Search This Blog

Showing posts with label National Cyber Security. Show all posts

United States rejected Putin's offer to cooperate on cybersecurity

The US authorities for the first time publicly responded to the proposal of Russian President Vladimir Putin to resume cooperation in the field of international information security. US Assistant Attorney General for National Security John Demers called the Kremlin's initiative "nothing more than false rhetoric, cynical and cheap propaganda.” And Secretary of State Mike Pompeo said that Russia is dismissive of public security and international stability in cyberspace.

On September 25, Vladimir Putin invited the US authorities to resume cooperation in the field of international information security, which began in 2013 but was frozen due to disagreements over Ukraine and Russia's alleged interference in the 2016 US presidential election.

The President of the Russian Federation then stated that the dialogue in the cyber sphere should not be a "hostage" of political disputes, and proposed a four-point program for restoring cooperation.

In a statement, the Russian President said that "the risk of a large-scale confrontation in the digital sphere is one of the main strategic challenges of our time." "Special responsibility" for preventing cyberwarfare lies, as the Kremlin said, "on key players in the field of international information security," that is, primarily on Russia and the United States.

On October 7, in an interview with the Russia TV channel, Vladimir Putin complained that there was no response to his proposal from the United States. "Unfortunately, as with a number of our other initiatives, there is no response to this, I believe, very important topic, although there are continuing complaints against us about our hyperactivity in the information sphere, interference in elections there, and so on, which have absolutely no basis,” said Mr. Putin.

Russian military companies were reportedly attacked by hackers from North Korea

North Korean hacker group Kimsuky has reportedly conducted several attacks on the Russian military-industrial complex in order to obtain military and technological secrets of Russia

According to the cybersecurity company Group-IB, attacks by hackers from the Democratic People's Republic of Korea on the Russian defense industry took place in the spring of 2020. North Korean cyber criminals sought to obtain data from aerospace and defense companies, as well as from enterprises that produce artillery equipment.

Telegram-channel SecAtor reported that Rostec was among the companies that were attacked. RT-Inform, a subsidiary of Rostec that deals with information security, did not confirm or deny these data, but noted that the number of cyber attacks on the resources of the state corporation increased from April to September.

"Most of the attacks were poorly prepared and did not pose a significant threat when they were exposed, but this could only be preparation," said RT-Inform.

Experts believe that in this case, hackers from the DPRK will soon launch new, more well-prepared attacks.

Kimsuky is also known by the names Velvet Chollima and Black Banshee, it is engaged in cyber espionage. According to Group-IB, North Korean hackers previously attacked facilities in South Korea, but then engaged in enterprises in the production of artillery equipment and armored vehicles in Russia, Ukraine, Slovakia and Turkey, using fraudulent mailings.

According to Denis Legezo, a cybersecurity expert at Kaspersky Lab, some fraudulent emails from North Korean groups contain information about vacancies in the aerospace and defense industries. He believes that this indicates the interest of hackers in industrial espionage.

As reported by E Hacking News, in September in Russia there were cases of attacks by the Chinese hacker group Winnti on software developers for banks, as well as on companies in the construction sector. Winnti has previously repeatedly hacked the networks of industrial and high-tech companies from Taiwan and Europe, but the group's activities have not yet been reported in Russia.

Russia considers the accusations by the Norwegian authorities of the cyber attack as a provocation

 Russia considers the accusations by the Norwegian authorities against it in the cyber attack a deliberate provocation. This statement was made on Tuesday by the Russian Embassy in Norway on Facebook.

"We regard the incident as a serious deliberate provocation that is detrimental to bilateral relations,” said the statement.

"Millions of cyber attacks are made annually on Russian state Internet resources (including foreign institutions in Norway) from abroad (for example, 77 million attacks were made on the Foreign Ministry website in January-September 2018), but this does not give the right to accuse the authorities of the countries of their possible origin,” stressed the Embassy.

