director of the company CryptoPro, stated that any laboratory accredited by the FSB of Russia would have found such a vulnerability. At the same time, Artem Kostyrko at one of the meetings of the technical working group mentioned that the Internet voting system was checked by experts from the FSB. Alexey Venediktov, the member of the Public Chamber of Moscow, claimed that military hackers from the GRU were involved in testing the voting system. However, none of them found the vulnerability.

According to forecasts, about 3 percent of the total number of voters will be able to take advantage of electronic voting in the elections to the Moscow City Duma on September 8. By the way, this is 1 percent more than during the experimental electronic voting in Estonia.

Previously, Ehacking News reported that the team of the Ukranian president Vladimir Zelensky promised to hold the next presidential elections in Ukraine using Estonia's experience in electronic technologies.

It is known that the widespread introduction of electronic technologies has become a kind of visiting card of Estonia and its know-how in the eyes of the world community. 

On the guard of the cyber world: Ethical-hackers will appear in the Russian army


The Russian army will have special units, which will include ethical-hackers - people with technical education who will protect the "military Internet". They will scan the system for the presence of enemy cyber attacks and quickly neutralize them.

Conscripts will not be able to get into such units because only officers with special higher technical education can serve in a cyber army.

According to military expert Dmitry Boltenkov, it is necessary to block the attacking computers of the enemy and prevent him from getting into the network. Usually, software and hardware protection is used for this, as well as special devices that protect against hacking or warn of penetration.

It is already known that the software has already been created that should unite the field control stations and provide a multi-level network protection system.

According to experts, such a system will make it impossible for external access to the "military Internet". Protection includes several firewalls that prevent unauthorized access. So, specially designed antiviruses will track the unauthorized access of malware.

The exact place where the invasion occurred and the enemy could intercept radio signals or connect to the network will be detected with the help of special programs and equipment. Further, cybersecurity experts from the new unit can identify and localize the consequences of the attack.

The main advantage of this system is its autonomy because "military Internet" is not connected with the usual network, which means it is less prone to leaks and hacker attacks from outside.

The Ministry of Defense tested the work of the “military Internet” this year. The exchange of information at a speed of 300 Mbit/s was carried out between the field control stations at a distance of more than 2 thousand km. The military Department used special equipment and more than a thousand mobile communication and encryption complexes to create ultra-long data lines. The new system allows the exchange of information at a distance of several thousand kilometers, and all communication channels will be protected from hacking.

In addition, the Armed Forces of Russia are also creating a sovereign Internet - multiservice transport communication network (MTSS). It is planned to complete the first stage of work at the end of this year.

All data is in plastic: the usual passports of Russians will begin to change into digital


The Russian government has determined the basic parameters of the future electronic passport. Documents of the new type will be issued to Russians from 2020 in Moscow, and it is planned to fully switch to digital passports by 2022.

Paper passports will no longer be issued, but old documents will remain valid until their expiration date. People over 45 will continue to use paper documents indefinitely.

The e-passport will become a universal carrier of information about a person, necessary for his identification. The government is discussing the addition of other personal data to such a document, such as electronic signatures, fingerprints, insurance number.

However, the design of the electronic passport has not yet been approved. Prime Minister Dmitry Medvedev said that the main version is a plastic card with a chip, which will be complemented by the secure mobile application "My passport".

Such a document looks like a Bank card with a high degree of protection NFC-based chip will be integrated into the card and the card will also have a QR code and holographic protection. All components for the new document will be only "made in Russia".
Crypto-protection will increase the protection of a new passport against fakes. In addition, the mobile application "My passport" will give the opportunity to use a cloud digital signature, which is convenient for entrepreneurs. It is planned that the application will be available for all platforms — Android, iOS and even for the Russian operating system Aurora.

The government promised to pay maximum attention to the protection of electronic passports from hacking and manipulation.

It is interesting to note that Georgian citizens can already receive an electronic identity card, they can get it within three days for $ 10. A “smart” chip embedded in a plastic passport allows identifying the owner and getting all the information about his property, tax payments and even health.

