Search This Blog

Showing posts with label National Cyber Security. Show all posts

Number of Cyber Attacks from Germany Increased, says Russian Foreign Minister

In the period from 2019 to 2020, Russia registered a sufficient number of cyberattacks from Germany to Russian facilities and organizations. This was stated by Russian Foreign Minister Sergey Lavrov after talks with his German counterpart Heiko Maas. 

Moscow is concerned about the situation with cooperation with Berlin on cybersecurity. "We expressed concern to the German side about the situation in our interaction on cybersecurity,” said Lavrov.

"We noted that last year and this year a significant number of cyberattacks were registered against objects and organizations in Russia, coming from the German segment of the Internet,” said the Russian Minister said.

Recall that at the end of May, the German Foreign Ministry summoned the Russian Ambassador in Berlin, Sergei Nechaev. He was informed that the Prosecutor General's Office of Germany had put on the wanted list a Russian Dmitry Badin on suspicion of participating in a hacker attack on the Bundestag in April-May 2015. 

In addition, the Department reported that Berlin plans to activate the cyber sanctions regime against Russia because of this case. The EU cyber sanctions regime came into force in May and has not yet been applied. Restrictive measures under this regime may include asset freezes, as well as travel bans to EU countries. The imposition of sanctions requires the unanimous approval of all member countries.

The Russian Foreign Ministry said that Berlin did not provide evidence of Russia's involvement in the hacker attack, and strongly rejected the charges. As Andrei Krutskikh, Director of the Department of International Information Security of the Russian Foreign Ministry, said earlier, Moscow offers Berlin to hold consultations on cybersecurity, this would help to settle many claims.

The National Security and Defense Council of Ukraine reported a leak of IP addresses of government websites


The leaked list of hidden government IP addresses of government websites occurred in Ukraine. This is stated in the statement of the National Security and Defense Council (NSDC).

It is noted that specialists of the National Cyber Security Coordination Center under the National Security and Defense Council of Ukraine have found in the DarkNet a list of almost 3 million sites using the Cloudflare service to protect against DDoS and a number of other cyberattacks. The list contains real IP-addresses of sites that are under threat of attacks on them.

"The list contains real IP addresses of sites, which creates threats to direct attacks on them. Among these addresses are 45 with the domain" gov.ua" and more than 6,500 with the domain "ua", in particular, resources belonging to critical infrastructure objects",  specified in the message on the official website of the NSDC.

According to Ukrainian experts, some data on Ukrainian sites are outdated, and some are still relevant. In this regard, according to the NSDC, there is a threat to the main subjects of cybersecurity.

It was found that Cloudflare provides network services to hide real IP addresses to mitigate DDoS attacks.

In January of this year, the national police of Ukraine opened criminal proceedings due to a hacker attack on the website of Burisma Holdings. According to Assistant to the Interior Minister Artem Minyailo, the attack "was most likely carried out in cooperation with the Russian special services." To conduct an investigation, Ukraine turned to the US Federal Bureau of Investigation.

In May 2020, representatives of the state service for special communications and information protection of Ukraine announced hacker attacks on the websites of state bodies of Ukraine, including the portal of the office of President Vladimir Zelensky. In the period from 6 to 12 may, more than 10.9 thousand suspicious actions were recorded on state information resources.

Representatives of the Russian government commented on the statements of Western media about the attack of "Russian Hackers"


The media of the United Kingdom and the United States are working in the interests of the authorities, trying to reduce the intensity of critical sentiment among British and American residents, said Alexander Malkevich, First Deputy Chairman of the Commission on Media of the Public Chamber of the Russian Federation, President of the Foundation for the Protection of National Values.

The Daily Telegraph, New York Times, Financial Times and Metro said that the hacker group ART29, allegedly linked to Russian intelligence services, attacked British research centers working on the creation of a vaccine against COVID-19.

In addition, British Foreign Secretary Dominic Raab said that in December last year, Russian hackers "almost certainly" tried to influence the outcome of the parliamentary elections in Great Britain by circulating "illegally obtained" government documents on the Internet.
London threatened to retaliate at the diplomatic level, without providing any evidence of confirmation about the "Russian hackers".

According to Maria Zakharova, spokesman for the Russian Foreign Ministry, British and American tabloids, and newspapers like the New York Times and the Financial Times, do not need real evidence: anti-Russian publications are published there regularly. Britain did not make any real attempts to understand the situation.