They pointed out that "in May 2020, a note was sent to the Norwegian Foreign Ministry setting out the procedure for dealing with computer incidents - there are official channels for investigating them." "There was no reaction at the time, which indicates the reluctance of the Norwegian authorities to conduct a dialogue. The question is why did we create specialized response mechanisms and create a legislative framework together with European countries? We expect explanations from the Norwegian side,” said the diplomatic mission.

The head of the Federation Council for International Affairs, Konstantin Kosachev, called the Norwegian government's accusations unsubstantiated. According to him, Oslo did not offer to discuss the incident at the expert level.

Earlier on Tuesday, Norwegian Foreign Minister Ine Eriksen Soreide claimed that Russia was behind the cyber attack on the country's Parliament in August 2020.

On September 1, the Parliament of the Kingdom reported that it had been subjected to a cyber attack, as a result of which unknown hackers gained access to the email of a number of deputies and employees of the legislative body. Later, the Norwegian Police Security Service (PST) said it would investigate whether "any state" was behind the cyber attack that occurred on August 24.

Spending on information security in Russia will increase eightfold

Russia intends to sharply increase the cost of information security, and mainly on cryptography, and not on personal data protection

According to the published draft of the Federal budget for the next three years, it was decided to increase the expenditures on information security in the amount of 2 billion rubles (25 million dollars) initially laid down for 2022–2023 to 16 billion rubles (204 million dollars). This is the most significant increase in the budget in comparison with other Federal projects included in the Digital Economy direction.

The authorities plan to pay the greatest attention to the development of domestic cryptography, the functioning of cyber polygons, filtering Internet traffic and countering computer attacks. At the same time, the creation and operation of the national center for the introduction of modern cryptography methods can take over more than half of the total budget of the Federal project.

Budget money should also be used to analyze the security of state systems. However, the largest expenditures are allocated for the technical implementation of various project areas: equipment, specialized software, and staffing and production support.

The disadvantage of the project is the lack of measures aimed at preventing data leaks and protecting the personal information of Russians. Analysts pointed out that it would be logical to allocate part of the funds to system security in matters of interaction between the state and citizens on digital platforms. In addition, according to market participants, specialized education and training of qualified specialists receive insufficient funding.

Ivan Mershkov, technical Director of NGRSOFTLAB, said that it is critically important to envisage measures to increase digital literacy among the population. The number of phishing attacks shows explosive growth, which will only increase with the increase in digital consumption.

Nevertheless, the increase in funding for this federal project was seen as a good sign, indicating that the issue of cybersecurity is coming to the fore in Russia.

Hackers threaten to bring down the tax, energy and banking system of Belarus

A group of hackers threatens to bring down the tax, energy and banking systems of Belarus if the head of state Alexander Lukashenko does not comply with the ultimatum

The union of hackers and IT-developers of Belarus has threatened President Alexander Lukashenko to bring down the tax, energy and banking systems if security forces continue to detain protesters.

The statement of attackers was published in the Telegram channel "Cyber Partisans". They demand that Lukashenko stop the arrests by September 13, go out with a loudspeaker and publicly apologize to the population, as well as leave his post. And if this does not happen, "Belarus will forget what taxes are."

"Alexander Lukashenko, we are addressing you personally. It will be very painful, first, the tax system will break down, then the electricity in the country will run out, then the banking system will break down… Do you need it?" the hackers asked the President of the Republic. In addition, the hackers stressed that they are able to "kill the ruble" and start blocking the bank accounts of people from Lukashenko's inner circle.

Recall that after the announcement of the election results in Belarus, mass protests began. The protesters are demanding Lukashenko's resignation and new fair elections. In addition, citizens report violence by the security forces.

The European Union refused to recognize the victory of Lukashenko, and the Kremlin, on the contrary, congratulated the permanent leader of the Republic on the next term.

An interesting fact is that during the elections and in the following days, the Internet stopped working several times in the country. The Belarusian authorities called the cause of the failure a cyberattack from abroad, but later it became known that the equipment for blocking local state security agencies was provided by the American company Sandvine.

Russian cloud storage will protect user data before elections


The creation of the Russian cloud services will allow protecting confidential data of not only ministries or departments, but also of ordinary Internet users, said political analyst Yuri Samonkin.