"Now more than three million citizens of Georgia have electronic passports. Citizens from 14 years of age must obtain a passport", – said Givi Azarashvili, the Director of the House of Justice.


In Kazakhstan, everyone who wants to use Internet must allow government to read their Secure Traffic (HTTPS)



Providers of Kazakhstan persuade customers to install a "state trusted certificate" on all devices, which will allow intercepting all encrypted traffic of the country in order to protect citizens from cyber threats and illegal content.

Kazakhstan Telecom operators have begun to notify customers about the need to install a special security certificate Qaznet on all subscriber devices with Internet access - mobile phones and tablets based on iOS/Android, personal computers and laptops based on Windows/MacOS.

The message on the website of the Kcell provider states that the certificate recommended for installation "was developed in Kazakhstan and provided by the authorized state body" and "will allow protecting Kazakhstani Internet users from hacker attacks and viewing illegal content". However, it can be assumed that such opportunities can be used by the authorities of Kazakhstan to gain access to information that citizens exchange via the Internet.

Users are invited to download the certificate from the website qca.kz. This domain name is registered to an individual Askar Dyussekeyev. The address of the owner is the same as the address of the Ministry of Digital Development, Innovation and Aerospace Industry of Kazakhstan.

Telecom operators warn that if the certificate is absent, then customers may encounter problems accessing certain Internet resources.

Indeed, according to some users from the capital of Kazakhstan, it is impossible to access sites that force the use of the secure HTTPS protocol using the HSTS mechanism without installing a certificate. Such sites are now the majority.

According to Shavkat Sabirov, the President of the Internet Association of Kazakhstan, there is a global problem in the world related to the safe use of the Internet.

"All the experiments that were associated with the installation of root certificates failed. All over the world, it is already recognized that this is an unsuccessful and even a terrible attempt to work in a safe mode. If this certificate is stolen or hacked, the attackers will get absolutely all the information about users data that use this certificate," said the president of the Internet Association of Kazakhstan.

The President of the Internet Association of Kazakhstan noted that companies that provide services on the Internet with the security certificate should take responsibility for its use.

The Moscow Mayor’s Office claims that electronic voting is safe


According to Alexey Shaposhnikov, the Chairman of the Moscow Parliament, the experiment to conduct electronic voting in the elections of deputies of the Moscow City Duma will take place, despite the detection of weaknesses in its system during testing.

Shaposhnikov said, “I am a supporter of the development of e-democracy; e-voting is one of the elements of its development.”

Recently, Alexei Venediktov, the Deputy Chairman of the Public Chamber, said that the electronic voting system from July 11 will be available in test mode for everyone. Hackers will be able to try to hack it for a fee of 1.5 million rubles.

Artem Kostyrko, the Deputy Head of the Department of Information Technology Department of Moscow, said that the guarantee of security of the electronic voting system is the fact that it will be held on the website of the Moscow Mayor’s Office mos.ru.

The speaker of Moscow City Duma noted that he did not know of any cases of hacking into the site mos.ru. Specialists, who are responsible for the functioning of the security system, guaranteed correct operation during the counting of votes.

People wishing to participate in the electronic voting must pass verification in advance on the official website of the Mayor of Moscow.

The Moscow City Duma Chairman added that according to preliminary forecasts, up to 6% of the voters in Moscow will participate in the experiment on conducting electronic voting.

It should be noted that the Moscow authorities plan to arrange an online broadcast of electronic voting, during which it will be possible to find out the number of voters.

Experts believe that it remains unclear how the voter authentication, the secrecy of the vote and freedom from being forced to vote will be ensured.

In addition, the technical side of the e-voting process is provided by the Moscow Mayor’s Office, which is a structure of the Executive branch of Government, the head of which represents one of the political parties. According to experts, this is a violation of the principle of independence of election organizers and the principle of separation of powers.