“The British authorities are aware of the Russian National Coordination Center for Computer Incidents, specially created for this purpose. However, we did not receive any calls in connection with these incidents through official channels, ”said an employee of the Russian embassy in London.

Russia's ambassador to the UK, Andrei Kelin, called “meaningless” accusations of attempts to steal data on a coronavirus vaccine by hackers led by Russian intelligence services.  According to him, in the current world, it is impossible to attribute hacker attacks to any country.

Three countries have accused Russia of trying to steal data on the vaccine


The UK's National Cyber Security Center (NCSC) said that Russian hackers, led by Russian intelligence agencies, tried to steal information about the development of a coronavirus vaccine in the UK, Canada and the United States.

The report clarifies that the "cyber espionage group" APT29, or Dukes and Cozy Bear, which is "almost certainly" part of the Russian intelligence structure, has been carrying out attacks on various organizations that participated in the creation of the drug throughout the year.

According to the NCSC, hackers used malicious software WellMess and WellMail and phishing to gain access to the developers' computers. From the point of view of intelligence, many of these data were not valuable, but the stolen information can allegedly be used later or in case they become significant.

In the UK, SARS-CoV-2 vaccines are being developed by two research centers: the University of Oxford and Imperial College in London. The British media, citing information from sources in the special services, write that both organizations were “attacked by hackers”.

In turn, the Press Secretary of the Russian President Dmitry Peskov called the allegations of the British side unfounded. "We do not have information about who could have hacked pharmaceutical companies and research centers in the UK. We can say one thing - Russia has nothing to do with these attempts. We do not accept such accusations," said the Kremlin spokesman.

Hundreds of laboratories around the world are searching for a COVID-19 vaccine. The World Health Organization has said that without creating a vaccine, a pandemic cannot be defeated. Currently, nine research centers have begun clinical trials in the world. In Russia, clinical trials should begin in June. The Russian Ministry of Health expects a vaccine to appear at the end of July.
Earlier, E Hacking News reported that accusations of the British authorities against Russia of allegedly stealing coronavirus developments by Russian hackers are "typical corona - madness".

The number of vulnerable computers in Russia tripled during the period of self-isolation


DeviceLock analysts claim that the number of computers with the Windows operating system in Russia, that are vulnerable to Remote Desktop Protocol (RDP) access attempts, increased by 230%, to 101 thousand during the time of self-isolation.

The company's founder, Ashot Hovhannisyan, explained that the rapid growth was due to the fact that during the coronavirus pandemic, the number of servers, including those open to the Internet, also grew rapidly.

According to him, most companies allow users to connect via the Remote Desktop Protocol only using VPN technology, while a small percentage of servers are allowed to log in without a password, which is a serious threat to corporate networks.

Alexey Novikov, Director of the Positive Technologies expert center, added that botnets scanning the network for vulnerable computers had new goals when companies started transferring employees to remote work.  According to him, the rapid transition to remote work contributed to the fact that the priority was put on the performance of the infrastructure, rather than information security.

Hackers sell company accounts on the Darknet for 300-500 rubles ($4-7). The information obtained can help cyber criminals in stealing the user's personal data. This way, criminals will be able to get into the Bank account or, for example, to the crypto exchange or e-wallet.

According to Igor Zalevsky, head of the JSOC CERT cyber incident investigation department, the number of attacks has increased with the growth of the number of targets. For example, the number of attempts to select RDP passwords increased from 3-5 times to 9-12. The attacks began to last longer – from two to three hours. According to him, it takes attackers an average of one and a half days to access large companies with a large information security department. 

Expert: the image of a "Russian hacker" has become a means of information warfare with the Russian Federation


Experts commented on the release of the report of independent public organizations "Information fight against Russia: constructing the image of the enemy".

The director of the Center for Political Information, Alexei Mukhin, noted that the report analyzed how the image of the "Russian hacker" works. According to him, this image is replicated much less through the media than through social networks.

The image of a "Russian hacker", as Mukhin said, is mainly distributed via Twitter using similar hashtags, such as #Russianhacker. This is done to attract attention, to redirect the user to materials that demonstrate "horror and lawlessness".

This forms a "public opinion", with which not only politicians but also the military are already working. This is bad, because, in their hands, the information struggle turns into a hybrid war.