MTS group of companies announced the launch of a cloud service with an increased level of protection. It is assumed that the new service will be in demand among government organizations, ministries, departments and private companies that carry out government orders, said Oleg Motivilov, Director of MTS cloud business. According to him, the new system meets all the requirements of the law on personal data protection.

Russia is one of the leaders in the development of Internet technologies, said Yuri Samonkin, President of the Eurasian Institute of Youth Initiatives. He believes that the current realities of the Internet dictate the need to create new digital solutions, such as cloud storage.

According to him, many Russians use Western social networks and other Internet resources. Therefore, the issue of protecting their personal data, which is often "leaked", is very relevant.

On the eve of the upcoming elections, the issue of cyber defense is becoming even more acute. It is necessary to protect from external interference not only the personal data of the voters themselves but also the servers of the relevant departments.

"State and municipal portals should be located not on Western servers, but on domestic ones. This will avoid information leakage and hacking", concluded Mr. Samonkin.

Earlier, E Hacking News reported that Russia has worsened its position in the ranking of countries with the most stable segments of the national Internet, dropping from 11th to 13th place. 

Russia has fallen to 13th place in the world ranking of the stability of Internet segments

According to Qrator Labs, a company specializing in ensuring the availability of Internet resources and countering DDoS attacks, Russia has worsened its position in the ranking of countries with the most stable segments of the national Internet, dropping from 11th to 13th place. Experts attribute this to the continuing expansion of the market of Internet operators and the slow transition to the new IPv6 protocol, which allows using more IP addresses.

The rating of the stability of the national segments of the Internet has been calculated since 2016 among 249 countries of the world. According to the rating, Russia took the 13th place this year, the year before the Russian Federation took the 11th place.

Experts believe that the use of a more advanced version of IPv6 by network operators along with the IPv4 Protocol can increase the stability of Internet segments. Then in case of problems with one Protocol, the other will work.

According to Google, just over 30% of users in the world use the new Protocol, while in Russia this figure is slightly more than 5%.

The problem is that Russia does not have a universal program for switching to IPv6. "It is difficult to force current market participants to switch to a new Protocol, because they will have to upgrade equipment and hardware and software systems, and this is a serious expense," said Andrey Vorobyov, director of the Coordination Center for .ru / .РФ domains.

The global five countries are led by Brazil, Germany, Switzerland, Ukraine and the United Kingdom. Next in the ranking are the Netherlands, Canada, the United States, France and Liechtenstein. Four newcomers, Liechtenstein, Japan, Indonesia and Argentina, entered the top 20 this year, while Luxembourg, Czech Republic, Ireland and Bulgaria left. Hong Kong dropped eight positions in a year.

DDoS attacks from the USA, UK, Ukraine were recorded during the voting in the Russian Federation

Andrey Krutskikh, special representative of the President of Russia for international cooperation in the field of information security, said on Monday at a conference on cybersecurity that the sources of DDoS attacks on Russian government agencies during the voting on amendments to the constitution were recorded from the United States, Great Britain, Ukraine and a number of CIS countries.

He noted that in 2020, attacks with the aim of affecting critical infrastructure and electoral processes have become commonplace.

"For example, during the voting period on amendments to the Constitution of the Russian Federation (June 25 - July 1 this year), there were large-scale attacks on the infrastructure of the Central Election Commission and other state bodies of Russia. Sources of DDoS attacks with a capacity of up to 240 thousand requests per second were recorded from the United States, Great Britain, Ukraine and a number of CIS countries,” said the special representative of the President of the Russian Federation.

According to Krutskikh, in 2020, the problems that all countries face in the information space are growing like a "snowball". Thus, the volume of illegal content, including terrorist content, distributed on the Internet is increasing, and the implementation of destructive actions of states in the information space is becoming the norm.

"The concepts adopted in some countries for preemptive cyber strikes and offensive actions in the cyber sphere do not add the optimism,” stated Mr. Krutskikh.

It is interesting to note that during the six days of voting, officials reported one major attack, it occurred on the evening of June 27. Artem Kostyrko, head of the department for improving territorial administration and developing smart projects of the Moscow government, explained that hackers tried to influence the system through a service for monitoring online voting.