Elections to the Moscow City Duma are scheduled for September 8, 2019. An experiment on electronic voting will be conducted in three districts of Moscow.

The Russian Embassy responded to accusations from London in cyber attacks


The Press Secretary of the Russian Embassy in the UK said that the cyber attacks, which were stated by the British Minister, are not a real problem, but only a reason for the forcing of anti-Russian sentiment.

Recall that on Thursday, British Foreign Minister Jeremy Hunt once again accused Russia of carrying out cyber attacks in order to "undermine the critical infrastructure" and "change the results of the elections" in many countries.

The diplomatic mission stressed that the Russian side "repeatedly at various levels offered British partners cooperation on the issue of cyber threats". However, there has been no reaction from London.

The diplomats expressed the opinion that the new anti-Russian statement of the British Minister indicates that the Russian cyber attacks are not a problem for the British authorities, but an occasion to " forcing anti-Russian sentiments on an international scale."

The Russian Embassy stressed that such statements cause regret and serious concern. In addition, they added that, perhaps, London in this way hides preparations for a cyber attack on Russia.

However, no one in Europe believes Hunt. The President of the Czech Republic Milos Zeman commented on the allegations of Russian influence on the elections.

"Fake news is that Russians, Chinese or someone else influence the elections. Such false news is aimed at creating panic, they are spread by those who are afraid of losing. They are looking for an excuse to lose the election in advance," the Czech leader said.

It is worth noting that Russia has repeatedly denied all the allegations of attempts to influence democratic processes in different countries. Western countries have repeatedly attacked Moscow on this issue.

Earlier, for example, the State Secretary Mike Pompeo said that Russia interfered in the US elections in 2012, in 2008 and in 2004. However, he did not provide any evidence of his words.

Russian Senator Alexei Pushkov drew attention to the fact that from Pompeo's statements it can be concluded that "Russia has been interfering in the US elections since he went to school." At the same time, he noted with irony that maybe Moscow chose Pompeo.

Chinese hackers attacked Russian companies and government agencies for 9 years



Russian Security Companies Positive Technologies and Kaspersky Lab discovered a cyber group which for several years stole data from more than 20 Russian companies and government agencies. The expert said that such groups are usually engaged in political intelligence or industrial espionage.

The hacker group has been working for at least 9 years. The names of the companies attacked by hackers were not disclosed. But it is specified that 24 Russian important organizations were attacked.

According to Positive Technologies, the attackers used Chinese developers to create their tools and used during the attacks Chinese IP addresses. Moreover, the keys for some versions of malicious programs are found on specialized forums where people from China communicate.

Positive Technologies gave the name TaskMasters to the hacker group because it created specific tasks in the task scheduler that allows hackers to execute commands of the operating system and run software at a certain point in time. After penetration into local networks of the enterprises, leaks of information were used for espionage.

Kaspersky Labs said they have been tracking the activity of this group since 2016, and they call it BlueTraveler. According to experts, hackers attack more often government agencies, mainly from Russia and the CIS. In addition, they confirm that the attackers speak Chinese and the methods used by Asian attackers is popular for political intelligence or industrial espionage.

An interesting fact is that the attacks of Asian hackers for years remained unnoticed by antivirus or information security services. Hackers downloaded without trace gigabytes of information, files, documents and drawings to their servers.

Known hackers of financial institutions prefer the method using the task scheduler. Namely, the Russian-speaking groups Cobalt and MoneyTaker use this method.

It is worth noting that at the end of 2018, cybersecurity experts reported that the financial sector of Russia for the year lost at least 3 billion rubles from cyber attacks.

Hackers from Fancy Bear were accused of attacking the Ministry of Defense of Spain

The authoritative Spanish online edition Español citing anonymous sources reported on April 12 that Russian hackers from Fancy Bear were responsible for the attacks on the Spanish Ministry of Defense at the beginning of the year.

This conclusion was made by investigators after analyzing the methods of cybercriminals. Hackers used the same scheme as they did during the hacking the servers of the US Democratic Party in 2016, after which the hacker group became known worldwide.

