Search This Blog

Showing posts with label National Cyber Security. Show all posts

Lithuania leads a European Union Cyber Rapid Response Team (CRRT) at the European Union


Lithuania, the Netherlands, Poland, Romania, Croatia, and Estonia signed a Memorandum on the establishment of a European Union Cyber Rapid Response Team (CRRT). In the event of a cyber attack on any of the countries participating in the agreement, CRRT specialists should be ready to immediately repel the attack. Lithuania played a special role in creating this structure. Experts note that the EU has a really difficult situation with ensuring cybersecurity since not all States have the resources to repel hacker attacks. However, analysts doubt the effectiveness of CRRT.

Lithuanian Minister of Defense Raimundas Karoblis noted that this is a completely new international cyber potential, initiated and led by Lithuania and that each country faces cybersecurity problems.
According to the cybersecurity specialist, Andrei Masalovich, now the problem of protection against cyberthreats is facing not only the poor countries of the Baltic States but even the United States.

President of the Russian Association for Baltic Studies Nikolai Mezhevich believes that the attempts of the Lithuanian leadership to take a leading role in the organization of a pan-European cyber defense are largely dictated by the desire to improve the image of Lithuania.

In addition, according to Andrei Masalovich, the Lithuanian authorities also want to "show their importance" against the background of Estonia.

As for the possible source of the threat, all countries in the CRRT blamed Moscow for cyber attacks. For example, in 2018, the Netherlands accused Russian hackers of attacking the headquarters of the Organization for the Prohibition of Chemical Weapons. In the Baltic States, Russia is regularly suspected of cyberattacks.

Moscow, in turn, calls for the creation of "confidence-building measures in cyberspace" at the global level. This was stated last year by the special representative of the President of the Russian Federation for information security, Ambassador of the Ministry of Foreign Affairs on Special Assignments Andrei Krutskikh.

Roskomnadzor blocked the email service Protonmail


The FSB of the Russian Federation reported that it was possible to install another email service that was used by an "electronic terrorist" to send messages about mining of objects with a massive stay of people in Russia. On Wednesday, the FSB and the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) announced the blocking of the Swiss postal service Protonmail.com.

"This email service was used by hackers both in 2019 and especially actively in January 2020 to send false messages about mass mining of objects on the territory of the Russian Federation under the guise of reliable information," said the representative of Roskomnadzor.

In turn, the FSB of Russia reported that this service is used starting from January 24. Messages with threats of mining were sent to the email addresses of courts in four regions of the Russian Federation. Last year, the same service was also used to send false terrorist threats, but on a smaller scale.
"The texts also indicated allegedly mined 830 social and transport infrastructure objects. All threats were false," the FSB reported.

ProtonMail CEO Andy Yen recently announced his decision to go to court because he believes the block is unfounded. According to him, blocking the service is an inefficient and inappropriate tool to combat cyber attacks.

"This will not stop cybercriminals from sending threats from another email service and will not help if the criminals are located outside of Russia. Cybercriminals are also likely to be able to bypass the block using one of their many VPN services," Ian said.

The head of the company stressed that blocking mail will only harm private users and restrict access to private information for Russians.

Recall that this is the third foreign mail service blocked by Roskomnadzor for spreading false messages about mining facilities in Russia. On January 23, Roskomnadzor announced the blocking of the StartMail service. It was noted that mass mailings of messages about the mining of various objects on the territory of Russia were carried out through this mail service. Emails have been received since November 28, 2019.

Alexander Baranov says Russia has nothing to do with the cyberattack on the friendly Austrian Foreign Ministry


The hacker attack that the Austrian Ministry of Foreign Affairs underwent prompted European countries to take active measures to defend against such attacks. At the same time, the EU accuses Moscow of the attack, which makes no sense, given the friendly relations between Russia and Austria. Alexander Baranov, head of the Department of Information Security at the National Research University, commented on the situation.

According to the expert, anti-Russian accusations once again show the policy of Western "hawks" who regularly make groundless statements to undesirable countries.
"These accusations are completely groundless and are not supported by any arguments," Baranov said.

He stressed that Russia has absolutely no interest in attacking the Austrian Foreign Ministry. In addition, Austria supports the implementation of major projects, such as the Nord Stream 2 gas pipeline.

"This is one of the friendliest countries in the European Union, I think. Therefore, I do not see any sense to attack its foreign Ministry, especially since the country is small and it does not play a decisive role," the expert believes.

In his opinion, the provocation is obvious in order to worsen relations between the countries.
"One of the most famous methods of hackers is to carry out an attack from the territory of States that have nothing to do with it. Most often it is China or India," Baranov explained.