Number of Cyber Attacks from Germany Increased, says Russian Foreign Minister

In the period from 2019 to 2020, Russia registered a sufficient number of cyberattacks from Germany to Russian facilities and organizations. This was stated by Russian Foreign Minister Sergey Lavrov after talks with his German counterpart Heiko Maas. 

Moscow is concerned about the situation with cooperation with Berlin on cybersecurity. "We expressed concern to the German side about the situation in our interaction on cybersecurity,” said Lavrov.

"We noted that last year and this year a significant number of cyberattacks were registered against objects and organizations in Russia, coming from the German segment of the Internet,” said the Russian Minister said.

Recall that at the end of May, the German Foreign Ministry summoned the Russian Ambassador in Berlin, Sergei Nechaev. He was informed that the Prosecutor General's Office of Germany had put on the wanted list a Russian Dmitry Badin on suspicion of participating in a hacker attack on the Bundestag in April-May 2015. 

In addition, the Department reported that Berlin plans to activate the cyber sanctions regime against Russia because of this case. The EU cyber sanctions regime came into force in May and has not yet been applied. Restrictive measures under this regime may include asset freezes, as well as travel bans to EU countries. The imposition of sanctions requires the unanimous approval of all member countries.

The Russian Foreign Ministry said that Berlin did not provide evidence of Russia's involvement in the hacker attack, and strongly rejected the charges. As Andrei Krutskikh, Director of the Department of International Information Security of the Russian Foreign Ministry, said earlier, Moscow offers Berlin to hold consultations on cybersecurity, this would help to settle many claims.

The National Security and Defense Council of Ukraine reported a leak of IP addresses of government websites


The leaked list of hidden government IP addresses of government websites occurred in Ukraine. This is stated in the statement of the National Security and Defense Council (NSDC).

It is noted that specialists of the National Cyber Security Coordination Center under the National Security and Defense Council of Ukraine have found in the DarkNet a list of almost 3 million sites using the Cloudflare service to protect against DDoS and a number of other cyberattacks. The list contains real IP-addresses of sites that are under threat of attacks on them.

"The list contains real IP addresses of sites, which creates threats to direct attacks on them. Among these addresses are 45 with the domain" gov.ua" and more than 6,500 with the domain "ua", in particular, resources belonging to critical infrastructure objects",  specified in the message on the official website of the NSDC.

According to Ukrainian experts, some data on Ukrainian sites are outdated, and some are still relevant. In this regard, according to the NSDC, there is a threat to the main subjects of cybersecurity.

It was found that Cloudflare provides network services to hide real IP addresses to mitigate DDoS attacks.

In January of this year, the national police of Ukraine opened criminal proceedings due to a hacker attack on the website of Burisma Holdings. According to Assistant to the Interior Minister Artem Minyailo, the attack "was most likely carried out in cooperation with the Russian special services." To conduct an investigation, Ukraine turned to the US Federal Bureau of Investigation.

In May 2020, representatives of the state service for special communications and information protection of Ukraine announced hacker attacks on the websites of state bodies of Ukraine, including the portal of the office of President Vladimir Zelensky. In the period from 6 to 12 may, more than 10.9 thousand suspicious actions were recorded on state information resources.

Representatives of the Russian government commented on the statements of Western media about the attack of "Russian Hackers"


The media of the United Kingdom and the United States are working in the interests of the authorities, trying to reduce the intensity of critical sentiment among British and American residents, said Alexander Malkevich, First Deputy Chairman of the Commission on Media of the Public Chamber of the Russian Federation, President of the Foundation for the Protection of National Values.

The Daily Telegraph, New York Times, Financial Times and Metro said that the hacker group ART29, allegedly linked to Russian intelligence services, attacked British research centers working on the creation of a vaccine against COVID-19.

In addition, British Foreign Secretary Dominic Raab said that in December last year, Russian hackers "almost certainly" tried to influence the outcome of the parliamentary elections in Great Britain by circulating "illegally obtained" government documents on the Internet.
London threatened to retaliate at the diplomatic level, without providing any evidence of confirmation about the "Russian hackers".