In different years, according to this scheme, Russia was accused of various outrages. In 2014, in the participation in the war in the Donbass, in 2016, in interference in the American elections.

It is characteristic that as soon as Russia requires to show evidence, it turns out that they are not.
Anna Shafran, a TV and radio host, believes that an open information war has already begun. 

According to her, recently, YouTube blocked without warning or explanation three popular Russian resources, including the TV company "Crimea-24". The Russian Foreign Ministry, of course, protested and rightly qualified the incident as an attack on Russian-language resources from the American Internet platform.

Sergei Sudakov, a Professor at the Military Academy of Sciences, said that the meme "Russian mafia" was created in the interests of the United States in the 1990s. It is outdated, replaced by a new meme "Russian hacker". It is fashionable to present Russia as an international information terrorist.
It is worth noting that in the Russian sector of the Internet, the meme “Russian hackers” is perceived approximately as “British scientists”. At the same time, in the foreign segment, the concept of "Russian hackers" is linked to such concepts as danger, interference, and more recently, incitement to riot.

Germany threatened Russia with sanctions for a hacker attack on the Bundestag


German Foreign Ministry spokeswoman Maria Adebar on Friday confirmed that Germany in connection with the case of a hacker attack on the Bundestag introduces a sanctions regime,  which includes freezing accounts and restrictions on entry to the European Union.  Hackers linked to Russian intelligence are suspected of hacking emails. Moscow denies any involvement.

Adebar added that this sanctions regime allows freezing assets and restricting entry not only for individuals but also for organizations.

The day before, the State Secretary of the German Foreign Ministry Miguel Berger invited the Russian Ambassador to Germany Sergei Nechaev to Berlin in connection with the case of a hacker attack on the Bundestag. Berger, on behalf of his government, "strongly condemned" the attack.

He also reported on Germany's plans to use the EU's cyber sanctions regime against the Russians involved in this attack, including Dmitry Badin. The reason for this, he also called a warrant for the arrest of Badin, which was issued by the US Attorney General in May.

Recall, in early May, the German media reported that the Prosecutor General's office of Germany announced an international search for Dmitry Badin on suspicion of complicity in a cyberattack on the Bundestag network in 2015. It was noted that he was also wanted by the US Federal Bureau of Investigation (FBI).

Berlin believes that Baden is part of the hacker group Fancy Bear. He is accused of conducting secret intelligence and illegally extracting computer data.

A cyberattack on the Bundestag's resources occurred in April 2015. German members of Parliament received similar emails, allegedly related to the UN, in which there was a link to malicious spyware. According to official data, hackers stole at least 16 gigabytes of data. It is assumed that the attackers copied two mailboxes with correspondence from the parliamentary office of German Chancellor Angela Merkel from 2012 to 2015.

The German side believes that Russia is not sufficiently involved in the investigation of the crime.

A Series Of Cyber Essentials Toolkits Released To Address Cyber-Security Risks


As a major starting point for small businesses and government agencies to comprehend and address cybersecurity risk as they indulge with other risks, Cyber Essentials, the Cybersecurity and Infrastructure Security Agency (CISA) released the first in a series of six Cyber Essential Toolkits following its own November 2019 release.

CISA's toolkits will give greater detail, insight, and assets on every one of the Cyber Essential' six "Essential Elements" of a Culture of Cyber Readiness.

The launch of the introductory "Essential Element: Yourself, The Leader" will be followed every month by another toolkit to compare with every one of the six "Essential Elements." Toolkit 1 targets on the role of leadership in fashioning a culture of cyber readiness in their organization with an accentuation on methodology and investment.

CISA Director Christopher Krebs says “We thank all of our partners in government and the private sector who played an essential role in the development of CISA’s Cyber Essentials Toolkit. We hope this toolkit and the ones we are developing, fills gaps, and provides executives the tools they need to raise the cybersecurity baseline of their teams and the organizations they lead.”

Cyber Essential created in collaboration with small businesses and state and local governments, plans to prepare smaller organizations that generally have not been a part of the national dialogue on cybersecurity with basic steps and assets to improve their cybersecurity.

The CISA incorporates two sections, the core values for leaders to build up a culture of security, and explicit activities for them and their IT experts to put that culture into action. Every one of the six Cyber Essential incorporates a list of noteworthy items anybody can take to bring down cyber risks.