The expert reminded that it is now almost impossible to track the end user if he uses an anonymizer. It is possible that the European security forces were able to establish any facts, but they are not able to make them public because of the secrecy.

He added that European politicians enjoy their impunity by regularly making unfounded accusations.
"Representatives of Russia have repeatedly asked for facts, but there is nothing, there is only empty talk," the expert concluded.

A hacker attack on the Austrian Foreign Ministry occurred in early January. In Vienna, they believe that the incident has a Russian trace while recognizing the absence of any evidence.

Earlier, the Austrian newspaper DiePresse reported that a number of EU countries decided to form a group to protect themselves from cyber attacks from Russia. Vienna will work together with Germany, the Czech Republic, Belgium and Cyprus on this issue. These States consider themselves to be "victims of a Russian cyber-espionage".

The Russian President created a new Department for information security


Russian President Vladimir Putin signed a decree increasing the number of departments of the Ministry of Foreign Affairs of Russia from 41 to 42.  According to the Facebook page of the Department, the new 42nd Department of the Russian Foreign Ministry will deal with international information security, including the fight against the use of information technologies for military-political, terrorist and other criminal purposes.

The decree came into force on December 27, 2019.  The number of employees of the Central office of the Russian Foreign Ministry increased from 3,358 people to 3,391 people. The decree establishes a staff payroll for a year in the amount of 3,521,914.7 thousand rubles ($57,000).

Employees of the Department will have to propose measures to improve legislation to make it easier to cooperate with other countries and international organizations on the topic of information security.

"The main idea of the department is the development of generally accepted rules for conducting a cyber environment and for a collective response to challenges,” said Maria Zakharova, an official representative of the Russian Foreign Ministry.

Earlier, at the end of 2018, the Permanent Representative of Russia in Vienna, Mikhail Ulyanov, announced that a new information security division would appear in the structure of the Ministry of Foreign Affairs. He noted that the decision was made due to the fact that information threats have recently become more relevant.

Recall that on December 28, it became known that the UN General Assembly adopted a resolution proposed by Russia to combat cybercrime.  The US did not support the initiative, considering the document redundant, as there is already an agreement on cybercrime, it's the Budapest Convention

The American side believes that the resolution is beneficial to Russia to create the necessary "type of control over the Internet space."

The Russian Foreign Ministry called the adopted resolution a new page in the history of the fight against cybercrime, stressing that the document actually secured the digital sovereignty of States over their information space.

In Berlin, Russian and German scientists discussed the danger of smart gadgets


By December 15, on behalf of President Vladimir Putin, the Russian government should prepare a Federal project "Artificial intelligence", which will prescribe tasks and measures to support the development of digital technologies in the country until 2030. Meanwhile, an inter-University conference was held in Berlin with the participation of Moscow specialists, aimed at attracting promising personnel to the Russian Federation for the development of the digital economy.

According to Pavel Izvolsky, the director of the Russian House of Science and Culture in Berlin, such events help to improve relations between Russian and foreign universities and research centers in the field of innovative digital technologies.

Nevertheless, talented students from other countries, even such economically and technologically successful ones as Germany, have a lot to learn in Russia. According to Izvolsky, such simple things for Russians, as paying for Parking from a mobile device or obtaining various certificates through the portal of public services, are not yet available for the Germans.

"In this sense, it's just a Stone Age," stated Izvolsky. The topics discussed were various, from the use of blockchain technologies in the banking sector and the introduction of intelligent transport systems in megacities to ensuring cybersecurity in the everyday sense when it comes to the use of gadgets by children.

The report of the leading content analyst of Kaspersky Lab Andrei Sidenko caused a great response. He talked about how the younger generation spends time on the Web, what threats are most often exposed and how parents react to it. For example, surveys have shown that for the first time children get access to smartphones from the age of three, and by the age of 11-14, 37 percent of young

Russians have personal gadgets. In the same studies, 85 percent of domestic teenagers answer that
they can not do without a mobile phone, and almost all the free time 15-18-year-old schoolchildren spend almost all their free time on the Internet. But every third parent does not know what exactly his child is watching on the Web. Children are in a rather vulnerable position: they share personal data, open "adult content", are subjected to cyberbullying or are involved in communication with dubious persons, and so on.

The discussion on digitalization in Berlin was the next in a series of international inter-University conferences that Rossotrudnichestvo (the Federal Agency for the Commonwealth of Independent States, Compatriots Living Abroad and International Humanitarian Cooperation) has already held in India, Indonesia and Iran. As a result of the past conferences, memorandums of cooperation between Russian and foreign universities were signed.