According to Maria Zakharova, spokesman for the Russian Foreign Ministry, British and American tabloids, and newspapers like the New York Times and the Financial Times, do not need real evidence: anti-Russian publications are published there regularly. Britain did not make any real attempts to understand the situation.

“The British authorities are aware of the Russian National Coordination Center for Computer Incidents, specially created for this purpose. However, we did not receive any calls in connection with these incidents through official channels, ”said an employee of the Russian embassy in London.

Russia's ambassador to the UK, Andrei Kelin, called “meaningless” accusations of attempts to steal data on a coronavirus vaccine by hackers led by Russian intelligence services.  According to him, in the current world, it is impossible to attribute hacker attacks to any country.

Three countries have accused Russia of trying to steal data on the vaccine


The UK's National Cyber Security Center (NCSC) said that Russian hackers, led by Russian intelligence agencies, tried to steal information about the development of a coronavirus vaccine in the UK, Canada and the United States.

The report clarifies that the "cyber espionage group" APT29, or Dukes and Cozy Bear, which is "almost certainly" part of the Russian intelligence structure, has been carrying out attacks on various organizations that participated in the creation of the drug throughout the year.

According to the NCSC, hackers used malicious software WellMess and WellMail and phishing to gain access to the developers' computers. From the point of view of intelligence, many of these data were not valuable, but the stolen information can allegedly be used later or in case they become significant.

In the UK, SARS-CoV-2 vaccines are being developed by two research centers: the University of Oxford and Imperial College in London. The British media, citing information from sources in the special services, write that both organizations were “attacked by hackers”.

In turn, the Press Secretary of the Russian President Dmitry Peskov called the allegations of the British side unfounded. "We do not have information about who could have hacked pharmaceutical companies and research centers in the UK. We can say one thing - Russia has nothing to do with these attempts. We do not accept such accusations," said the Kremlin spokesman.

Hundreds of laboratories around the world are searching for a COVID-19 vaccine. The World Health Organization has said that without creating a vaccine, a pandemic cannot be defeated. Currently, nine research centers have begun clinical trials in the world. In Russia, clinical trials should begin in June. The Russian Ministry of Health expects a vaccine to appear at the end of July.
Earlier, E Hacking News reported that accusations of the British authorities against Russia of allegedly stealing coronavirus developments by Russian hackers are "typical corona - madness".

The number of vulnerable computers in Russia tripled during the period of self-isolation


DeviceLock analysts claim that the number of computers with the Windows operating system in Russia, that are vulnerable to Remote Desktop Protocol (RDP) access attempts, increased by 230%, to 101 thousand during the time of self-isolation.

The company's founder, Ashot Hovhannisyan, explained that the rapid growth was due to the fact that during the coronavirus pandemic, the number of servers, including those open to the Internet, also grew rapidly.

According to him, most companies allow users to connect via the Remote Desktop Protocol only using VPN technology, while a small percentage of servers are allowed to log in without a password, which is a serious threat to corporate networks.

Alexey Novikov, Director of the Positive Technologies expert center, added that botnets scanning the network for vulnerable computers had new goals when companies started transferring employees to remote work.  According to him, the rapid transition to remote work contributed to the fact that the priority was put on the performance of the infrastructure, rather than information security.

Hackers sell company accounts on the Darknet for 300-500 rubles ($4-7). The information obtained can help cyber criminals in stealing the user's personal data. This way, criminals will be able to get into the Bank account or, for example, to the crypto exchange or e-wallet.

According to Igor Zalevsky, head of the JSOC CERT cyber incident investigation department, the number of attacks has increased with the growth of the number of targets. For example, the number of attempts to select RDP passwords increased from 3-5 times to 9-12. The attacks began to last longer – from two to three hours. According to him, it takes attackers an average of one and a half days to access large companies with a large information security department. 

Expert: the image of a "Russian hacker" has become a means of information warfare with the Russian Federation


Experts commented on the release of the report of independent public organizations "Information fight against Russia: constructing the image of the enemy".