These are:

  •  Drive cybersecurity strategy, investment, and culture; 
  •  Develop a heightened level of security awareness and vigilance;
  •  Protect critical assets and applications; 
  •  Ensure only those who belong on your digital workplace have access; 
  •  Make backups and avoid loss of info critical to operations; 
  • Limit damage and restore normal operations quickly.

The Russian Foreign Ministry has warned of the threat of cyber pandemic to humanity


Director of the Department of International Information Security of the Russian Foreign Ministry Andrei Krutskikh said on Tuesday during the online discussion “Information Security and the Digitalization Process: Between Development and Fears” that in addition to the coronavirus pandemic, humanity today is threatened by cyber pandemic provoked by the negative development of digital technologies, which could lead to military confrontation.

"We are dealing with two pandemics. One is a bio pandemic associated with the spread of coronavirus, people are dying, and now this is a priority topic. But in parallel with it, another global problem is also deepening, and it is probably human made - this is what I would call a cyber pandemic. Under cyberpandemic I understand the possibility of the involvement of humanity in cyber confrontation and even cyberwar," said Mr. Krutskikh.

He explained that the manifestations of cyberpandemic are hacking, cyberterrorism, cyber interference in private life and the development of states. "This is all a consequence of the development of negative trends in improving cyber technologies," added the diplomat.
"I also refer to the fact that a number of states proclaim doctrines of the right to launch preemptive cyberattacks even against a potential enemy when no one's guilt has yet been proven," added Mr. Krutskikh.

At the same time, he stressed that the forced transfer of many areas of life "to online" in the context of the coronavirus pandemic clearly shows the need to ensure international information security and develop common measures to combat cyber threats.

"We must develop not only a common language terminologically, not only a common understanding but also common security standards. We must not be late in finding solutions before the next cyber crisis,” warned Mr. Krutskikh.

On Tuesday, the Bank of Russia announced new fraudulent schemes to steal money from bank accounts using social engineering; criminals are actively using the theme of coronavirus infection.

Lithuania leads a European Union Cyber Rapid Response Team (CRRT) at the European Union


Lithuania, the Netherlands, Poland, Romania, Croatia, and Estonia signed a Memorandum on the establishment of a European Union Cyber Rapid Response Team (CRRT). In the event of a cyber attack on any of the countries participating in the agreement, CRRT specialists should be ready to immediately repel the attack. Lithuania played a special role in creating this structure. Experts note that the EU has a really difficult situation with ensuring cybersecurity since not all States have the resources to repel hacker attacks. However, analysts doubt the effectiveness of CRRT.

Lithuanian Minister of Defense Raimundas Karoblis noted that this is a completely new international cyber potential, initiated and led by Lithuania and that each country faces cybersecurity problems.
According to the cybersecurity specialist, Andrei Masalovich, now the problem of protection against cyberthreats is facing not only the poor countries of the Baltic States but even the United States.

President of the Russian Association for Baltic Studies Nikolai Mezhevich believes that the attempts of the Lithuanian leadership to take a leading role in the organization of a pan-European cyber defense are largely dictated by the desire to improve the image of Lithuania.

In addition, according to Andrei Masalovich, the Lithuanian authorities also want to "show their importance" against the background of Estonia.

As for the possible source of the threat, all countries in the CRRT blamed Moscow for cyber attacks. For example, in 2018, the Netherlands accused Russian hackers of attacking the headquarters of the Organization for the Prohibition of Chemical Weapons. In the Baltic States, Russia is regularly suspected of cyberattacks.

Moscow, in turn, calls for the creation of "confidence-building measures in cyberspace" at the global level. This was stated last year by the special representative of the President of the Russian Federation for information security, Ambassador of the Ministry of Foreign Affairs on Special Assignments Andrei Krutskikh.

Roskomnadzor blocked the email service Protonmail


The FSB of the Russian Federation reported that it was possible to install another email service that was used by an "electronic terrorist" to send messages about mining of objects with a massive stay of people in Russia. On Wednesday, the FSB and the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) announced the blocking of the Swiss postal service Protonmail.com.

"This email service was used by hackers both in 2019 and especially actively in January 2020 to send false messages about mass mining of objects on the territory of the Russian Federation under the guise of reliable information," said the representative of Roskomnadzor.