Minister of the Republic of Tatarstan explained how the "sovereign Internet" in Tatarstan works


Airat Khairullin, the Minister of Digital Development of Public Administration, Information Technologies and Communications of the Republic of Tatarstan, told about the main directions of the Ministry's work, the center for digital transformation of the Republic of Tatarstan, as well as about the work of the sovereign Internet in Tatarstan and correspondence in messengers.

"If someone tomorrow decides to physically block the DNS server system for Russia, our IP routing may be disrupted. Therefore, we are talking about allowing traffic to be routed at the junction of Russian and foreign providers."

According to him, Tatarstan has already created the appropriate infrastructure for the sustainable protection of the Internet from external attacks. Thus, all 10 thousand social objects of the Republic are connected to the Internet through the Data Processing Center (DPC) in the IT Park. There is a second data center for disaster resilience in the Council State.

"And technically, if the DPC of the IT Park is destroyed by fire or flood, we have a fault tolerance point, and within this logic, it is also a sovereign Internet," he said.
In an interview with journalists, Khairullin also shared that he uses popular messengers, including the Telegram blocked in Russia.

The Minister also commented on the statement of Pavel Durov regarding the insecurity of using WhatsApp and calls to remove it.

"Any application carries a vulnerability. The question of compromises is to be completely without a phone and use pigeon mail or use messengers," said Khairullin.

On November 12, the Prime Minister of the Republic signed a decree on the establishment of the Tatarstan Digital Technology Center. The new institution was created to improve the quality of life of Tatarstan citizens, accelerate the receipt of public services, as well as simplify the interaction between the state, society and business.

Recall that Khairullin previously said that 7 cyberattacks occur on the DPS every day. Therefore, to improve the security system next year, the Ministry of Digital Affairs of the Republic of Tatarstan has planned a competition for white hat hackers who will have to try to find the shortcomings and vulnerabilities of the Republican website of public services and hack it. The exact date when this experiment will take place has not yet been determined.

The Federal Security Service of Russia opposed applications with an electronic passport


Mobile applications with an electronic passport will not be able to completely replace a physical document. The FSB opposed the idea of placing the full document in smartphones.

The FSB considers it extremely unreliable to place the passport data of Russians in applications based on foreign operating systems iOS and Android, as they will not be able to guarantee the security of data and absolute access control from unauthorized persons. It will be possible to fully use the application as an identity card only when the domestic operating systems will function normally in Russia.

"There is a risk that Apple or Google developers will be able to access the data stored in the application", suggests Alexander Kruglov, senior analyst at Digital Security.

"Theoretically, there is such a possibility, since iOS or Android developers can insert a traffic analyzer into the next update of the system and collect user data", added he.

According to Kruglov, Apple, for example, refuses FBI requests to open access to iPhones of suspects.

It is worth noting that there is a Russian operating system Aurora created on the basis of the Finnish Sailfish. The state was going to supply officials and civil servants with phones with Aurora OS, they were going to spend 160 billion rubles (2,4 million $) on this. But there are practically no devices with preinstalled Aurora OS and applications for this operating system.

During a recent meeting with Deputy Prime Minister Maxim Akimov, it was decided that a smartphone app will appear and will be able to verify the identity of a citizen in most, but not all situations.

Most likely, citizens will be able to use the app only for simple services: for example, to verify the age when buying alcohol or cigarettes. But it will be possible to buy an apartment only through a card with a chip.

Earlier, E Hacking News reported that the Russian government has determined the basic parameters of the future e-passport. It will have two components - a plastic card with a chip and a mobile application. Documents of the new type will be issued to Russians from 2020 in Moscow. Paper passports will no longer be issued, but old documents will remain valid until their expiration date. The e-passport will become a universal carrier of information about a person, necessary for his identification.

ISRO targeted by North Korean Hackers during Chandrayaan-2 Launch


According to the fresh news that has been coming from various experts, it has appeared that Chandrayaan-2 (also known as Mission Moon), a famous mission by the Indian Space Research Organisation (ISRO) was attacked by hackers from North Korea. It also appears that the attacks were organized using a malware named Dtrack, which is connected to a club of North Korean hackers managed by the administration. "The malware was identified by the Financial Institute and Research Centers in 18 Indian states," confirms the reports by Kaspersky, a cybersecurity firm.


It is also said that the same malware was used to direct hacks on Kudankulam nuclear factory. The National Cyber Coordination Center that attempts to protect the nation from harmful cyber invasions recently received critical information from a US cybersecurity firm regarding the hack. It said that Kunankulam Nuclear Plant's master domain controllers alongside the ISRO were attacked by the hackers. Following this incident, Kaspersky's specialists detected the malware and notified the issue to the Indian government before the Chandrayaan-2 landing.