The director of the Center for Political Information, Alexei Mukhin, noted that the report analyzed how the image of the "Russian hacker" works. According to him, this image is replicated much less through the media than through social networks.

The image of a "Russian hacker", as Mukhin said, is mainly distributed via Twitter using similar hashtags, such as #Russianhacker. This is done to attract attention, to redirect the user to materials that demonstrate "horror and lawlessness".

This forms a "public opinion", with which not only politicians but also the military are already working. This is bad, because, in their hands, the information struggle turns into a hybrid war.

In different years, according to this scheme, Russia was accused of various outrages. In 2014, in the participation in the war in the Donbass, in 2016, in interference in the American elections.

It is characteristic that as soon as Russia requires to show evidence, it turns out that they are not.
Anna Shafran, a TV and radio host, believes that an open information war has already begun. 

According to her, recently, YouTube blocked without warning or explanation three popular Russian resources, including the TV company "Crimea-24". The Russian Foreign Ministry, of course, protested and rightly qualified the incident as an attack on Russian-language resources from the American Internet platform.

Sergei Sudakov, a Professor at the Military Academy of Sciences, said that the meme "Russian mafia" was created in the interests of the United States in the 1990s. It is outdated, replaced by a new meme "Russian hacker". It is fashionable to present Russia as an international information terrorist.
It is worth noting that in the Russian sector of the Internet, the meme “Russian hackers” is perceived approximately as “British scientists”. At the same time, in the foreign segment, the concept of "Russian hackers" is linked to such concepts as danger, interference, and more recently, incitement to riot.

Germany threatened Russia with sanctions for a hacker attack on the Bundestag


German Foreign Ministry spokeswoman Maria Adebar on Friday confirmed that Germany in connection with the case of a hacker attack on the Bundestag introduces a sanctions regime,  which includes freezing accounts and restrictions on entry to the European Union.  Hackers linked to Russian intelligence are suspected of hacking emails. Moscow denies any involvement.

Adebar added that this sanctions regime allows freezing assets and restricting entry not only for individuals but also for organizations.

The day before, the State Secretary of the German Foreign Ministry Miguel Berger invited the Russian Ambassador to Germany Sergei Nechaev to Berlin in connection with the case of a hacker attack on the Bundestag. Berger, on behalf of his government, "strongly condemned" the attack.

He also reported on Germany's plans to use the EU's cyber sanctions regime against the Russians involved in this attack, including Dmitry Badin. The reason for this, he also called a warrant for the arrest of Badin, which was issued by the US Attorney General in May.

Recall, in early May, the German media reported that the Prosecutor General's office of Germany announced an international search for Dmitry Badin on suspicion of complicity in a cyberattack on the Bundestag network in 2015. It was noted that he was also wanted by the US Federal Bureau of Investigation (FBI).

Berlin believes that Baden is part of the hacker group Fancy Bear. He is accused of conducting secret intelligence and illegally extracting computer data.

A cyberattack on the Bundestag's resources occurred in April 2015. German members of Parliament received similar emails, allegedly related to the UN, in which there was a link to malicious spyware. According to official data, hackers stole at least 16 gigabytes of data. It is assumed that the attackers copied two mailboxes with correspondence from the parliamentary office of German Chancellor Angela Merkel from 2012 to 2015.

The German side believes that Russia is not sufficiently involved in the investigation of the crime.

A Series Of Cyber Essentials Toolkits Released To Address Cyber-Security Risks


As a major starting point for small businesses and government agencies to comprehend and address cybersecurity risk as they indulge with other risks, Cyber Essentials, the Cybersecurity and Infrastructure Security Agency (CISA) released the first in a series of six Cyber Essential Toolkits following its own November 2019 release.

CISA's toolkits will give greater detail, insight, and assets on every one of the Cyber Essential' six "Essential Elements" of a Culture of Cyber Readiness.

The launch of the introductory "Essential Element: Yourself, The Leader" will be followed every month by another toolkit to compare with every one of the six "Essential Elements." Toolkit 1 targets on the role of leadership in fashioning a culture of cyber readiness in their organization with an accentuation on methodology and investment.