It is noted that the virus was introduced through external e-mail in order to gain access to the "technological secrets of the military industry."

According to experts, the computers of the Defense Department were under the complete control of hackers for three months. And only in March it became known that the computer network of the Ministry of Defense of Spain was hacked using a virus.

It should be noted that foreign politicians and journalists associate this hacker group Fancy Bear with the Russian authorities. They believe that the purpose of cybercriminals is "to undermine democracy." However, the connection of the hacker group Fancy Bear with the authorities or intelligence services of Russia has not been proven. This statement is based solely on speculation and assumptions.

Hackers in Ukraine are attacking Government websites


On the eve of the presidential elections in Ukraine, phishing attacks on Government Internet resources were activated.

According to the Head of the Computer Forensics Laboratory, the intensity of cyber attacks is increasing every year. It is a permanent process and is not necessarily associated with the elections. However, at the moment, the sites of the Central Election Commission, the Presidential Administration, the Cabinet of Ministers and infrastructure departments may be under attack.

In general, the situation with the cyber defense of Governments departments is now much better than a few years ago, since the cyber defense was improved by European financial assistance. Many different projects on quality protection have been funded.

At the same time, the sites of presidential candidates are in the risk zone of hacker attacks on the eve of the elections. It turned out that politicians can simulate the attack of hackers on their resources for the sake of PR to emphasize their importance.

In the Czech Republic, the Russian center of cyber attacks has been neutralized - Local Media

According to the Czech local news magazine Respekt, Russian Intelligence Services used two computer companies in Prague for performing cyber attacks.

It is alleged that the Czech Security Forces disclosed the activities of the cyber attack center in early 2018.

According to a journalistic investigation, the two companies were formally engaged in the sale of computer hardware and software, but in reality their employees were also preparing hacker attacks using their computers.

Journalists found out that part of the equipment for companies in the Czech Republic was brought from Russia through third countries by cars of the Russian Embassy with diplomatic numbers. The computer companies got this technique also through the diplomatic mission.

The investigation said that the hacker group included both Czechs and Russians who received Czech citizenship. The group could cooperate with several similar Russian groups operating in other countries.

It is interesting to note that in September last year in the Czech Republic for hacking the system of issuing residence permits detained 8 Russians and Vietnamese. Russian hackers had hacked the servers of the Czech Foreign Ministry in the interests of the Vietnamese for a fee, who can legalize their countrymen’s stay in Europe.

Cyberattacks can even take human lives

Cyberattacks by nation-states will soon kill people, either deliberately or unintentionally, a senior security researcher told attendees at the RSA Conference this week.

The May 2017 WannaCry attacks by North Korea and the NotPetya attacks by the Russian military in June 2017 shut down hospitals, disrupted shipping and cost hundreds of millions of dollars in losses — much of it in the form of collateral damage.

It is inevitable, she said during her RSA presentation yesterday (March 5), that future nation-state attacks on such scale will cause loss of life.

"I rarely get to stand up in front of groups and tell them that the news is getting better," Joyce told the crowd. "But if you have purely destructive malware backed by a nation-state, then where does that leave us?"

NotPetya, which targeted tax-collection software that every business in Ukraine was obliged to run, masqueraded as ransomware, Joyce explained. But it was impossible to decrypt the affected data even if a ransom was paid. The goal of NotPetya was purely destructive, and the destruction streamed outward from Ukraine to infect companies and other institutions in 65 other countries.
Part of the collateral damage was at U.S. hospitals, Joyce said, where some patients could not be immediately treated as a result.

"A friend of mine who was suffering from throat cancer was turned away and told to come back next week," Joyce said.

"If you have purely destructive malware backed by a nation-state, then where does that leave us?"
—Sandra Joyce, FireEye senior vice president


Had anyone died as a result of NotPetya, that would have been an unintended consequence of a specific attack on Ukraine's economy. But nation-state malware already exists that is designed to deliberately kill people, according to Joyce.