"The hack was organized using very simple and basic techniques like phishing emails, an unedited browser, and poor security that resulted in allowing the hackers to easily invade the devices," says Yash Kadakia in an interview, founder, Security Brigade, a cybersecurity firm in Mumbai. He further adds that a similar server was used to send spams to superior nuclear experts at the Nuclear Plant in Kudankulam which was also aimed by the hackers to pick other experts at ISRO later.

About Dtrack Malware- 
Generated by North Korean Hackers, the Dtrack malware provides a full command that permits the hackers to obtain data from the device. The virus can misuse devices with weak privacy and passwords. If the virus invades a device, it can obtain critical information like catalogs, IDs, user history, and IP addresses. "A high number of DTrack attacks were discovered. The hack was carried by Lazarus that has become a major concern for big corporations," said Konstantin Zykov about the virus who is a Researcher at Kaspersky Cybersecurity, at an event in Delhi.

The Ministry of Internal Affairs of Russia to create a Department to combat crimes in the IT-sphere


The Ministry of Internal Affairs will have units to combat crimes committed using IT-technologies. Units will be formed without increasing the staff.

This decision was made by Vladimir Kolokoltsev, the Minister of Internal Affairs of the Russian Federation, at a meeting of the Collegium of the Ministry of Internal Affairs of Russia, which was held as a video conference with all regions of the country. The meeting was attended by representatives of the Central Bank of the Russian Federation, the Ministry of Finance, Roskomnadzor, Rosfinmonitoring and a number of leading financial institutions.

The purpose of the creation of such units is to increase the efficiency of the prevention and suppression of crimes in the IT-sphere, as well as improving the skills and training of the most trained employees in identifying, revealing and investigating crimes committed using information and telecommunication technologies.

According to the Ministry of Internal Affairs, every seventh crime in Russia is committed in the field of IT-technologies. Law enforcement agencies in recent years have noted an increase in the number of crimes committed using the Internet, including fraud, drug distribution, theft of funds and other crimes.

At the moment, Vladimir Kolokoltsev instructed the heads of operational headquarters to prepare documents that will determine the structure, powers and functions of the new units to combat cybercrime.

Currently, the Office “K” of the Ministry of Internal Affairs is engaged in crimes in the field of information technology. In particular, the employees of this Department are engaged in the fight against illegal trafficking in electronic equipment and special technical equipment.

Earlier, E Hacking News reported that the Ministry of Internal Affairs will create a portal for complaints against hackers. The resource will be continuously and automatically collect data about the threats.

The Russian Embassy in Prague denied the statement of a Russian spy network in the Czech Republic


The Russian Embassy in Prague denied the statement of the head of the Czech Security and Information Service, Mikhail Koudelka, who announced the disclosure of the activities of the Russian spy network allegedly operating in the country.

On Monday, the head of the Czech Security Information Service (BIS), Mikhail Koudelka, said that his agency and the Czech police had exposed the activities of a Russian spy network, which operates through the Russian Embassy in Prague.

"This network was completely defeated and beheaded," said Koudelka during a speech in the Czech Parliament.

According to the head of BIS, this network "was created by people associated with the Russian intelligence services, and funded from Russia and the Russian Embassy."

Koudelka claims that members of the network planned attacks against targets in the Czech Republic and other countries via the Internet. He also said that this network was part of a larger structure created by Russia in other European countries. However, he did not name these countries.

Koudelka said that he could not provide any specific information, as the investigation is not yet complete. However, information about this attempted intervention could be included in the BIS annual report, which will be considered by a parliamentary Commission this Thursday, October 24.

Recall that for the first time the Czech Security Forces disclosed the activities of the cyber attack center in early 2018. According to an investigation, the two companies were formally engaged in the sale of computer hardware and software, but in reality their employees were also preparing hacker attacks using their computers. Part of the equipment for companies in the Czech Republic was brought from Russia and also through the diplomatic mission.

The investigation said that the hacker group included both Czechs and Russians who received Czech citizenship.

The Head of the FSB spoke about the threat of massive terrorist hacker attacks


Director of the FSB Alexander Bortnikov said that terrorist can disguise their hacking attacks under the actions of special services of specific States and this threatened to political and military conflicts. He stated this at the XVIII international meeting of heads of intelligence, security and law enforcement agencies in Sochi.

According to the FSB, terrorist groups create and develop their own cyber units.