CISA Director Christopher Krebs says “We thank all of our partners in government and the private sector who played an essential role in the development of CISA’s Cyber Essentials Toolkit. We hope this toolkit and the ones we are developing, fills gaps, and provides executives the tools they need to raise the cybersecurity baseline of their teams and the organizations they lead.”

Cyber Essential created in collaboration with small businesses and state and local governments, plans to prepare smaller organizations that generally have not been a part of the national dialogue on cybersecurity with basic steps and assets to improve their cybersecurity.

The CISA incorporates two sections, the core values for leaders to build up a culture of security, and explicit activities for them and their IT experts to put that culture into action. Every one of the six Cyber Essential incorporates a list of noteworthy items anybody can take to bring down cyber risks.

These are:

  •  Drive cybersecurity strategy, investment, and culture; 
  •  Develop a heightened level of security awareness and vigilance;
  •  Protect critical assets and applications; 
  •  Ensure only those who belong on your digital workplace have access; 
  •  Make backups and avoid loss of info critical to operations; 
  • Limit damage and restore normal operations quickly.

The Russian Foreign Ministry has warned of the threat of cyber pandemic to humanity


Director of the Department of International Information Security of the Russian Foreign Ministry Andrei Krutskikh said on Tuesday during the online discussion “Information Security and the Digitalization Process: Between Development and Fears” that in addition to the coronavirus pandemic, humanity today is threatened by cyber pandemic provoked by the negative development of digital technologies, which could lead to military confrontation.

"We are dealing with two pandemics. One is a bio pandemic associated with the spread of coronavirus, people are dying, and now this is a priority topic. But in parallel with it, another global problem is also deepening, and it is probably human made - this is what I would call a cyber pandemic. Under cyberpandemic I understand the possibility of the involvement of humanity in cyber confrontation and even cyberwar," said Mr. Krutskikh.

He explained that the manifestations of cyberpandemic are hacking, cyberterrorism, cyber interference in private life and the development of states. "This is all a consequence of the development of negative trends in improving cyber technologies," added the diplomat.
"I also refer to the fact that a number of states proclaim doctrines of the right to launch preemptive cyberattacks even against a potential enemy when no one's guilt has yet been proven," added Mr. Krutskikh.

At the same time, he stressed that the forced transfer of many areas of life "to online" in the context of the coronavirus pandemic clearly shows the need to ensure international information security and develop common measures to combat cyber threats.

"We must develop not only a common language terminologically, not only a common understanding but also common security standards. We must not be late in finding solutions before the next cyber crisis,” warned Mr. Krutskikh.

On Tuesday, the Bank of Russia announced new fraudulent schemes to steal money from bank accounts using social engineering; criminals are actively using the theme of coronavirus infection.

Lithuania leads a European Union Cyber Rapid Response Team (CRRT) at the European Union


Lithuania, the Netherlands, Poland, Romania, Croatia, and Estonia signed a Memorandum on the establishment of a European Union Cyber Rapid Response Team (CRRT). In the event of a cyber attack on any of the countries participating in the agreement, CRRT specialists should be ready to immediately repel the attack. Lithuania played a special role in creating this structure. Experts note that the EU has a really difficult situation with ensuring cybersecurity since not all States have the resources to repel hacker attacks. However, analysts doubt the effectiveness of CRRT.

Lithuanian Minister of Defense Raimundas Karoblis noted that this is a completely new international cyber potential, initiated and led by Lithuania and that each country faces cybersecurity problems.
According to the cybersecurity specialist, Andrei Masalovich, now the problem of protection against cyberthreats is facing not only the poor countries of the Baltic States but even the United States.

President of the Russian Association for Baltic Studies Nikolai Mezhevich believes that the attempts of the Lithuanian leadership to take a leading role in the organization of a pan-European cyber defense are largely dictated by the desire to improve the image of Lithuania.

In addition, according to Andrei Masalovich, the Lithuanian authorities also want to "show their importance" against the background of Estonia.