In turn, the FSB of Russia reported that this service is used starting from January 24. Messages with threats of mining were sent to the email addresses of courts in four regions of the Russian Federation. Last year, the same service was also used to send false terrorist threats, but on a smaller scale.
"The texts also indicated allegedly mined 830 social and transport infrastructure objects. All threats were false," the FSB reported.

ProtonMail CEO Andy Yen recently announced his decision to go to court because he believes the block is unfounded. According to him, blocking the service is an inefficient and inappropriate tool to combat cyber attacks.

"This will not stop cybercriminals from sending threats from another email service and will not help if the criminals are located outside of Russia. Cybercriminals are also likely to be able to bypass the block using one of their many VPN services," Ian said.

The head of the company stressed that blocking mail will only harm private users and restrict access to private information for Russians.

Recall that this is the third foreign mail service blocked by Roskomnadzor for spreading false messages about mining facilities in Russia. On January 23, Roskomnadzor announced the blocking of the StartMail service. It was noted that mass mailings of messages about the mining of various objects on the territory of Russia were carried out through this mail service. Emails have been received since November 28, 2019.

Alexander Baranov says Russia has nothing to do with the cyberattack on the friendly Austrian Foreign Ministry


The hacker attack that the Austrian Ministry of Foreign Affairs underwent prompted European countries to take active measures to defend against such attacks. At the same time, the EU accuses Moscow of the attack, which makes no sense, given the friendly relations between Russia and Austria. Alexander Baranov, head of the Department of Information Security at the National Research University, commented on the situation.

According to the expert, anti-Russian accusations once again show the policy of Western "hawks" who regularly make groundless statements to undesirable countries.
"These accusations are completely groundless and are not supported by any arguments," Baranov said.

He stressed that Russia has absolutely no interest in attacking the Austrian Foreign Ministry. In addition, Austria supports the implementation of major projects, such as the Nord Stream 2 gas pipeline.

"This is one of the friendliest countries in the European Union, I think. Therefore, I do not see any sense to attack its foreign Ministry, especially since the country is small and it does not play a decisive role," the expert believes.

In his opinion, the provocation is obvious in order to worsen relations between the countries.
"One of the most famous methods of hackers is to carry out an attack from the territory of States that have nothing to do with it. Most often it is China or India," Baranov explained.

The expert reminded that it is now almost impossible to track the end user if he uses an anonymizer. It is possible that the European security forces were able to establish any facts, but they are not able to make them public because of the secrecy.

He added that European politicians enjoy their impunity by regularly making unfounded accusations.
"Representatives of Russia have repeatedly asked for facts, but there is nothing, there is only empty talk," the expert concluded.

A hacker attack on the Austrian Foreign Ministry occurred in early January. In Vienna, they believe that the incident has a Russian trace while recognizing the absence of any evidence.

Earlier, the Austrian newspaper DiePresse reported that a number of EU countries decided to form a group to protect themselves from cyber attacks from Russia. Vienna will work together with Germany, the Czech Republic, Belgium and Cyprus on this issue. These States consider themselves to be "victims of a Russian cyber-espionage".

The Russian President created a new Department for information security


Russian President Vladimir Putin signed a decree increasing the number of departments of the Ministry of Foreign Affairs of Russia from 41 to 42.  According to the Facebook page of the Department, the new 42nd Department of the Russian Foreign Ministry will deal with international information security, including the fight against the use of information technologies for military-political, terrorist and other criminal purposes.

The decree came into force on December 27, 2019.  The number of employees of the Central office of the Russian Foreign Ministry increased from 3,358 people to 3,391 people. The decree establishes a staff payroll for a year in the amount of 3,521,914.7 thousand rubles ($57,000).

Employees of the Department will have to propose measures to improve legislation to make it easier to cooperate with other countries and international organizations on the topic of information security.

"The main idea of the department is the development of generally accepted rules for conducting a cyber environment and for a collective response to challenges,” said Maria Zakharova, an official representative of the Russian Foreign Ministry.

Earlier, at the end of 2018, the Permanent Representative of Russia in Vienna, Mikhail Ulyanov, announced that a new information security division would appear in the structure of the Ministry of Foreign Affairs. He noted that the decision was made due to the fact that information threats have recently become more relevant.

Recall that on December 28, it became known that the UN General Assembly adopted a resolution proposed by Russia to combat cybercrime.  The US did not support the initiative, considering the document redundant, as there is already an agreement on cybercrime, it's the Budapest Convention

The American side believes that the resolution is beneficial to Russia to create the necessary "type of control over the Internet space."