Bortnikov called on intelligence agencies of other countries to support Russia's demand to deposit encryption keys for mobile devices. Fighting terrorism is ineffective as long as they use closed channels of communication on the Internet, he explained.

"The main tool of communication between bandits are still Internet Messengers with high crypto protection. In this regard, we consider it a serious problem that a number of the world's leading IT companies do not want to cooperate with intelligence agencies in the field of information security,” Bortnikov said.

He also called on the special services to join efforts in identifying and blocking terrorist and extremist materials on the Internet and to establish cooperation with leading technology companies for this purpose.

Bortnikov also noted that the capabilities of terrorists in the future can grow due to the growing availability of artificial intelligence technologies. And with their help, the militants will be able to analyze large amounts of information, including illegally obtained databases.

In addition, the FSB Director said that international terrorists are increasingly using "confidential cryptocurrencies" to financially fuel their criminal activities. According to Bortnikov, terrorists create shell companies that legally participate in trading on stock exchanges, invest in real estate and various sectors of the economy. At the same time, criminals are increasingly using not bitcoin, but so-called “confidential cryptocurrencies”, which guarantee the anonymity of transactions.

Also, Alexander Bortnikov said about the threat of massive terrorist attacks using unmanned aerial vehicles. According to Bortnikov, the use of unmanned aerial vehicles capable of delivering various cargoes by terrorists will become a "real challenge" for the world's intelligence services.

It is important to add that this year the FSB has identified 39 terrorist attacks in preparation and eliminated 32 terrorists.

Russian experts created protection for ships and ports from cyber attacks


Russian company Engineering Technologies has developed a Poseidon system to protect ships and ports from cyberattacks. Domestic and foreign customers are already interested in this development.

Currently, 90% of the world's cargo is transported by sea. Objects of marine infrastructure due to their high automation and computerization are often victim of hackers. So, in 2017 and 2018, cyber attacks were carried out on the largest sea carriers Maersk (Denmark) and COSCO (China), as a result of which cargo terminal systems were blocked. In Russia in early 2018, hackers tried to disrupt the work of the Administration of the Sea Ports of Azov Sea.

"The Poseidon complex is being developed to protect ships and marine infrastructure facilities – ports, shipyards, drilling platforms from cyberattacks," said Artem Dolgikh, Poseidon Project Manager and Technical Director of Engineering Technologies.

Currently, most ships are protected using standard software, as well as security rules and policies on network equipment.

Poseidon uses the author's database of cyber vulnerability scenarios for the marine area and an automated threat detection algorithm implemented on the basis of neural networks and artificial intelligence.

According to Artem Dolgikh, the application of the program will reduce the costs of shipowners. So, a number of industry-specific marine companies, both in Russia and abroad, are already interested in it.

It became known that the software part of the system is planned to be developed in Russia, and the hardware part can be produced both on the territory of the Russian Federation and abroad.

Earlier, E Hacking News reported that now shipping companies are considering moving into the digital era and to work out a system which will integrate blockchain technology into one vast platform. A number of different shipping lines, such as A.P. Moeller- Maersk A/S have teamed up with technology companies, and they are about to revolutionize the shipping industry and upgrade the world’s most complex logistics network.

Russia suspects Western countries interfered with Internet resources of Russian government agencies


Russia suspects that the Western countries have interfered with the work of Russian government agencies websites, said Russian Foreign Minister Sergei Lavrov, speaking to students and faculty of Moscow State Institute of International Relations and to the Diplomatic Academy of the Ministry of Foreign Affairs. He also confirmed that the topic of information security over the past couple of years has become quite popular.

In addition, Lavrov recalled that Russia was repeatedly accused of hacking American Internet resources. The US authorities are convinced that the Kremlin interfered in the 2016 US presidential election.

According to the Russian Minister, the accusations against Moscow “have not been convincingly confirmed.” Nevertheless, the myth of Russian intervention "continues to spread through the American and Western media and some Western politicians continue to raise this topic."

“We also have a reason, and more serious, to suspect that our Western colleagues are paying increased attention to our Internet resources. And this happened more than once. Representatives of the Central Bank of Russia, Sberbank and other government agencies also spoke about this.” But Lavrov did not give examples of alleged Western intervention.

Recall, the State Duma has prepared a mirror response to accusations of alleged Russian interference in the electoral process in the United States. In August, speaker Vyacheslav Volodin announced the creation of a parliamentary Commission to investigate the facts of foreign interference in the internal Affairs of the Russian Federation. Deputies found two examples of “cynical interference”, these are tweets of Deutsche Welle and the US State Department, which the Foreign Ministry considered calls to participate in unauthorized actions in Moscow. However, Mr. Volodin promised to present other "materials", mentioning, in particular," manuals", which allegedly "were distributed by employees of foreign embassies."