As for the possible source of the threat, all countries in the CRRT blamed Moscow for cyber attacks. For example, in 2018, the Netherlands accused Russian hackers of attacking the headquarters of the Organization for the Prohibition of Chemical Weapons. In the Baltic States, Russia is regularly suspected of cyberattacks.

Moscow, in turn, calls for the creation of "confidence-building measures in cyberspace" at the global level. This was stated last year by the special representative of the President of the Russian Federation for information security, Ambassador of the Ministry of Foreign Affairs on Special Assignments Andrei Krutskikh.

Roskomnadzor blocked the email service Protonmail


The FSB of the Russian Federation reported that it was possible to install another email service that was used by an "electronic terrorist" to send messages about mining of objects with a massive stay of people in Russia. On Wednesday, the FSB and the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) announced the blocking of the Swiss postal service Protonmail.com.

"This email service was used by hackers both in 2019 and especially actively in January 2020 to send false messages about mass mining of objects on the territory of the Russian Federation under the guise of reliable information," said the representative of Roskomnadzor.

In turn, the FSB of Russia reported that this service is used starting from January 24. Messages with threats of mining were sent to the email addresses of courts in four regions of the Russian Federation. Last year, the same service was also used to send false terrorist threats, but on a smaller scale.
"The texts also indicated allegedly mined 830 social and transport infrastructure objects. All threats were false," the FSB reported.

ProtonMail CEO Andy Yen recently announced his decision to go to court because he believes the block is unfounded. According to him, blocking the service is an inefficient and inappropriate tool to combat cyber attacks.

"This will not stop cybercriminals from sending threats from another email service and will not help if the criminals are located outside of Russia. Cybercriminals are also likely to be able to bypass the block using one of their many VPN services," Ian said.

The head of the company stressed that blocking mail will only harm private users and restrict access to private information for Russians.

Recall that this is the third foreign mail service blocked by Roskomnadzor for spreading false messages about mining facilities in Russia. On January 23, Roskomnadzor announced the blocking of the StartMail service. It was noted that mass mailings of messages about the mining of various objects on the territory of Russia were carried out through this mail service. Emails have been received since November 28, 2019.

Alexander Baranov says Russia has nothing to do with the cyberattack on the friendly Austrian Foreign Ministry


The hacker attack that the Austrian Ministry of Foreign Affairs underwent prompted European countries to take active measures to defend against such attacks. At the same time, the EU accuses Moscow of the attack, which makes no sense, given the friendly relations between Russia and Austria. Alexander Baranov, head of the Department of Information Security at the National Research University, commented on the situation.

According to the expert, anti-Russian accusations once again show the policy of Western "hawks" who regularly make groundless statements to undesirable countries.
"These accusations are completely groundless and are not supported by any arguments," Baranov said.

He stressed that Russia has absolutely no interest in attacking the Austrian Foreign Ministry. In addition, Austria supports the implementation of major projects, such as the Nord Stream 2 gas pipeline.

"This is one of the friendliest countries in the European Union, I think. Therefore, I do not see any sense to attack its foreign Ministry, especially since the country is small and it does not play a decisive role," the expert believes.

In his opinion, the provocation is obvious in order to worsen relations between the countries.
"One of the most famous methods of hackers is to carry out an attack from the territory of States that have nothing to do with it. Most often it is China or India," Baranov explained.

The expert reminded that it is now almost impossible to track the end user if he uses an anonymizer. It is possible that the European security forces were able to establish any facts, but they are not able to make them public because of the secrecy.

He added that European politicians enjoy their impunity by regularly making unfounded accusations.
"Representatives of Russia have repeatedly asked for facts, but there is nothing, there is only empty talk," the expert concluded.

A hacker attack on the Austrian Foreign Ministry occurred in early January. In Vienna, they believe that the incident has a Russian trace while recognizing the absence of any evidence.

Earlier, the Austrian newspaper DiePresse reported that a number of EU countries decided to form a group to protect themselves from cyber attacks from Russia. Vienna will work together with Germany, the Czech Republic, Belgium and Cyprus on this issue. These States consider themselves to be "victims of a Russian cyber-espionage".