The Russian Foreign Ministry called the adopted resolution a new page in the history of the fight against cybercrime, stressing that the document actually secured the digital sovereignty of States over their information space.

In Berlin, Russian and German scientists discussed the danger of smart gadgets


By December 15, on behalf of President Vladimir Putin, the Russian government should prepare a Federal project "Artificial intelligence", which will prescribe tasks and measures to support the development of digital technologies in the country until 2030. Meanwhile, an inter-University conference was held in Berlin with the participation of Moscow specialists, aimed at attracting promising personnel to the Russian Federation for the development of the digital economy.

According to Pavel Izvolsky, the director of the Russian House of Science and Culture in Berlin, such events help to improve relations between Russian and foreign universities and research centers in the field of innovative digital technologies.

Nevertheless, talented students from other countries, even such economically and technologically successful ones as Germany, have a lot to learn in Russia. According to Izvolsky, such simple things for Russians, as paying for Parking from a mobile device or obtaining various certificates through the portal of public services, are not yet available for the Germans.

"In this sense, it's just a Stone Age," stated Izvolsky. The topics discussed were various, from the use of blockchain technologies in the banking sector and the introduction of intelligent transport systems in megacities to ensuring cybersecurity in the everyday sense when it comes to the use of gadgets by children.

The report of the leading content analyst of Kaspersky Lab Andrei Sidenko caused a great response. He talked about how the younger generation spends time on the Web, what threats are most often exposed and how parents react to it. For example, surveys have shown that for the first time children get access to smartphones from the age of three, and by the age of 11-14, 37 percent of young

Russians have personal gadgets. In the same studies, 85 percent of domestic teenagers answer that
they can not do without a mobile phone, and almost all the free time 15-18-year-old schoolchildren spend almost all their free time on the Internet. But every third parent does not know what exactly his child is watching on the Web. Children are in a rather vulnerable position: they share personal data, open "adult content", are subjected to cyberbullying or are involved in communication with dubious persons, and so on.

The discussion on digitalization in Berlin was the next in a series of international inter-University conferences that Rossotrudnichestvo (the Federal Agency for the Commonwealth of Independent States, Compatriots Living Abroad and International Humanitarian Cooperation) has already held in India, Indonesia and Iran. As a result of the past conferences, memorandums of cooperation between Russian and foreign universities were signed.

Minister of the Republic of Tatarstan explained how the "sovereign Internet" in Tatarstan works


Airat Khairullin, the Minister of Digital Development of Public Administration, Information Technologies and Communications of the Republic of Tatarstan, told about the main directions of the Ministry's work, the center for digital transformation of the Republic of Tatarstan, as well as about the work of the sovereign Internet in Tatarstan and correspondence in messengers.

"If someone tomorrow decides to physically block the DNS server system for Russia, our IP routing may be disrupted. Therefore, we are talking about allowing traffic to be routed at the junction of Russian and foreign providers."

According to him, Tatarstan has already created the appropriate infrastructure for the sustainable protection of the Internet from external attacks. Thus, all 10 thousand social objects of the Republic are connected to the Internet through the Data Processing Center (DPC) in the IT Park. There is a second data center for disaster resilience in the Council State.

"And technically, if the DPC of the IT Park is destroyed by fire or flood, we have a fault tolerance point, and within this logic, it is also a sovereign Internet," he said.
In an interview with journalists, Khairullin also shared that he uses popular messengers, including the Telegram blocked in Russia.

The Minister also commented on the statement of Pavel Durov regarding the insecurity of using WhatsApp and calls to remove it.

"Any application carries a vulnerability. The question of compromises is to be completely without a phone and use pigeon mail or use messengers," said Khairullin.

On November 12, the Prime Minister of the Republic signed a decree on the establishment of the Tatarstan Digital Technology Center. The new institution was created to improve the quality of life of Tatarstan citizens, accelerate the receipt of public services, as well as simplify the interaction between the state, society and business.

Recall that Khairullin previously said that 7 cyberattacks occur on the DPS every day. Therefore, to improve the security system next year, the Ministry of Digital Affairs of the Republic of Tatarstan has planned a competition for white hat hackers who will have to try to find the shortcomings and vulnerabilities of the Republican website of public services and hack it. The exact date when this experiment will take place has not yet been determined.