An expert in International Relations doubts that the West will listen to Russian statements about intervention, as Russia does not accept similar accusations of the West.

Ivan Timofeev, the Director of the Russian Council on Foreign Affairs, suggests that in the end there will be people in the West who will say: "Look, Russia is creating the scandal out of nothing. Surely they do it to distract attention from their own interference in other people's elections.”

Estonia started cooperation with India in the field of cybersecurity


The Estonian Information System Authority (RIA) signed a cyber security cooperation agreement with India last Wednesday.

In accordance with the new Agreement, the parties will provide security in the field of cyberspace with doubled efficiency.

The Ministry of Electronics and Information Technology of India agreed on the Agreement and Margus Noormaa, the Head of Estonian RIA (Information System Authority), endorsed it.

The contract involves the exchange of operational information, conducting special consultations, as well as providing extensive assistance to the parties and communication with experts and specialists in addressing the complex issues.

It is worth noting that on August 21, Vice-President of India Muppavarapu Venkaiah Naidu, who is visiting Estonia, met with the Head of the Estonian Government Juri Ratas.

"I am very pleased that the relations between Estonia and India have become closer in recent years. For example, interest in Estonia has been noticeably increased for both Indian students and start-up entrepreneurs," Juri Ratas said.

During a conversation with the Vice-President of India, the Estonian Prime Minister said that in recent decades Estonia has made a huge leap in economic development and has become a world leader in the field of e-state. Also, as Ratas noted, there are impressive achievements in the field of cybersecurity and blockchain technologies.

"We are happy to share our experience with India. Many local companies have already become excellent investment partners for us, and even wider cooperation in many areas of the economy can grow from this,” the Estonian Prime Minister said.

At the moment, Estonia is one of the most active countries in the field of IT-development.

So, this year the first summer school of cyber diplomacy begins in Tallinn for about 80 diplomats, scientists and experts from 26 countries of the world. The participants of the school will consider the law and norms in cyberspace, the role of cyber operations in modern conflicts and other relevant topics.

The total cost of creating the Cybersecurity Training Center exceeded 18 million Euros. NATO itself invested six million, and Estonia’s alliance partners donated two million.

However, the political scientist Vitaly Gaychonok said that this is crazy. According to the expert, it is extremely difficult to use the same laws in the cybersphere that are applied in real life.

Estonian authorities and the military are focusing on ensuring cybersecurity. In April this year, a Training Center on Cybersecurity was opened in Tallinn, where it is planned to train NATO specialists and conduct international cyber studies.

Cryptographer hacked an online voting system in Moscow


According to the results of the meeting of the technical working group on electronic voting, it became known that the French cryptographer, who pointed out the shortcomings in the electronic voting system, will receive a reward of one million rubles (15 000$).

Last week it became known that Pierrick Gaudry, an employee of the French National Center for Scientific Research, said that the encryption used in the Russian electronic voting system is “completely unsafe” and can be hacked by attackers in about 20 minutes.

Recall that the Russian Government offered a cash prize of 1.5 million rubles (23 800 $) to a hacker who can hack the electronic voting system.

However, according to Artem Kostyrko, the Deputy Head of the Moscow Department of information technology, nobody, including the French cryptographer, managed to hack the system. However, since Pierrick Gaudry pointed out the weakness of the system and drew attention to its testing, he will receive a reward of one million rubles, provided that no one will be able to hack the system during the next testing on August 21.

Other sources reported that Pierrick hacked the system, as he managed to restore all three secret keys. He has published a command-line script, so anyone can hack the voting system. Therefore internet users repeated the experiment and the calculations took the same amount of time - a little more than 20 minutes. When the private keys are known, decrypting the message becomes a trivial task.

It is interesting to note that before Pierrick published his work, Stanislav Smyshlyaev, the Deputy General Director of the company CryptoPro, stated that any laboratory accredited by the FSB of Russia would have found such a vulnerability. At the same time, Artem Kostyrko at one of the meetings of the technical working group mentioned that the Internet voting system was checked by experts from the FSB. Alexey Venediktov, the member of the Public Chamber of Moscow, claimed that military hackers from the GRU were involved in testing the voting system. However, none of them found the vulnerability.

According to forecasts, about 3 percent of the total number of voters will be able to take advantage of electronic voting in the elections to the Moscow City Duma on September 8. By the way, this is 1 percent more than during the experimental electronic voting in Estonia.