The Federal Security Service of Russia opposed applications with an electronic passport


Mobile applications with an electronic passport will not be able to completely replace a physical document. The FSB opposed the idea of placing the full document in smartphones.

The FSB considers it extremely unreliable to place the passport data of Russians in applications based on foreign operating systems iOS and Android, as they will not be able to guarantee the security of data and absolute access control from unauthorized persons. It will be possible to fully use the application as an identity card only when the domestic operating systems will function normally in Russia.

"There is a risk that Apple or Google developers will be able to access the data stored in the application", suggests Alexander Kruglov, senior analyst at Digital Security.

"Theoretically, there is such a possibility, since iOS or Android developers can insert a traffic analyzer into the next update of the system and collect user data", added he.

According to Kruglov, Apple, for example, refuses FBI requests to open access to iPhones of suspects.

It is worth noting that there is a Russian operating system Aurora created on the basis of the Finnish Sailfish. The state was going to supply officials and civil servants with phones with Aurora OS, they were going to spend 160 billion rubles (2,4 million $) on this. But there are practically no devices with preinstalled Aurora OS and applications for this operating system.

During a recent meeting with Deputy Prime Minister Maxim Akimov, it was decided that a smartphone app will appear and will be able to verify the identity of a citizen in most, but not all situations.

Most likely, citizens will be able to use the app only for simple services: for example, to verify the age when buying alcohol or cigarettes. But it will be possible to buy an apartment only through a card with a chip.

Earlier, E Hacking News reported that the Russian government has determined the basic parameters of the future e-passport. It will have two components - a plastic card with a chip and a mobile application. Documents of the new type will be issued to Russians from 2020 in Moscow. Paper passports will no longer be issued, but old documents will remain valid until their expiration date. The e-passport will become a universal carrier of information about a person, necessary for his identification.

ISRO targeted by North Korean Hackers during Chandrayaan-2 Launch


According to the fresh news that has been coming from various experts, it has appeared that Chandrayaan-2 (also known as Mission Moon), a famous mission by the Indian Space Research Organisation (ISRO) was attacked by hackers from North Korea. It also appears that the attacks were organized using a malware named Dtrack, which is connected to a club of North Korean hackers managed by the administration. "The malware was identified by the Financial Institute and Research Centers in 18 Indian states," confirms the reports by Kaspersky, a cybersecurity firm.


It is also said that the same malware was used to direct hacks on Kudankulam nuclear factory. The National Cyber Coordination Center that attempts to protect the nation from harmful cyber invasions recently received critical information from a US cybersecurity firm regarding the hack. It said that Kunankulam Nuclear Plant's master domain controllers alongside the ISRO were attacked by the hackers. Following this incident, Kaspersky's specialists detected the malware and notified the issue to the Indian government before the Chandrayaan-2 landing.

"The hack was organized using very simple and basic techniques like phishing emails, an unedited browser, and poor security that resulted in allowing the hackers to easily invade the devices," says Yash Kadakia in an interview, founder, Security Brigade, a cybersecurity firm in Mumbai. He further adds that a similar server was used to send spams to superior nuclear experts at the Nuclear Plant in Kudankulam which was also aimed by the hackers to pick other experts at ISRO later.

About Dtrack Malware- 
Generated by North Korean Hackers, the Dtrack malware provides a full command that permits the hackers to obtain data from the device. The virus can misuse devices with weak privacy and passwords. If the virus invades a device, it can obtain critical information like catalogs, IDs, user history, and IP addresses. "A high number of DTrack attacks were discovered. The hack was carried by Lazarus that has become a major concern for big corporations," said Konstantin Zykov about the virus who is a Researcher at Kaspersky Cybersecurity, at an event in Delhi.

The Ministry of Internal Affairs of Russia to create a Department to combat crimes in the IT-sphere


The Ministry of Internal Affairs will have units to combat crimes committed using IT-technologies. Units will be formed without increasing the staff.

This decision was made by Vladimir Kolokoltsev, the Minister of Internal Affairs of the Russian Federation, at a meeting of the Collegium of the Ministry of Internal Affairs of Russia, which was held as a video conference with all regions of the country. The meeting was attended by representatives of the Central Bank of the Russian Federation, the Ministry of Finance, Roskomnadzor, Rosfinmonitoring and a number of leading financial institutions.