Previously, Ehacking News reported that the team of the Ukranian president Vladimir Zelensky promised to hold the next presidential elections in Ukraine using Estonia's experience in electronic technologies.

It is known that the widespread introduction of electronic technologies has become a kind of visiting card of Estonia and its know-how in the eyes of the world community. 

On the guard of the cyber world: Ethical-hackers will appear in the Russian army


The Russian army will have special units, which will include ethical-hackers - people with technical education who will protect the "military Internet". They will scan the system for the presence of enemy cyber attacks and quickly neutralize them.

Conscripts will not be able to get into such units because only officers with special higher technical education can serve in a cyber army.

According to military expert Dmitry Boltenkov, it is necessary to block the attacking computers of the enemy and prevent him from getting into the network. Usually, software and hardware protection is used for this, as well as special devices that protect against hacking or warn of penetration.

It is already known that the software has already been created that should unite the field control stations and provide a multi-level network protection system.

According to experts, such a system will make it impossible for external access to the "military Internet". Protection includes several firewalls that prevent unauthorized access. So, specially designed antiviruses will track the unauthorized access of malware.

The exact place where the invasion occurred and the enemy could intercept radio signals or connect to the network will be detected with the help of special programs and equipment. Further, cybersecurity experts from the new unit can identify and localize the consequences of the attack.

The main advantage of this system is its autonomy because "military Internet" is not connected with the usual network, which means it is less prone to leaks and hacker attacks from outside.

The Ministry of Defense tested the work of the “military Internet” this year. The exchange of information at a speed of 300 Mbit/s was carried out between the field control stations at a distance of more than 2 thousand km. The military Department used special equipment and more than a thousand mobile communication and encryption complexes to create ultra-long data lines. The new system allows the exchange of information at a distance of several thousand kilometers, and all communication channels will be protected from hacking.

In addition, the Armed Forces of Russia are also creating a sovereign Internet - multiservice transport communication network (MTSS). It is planned to complete the first stage of work at the end of this year.

All data is in plastic: the usual passports of Russians will begin to change into digital


The Russian government has determined the basic parameters of the future electronic passport. Documents of the new type will be issued to Russians from 2020 in Moscow, and it is planned to fully switch to digital passports by 2022.

Paper passports will no longer be issued, but old documents will remain valid until their expiration date. People over 45 will continue to use paper documents indefinitely.

The e-passport will become a universal carrier of information about a person, necessary for his identification. The government is discussing the addition of other personal data to such a document, such as electronic signatures, fingerprints, insurance number.

However, the design of the electronic passport has not yet been approved. Prime Minister Dmitry Medvedev said that the main version is a plastic card with a chip, which will be complemented by the secure mobile application "My passport".

Such a document looks like a Bank card with a high degree of protection NFC-based chip will be integrated into the card and the card will also have a QR code and holographic protection. All components for the new document will be only "made in Russia".
Crypto-protection will increase the protection of a new passport against fakes. In addition, the mobile application "My passport" will give the opportunity to use a cloud digital signature, which is convenient for entrepreneurs. It is planned that the application will be available for all platforms — Android, iOS and even for the Russian operating system Aurora.

The government promised to pay maximum attention to the protection of electronic passports from hacking and manipulation.

It is interesting to note that Georgian citizens can already receive an electronic identity card, they can get it within three days for $ 10. A “smart” chip embedded in a plastic passport allows identifying the owner and getting all the information about his property, tax payments and even health.

"Now more than three million citizens of Georgia have electronic passports. Citizens from 14 years of age must obtain a passport", – said Givi Azarashvili, the Director of the House of Justice.


In Kazakhstan, everyone who wants to use Internet must allow government to read their Secure Traffic (HTTPS)



Providers of Kazakhstan persuade customers to install a "state trusted certificate" on all devices, which will allow intercepting all encrypted traffic of the country in order to protect citizens from cyber threats and illegal content.

Kazakhstan Telecom operators have begun to notify customers about the need to install a special security certificate Qaznet on all subscriber devices with Internet access - mobile phones and tablets based on iOS/Android, personal computers and laptops based on Windows/MacOS.

The message on the website of the Kcell provider states that the certificate recommended for installation "was developed in Kazakhstan and provided by the authorized state body" and "will allow protecting Kazakhstani Internet users from hacker attacks and viewing illegal content". However, it can be assumed that such opportunities can be used by the authorities of Kazakhstan to gain access to information that citizens exchange via the Internet.

Users are invited to download the certificate from the website qca.kz. This domain name is registered to an individual Askar Dyussekeyev. The address of the owner is the same as the address of the Ministry of Digital Development, Innovation and Aerospace Industry of Kazakhstan.