The purpose of the creation of such units is to increase the efficiency of the prevention and suppression of crimes in the IT-sphere, as well as improving the skills and training of the most trained employees in identifying, revealing and investigating crimes committed using information and telecommunication technologies.

According to the Ministry of Internal Affairs, every seventh crime in Russia is committed in the field of IT-technologies. Law enforcement agencies in recent years have noted an increase in the number of crimes committed using the Internet, including fraud, drug distribution, theft of funds and other crimes.

At the moment, Vladimir Kolokoltsev instructed the heads of operational headquarters to prepare documents that will determine the structure, powers and functions of the new units to combat cybercrime.

Currently, the Office “K” of the Ministry of Internal Affairs is engaged in crimes in the field of information technology. In particular, the employees of this Department are engaged in the fight against illegal trafficking in electronic equipment and special technical equipment.

Earlier, E Hacking News reported that the Ministry of Internal Affairs will create a portal for complaints against hackers. The resource will be continuously and automatically collect data about the threats.

The Russian Embassy in Prague denied the statement of a Russian spy network in the Czech Republic


The Russian Embassy in Prague denied the statement of the head of the Czech Security and Information Service, Mikhail Koudelka, who announced the disclosure of the activities of the Russian spy network allegedly operating in the country.

On Monday, the head of the Czech Security Information Service (BIS), Mikhail Koudelka, said that his agency and the Czech police had exposed the activities of a Russian spy network, which operates through the Russian Embassy in Prague.

"This network was completely defeated and beheaded," said Koudelka during a speech in the Czech Parliament.

According to the head of BIS, this network "was created by people associated with the Russian intelligence services, and funded from Russia and the Russian Embassy."

Koudelka claims that members of the network planned attacks against targets in the Czech Republic and other countries via the Internet. He also said that this network was part of a larger structure created by Russia in other European countries. However, he did not name these countries.

Koudelka said that he could not provide any specific information, as the investigation is not yet complete. However, information about this attempted intervention could be included in the BIS annual report, which will be considered by a parliamentary Commission this Thursday, October 24.

Recall that for the first time the Czech Security Forces disclosed the activities of the cyber attack center in early 2018. According to an investigation, the two companies were formally engaged in the sale of computer hardware and software, but in reality their employees were also preparing hacker attacks using their computers. Part of the equipment for companies in the Czech Republic was brought from Russia and also through the diplomatic mission.

The investigation said that the hacker group included both Czechs and Russians who received Czech citizenship.

The Head of the FSB spoke about the threat of massive terrorist hacker attacks


Director of the FSB Alexander Bortnikov said that terrorist can disguise their hacking attacks under the actions of special services of specific States and this threatened to political and military conflicts. He stated this at the XVIII international meeting of heads of intelligence, security and law enforcement agencies in Sochi.

According to the FSB, terrorist groups create and develop their own cyber units.

Bortnikov called on intelligence agencies of other countries to support Russia's demand to deposit encryption keys for mobile devices. Fighting terrorism is ineffective as long as they use closed channels of communication on the Internet, he explained.

"The main tool of communication between bandits are still Internet Messengers with high crypto protection. In this regard, we consider it a serious problem that a number of the world's leading IT companies do not want to cooperate with intelligence agencies in the field of information security,” Bortnikov said.

He also called on the special services to join efforts in identifying and blocking terrorist and extremist materials on the Internet and to establish cooperation with leading technology companies for this purpose.

Bortnikov also noted that the capabilities of terrorists in the future can grow due to the growing availability of artificial intelligence technologies. And with their help, the militants will be able to analyze large amounts of information, including illegally obtained databases.

In addition, the FSB Director said that international terrorists are increasingly using "confidential cryptocurrencies" to financially fuel their criminal activities. According to Bortnikov, terrorists create shell companies that legally participate in trading on stock exchanges, invest in real estate and various sectors of the economy. At the same time, criminals are increasingly using not bitcoin, but so-called “confidential cryptocurrencies”, which guarantee the anonymity of transactions.

Also, Alexander Bortnikov said about the threat of massive terrorist attacks using unmanned aerial vehicles. According to Bortnikov, the use of unmanned aerial vehicles capable of delivering various cargoes by terrorists will become a "real challenge" for the world's intelligence services.

It is important to add that this year the FSB has identified 39 terrorist attacks in preparation and eliminated 32 terrorists.