Telecom operators warn that if the certificate is absent, then customers may encounter problems accessing certain Internet resources.

Indeed, according to some users from the capital of Kazakhstan, it is impossible to access sites that force the use of the secure HTTPS protocol using the HSTS mechanism without installing a certificate. Such sites are now the majority.

According to Shavkat Sabirov, the President of the Internet Association of Kazakhstan, there is a global problem in the world related to the safe use of the Internet.

"All the experiments that were associated with the installation of root certificates failed. All over the world, it is already recognized that this is an unsuccessful and even a terrible attempt to work in a safe mode. If this certificate is stolen or hacked, the attackers will get absolutely all the information about users data that use this certificate," said the president of the Internet Association of Kazakhstan.

The President of the Internet Association of Kazakhstan noted that companies that provide services on the Internet with the security certificate should take responsibility for its use.

The Moscow Mayor’s Office claims that electronic voting is safe


According to Alexey Shaposhnikov, the Chairman of the Moscow Parliament, the experiment to conduct electronic voting in the elections of deputies of the Moscow City Duma will take place, despite the detection of weaknesses in its system during testing.

Shaposhnikov said, “I am a supporter of the development of e-democracy; e-voting is one of the elements of its development.”

Recently, Alexei Venediktov, the Deputy Chairman of the Public Chamber, said that the electronic voting system from July 11 will be available in test mode for everyone. Hackers will be able to try to hack it for a fee of 1.5 million rubles.

Artem Kostyrko, the Deputy Head of the Department of Information Technology Department of Moscow, said that the guarantee of security of the electronic voting system is the fact that it will be held on the website of the Moscow Mayor’s Office mos.ru.

The speaker of Moscow City Duma noted that he did not know of any cases of hacking into the site mos.ru. Specialists, who are responsible for the functioning of the security system, guaranteed correct operation during the counting of votes.

People wishing to participate in the electronic voting must pass verification in advance on the official website of the Mayor of Moscow.

The Moscow City Duma Chairman added that according to preliminary forecasts, up to 6% of the voters in Moscow will participate in the experiment on conducting electronic voting.

It should be noted that the Moscow authorities plan to arrange an online broadcast of electronic voting, during which it will be possible to find out the number of voters.

Experts believe that it remains unclear how the voter authentication, the secrecy of the vote and freedom from being forced to vote will be ensured.

In addition, the technical side of the e-voting process is provided by the Moscow Mayor’s Office, which is a structure of the Executive branch of Government, the head of which represents one of the political parties. According to experts, this is a violation of the principle of independence of election organizers and the principle of separation of powers.

Elections to the Moscow City Duma are scheduled for September 8, 2019. An experiment on electronic voting will be conducted in three districts of Moscow.

The Russian Embassy responded to accusations from London in cyber attacks


The Press Secretary of the Russian Embassy in the UK said that the cyber attacks, which were stated by the British Minister, are not a real problem, but only a reason for the forcing of anti-Russian sentiment.

Recall that on Thursday, British Foreign Minister Jeremy Hunt once again accused Russia of carrying out cyber attacks in order to "undermine the critical infrastructure" and "change the results of the elections" in many countries.

The diplomatic mission stressed that the Russian side "repeatedly at various levels offered British partners cooperation on the issue of cyber threats". However, there has been no reaction from London.

The diplomats expressed the opinion that the new anti-Russian statement of the British Minister indicates that the Russian cyber attacks are not a problem for the British authorities, but an occasion to " forcing anti-Russian sentiments on an international scale."

The Russian Embassy stressed that such statements cause regret and serious concern. In addition, they added that, perhaps, London in this way hides preparations for a cyber attack on Russia.

However, no one in Europe believes Hunt. The President of the Czech Republic Milos Zeman commented on the allegations of Russian influence on the elections.

"Fake news is that Russians, Chinese or someone else influence the elections. Such false news is aimed at creating panic, they are spread by those who are afraid of losing. They are looking for an excuse to lose the election in advance," the Czech leader said.

It is worth noting that Russia has repeatedly denied all the allegations of attempts to influence democratic processes in different countries. Western countries have repeatedly attacked Moscow on this issue.

Earlier, for example, the State Secretary Mike Pompeo said that Russia interfered in the US elections in 2012, in 2008 and in 2004. However, he did not provide any evidence of his words.

Russian Senator Alexei Pushkov drew attention to the fact that from Pompeo's statements it can be concluded that "Russia has been interfering in the US elections since he went to school." At the same time, he noted with irony that maybe Moscow chose Pompeo.