The Program " The straight line with Vladimir Putin” underwent a DDoS attack.


The straight line call center with Russian President Vladimir Putin was DDoS-attacked from abroad. It is noted that due to this fact there were problems with connection during Putin's communication with the Russians.

The host of the program on the air told, "Our call center just underwent a massive DDoS attack from abroad, apparently, failures in video calls are associated with this. The total number of calls is already approaching two million”.

The press service of Russia's largest provider of digital services Rostelecom said, “Two powerful attacks happened. Rostelecom successfully repelled the attacks. The attacks did not affect the straight line operation."

An interesting fact is that Margarita Simonyan, the editor of the Russian international news channel RT, said that the attack of hackers was carried out from the territory of Ukraine.

Alexey Malnev, the Head of the Monitoring and Response Center at Jet Infosystem, said that in the period from 2013 to 2015, almost every political or economic event was subjected to a powerful surge of attacks.

The expert stressed that the hacker attack on the straight line with Russian President Vladimir Putin was carried out in order to destabilize the situation.

"Today we can say with confidence that this is a wave of the established trend of recent years," said Malnev.

He also added that the cyber war in the modern world is permanent. The expert noted that in the future we should continue to expect similar as well as more complex attacks.

It is worth noting that the Program "The straight line with Vladimir Putin" is already the 17th since 2001 and takes place in the classical format. The President is in the Studio, where he answers questions of interest to Russians, received both by phone and through the direct line website or a special application. If necessary, the Head of State may contact the Heads of regions and Ministers on various issues.

Usually at the end of a straight line Putin draws up a list of instructions, appointing responsible persons and deadlines for the execution of each task.


The cyber security week began in Moscow


For the first time, Sberbank holds Global Cyber Week, an international cybersecurity week, in Moscow; it will be held from 17 to 21 June. The first day of Global Cyber Week began on Monday.

The II International Cybersecurity Congress (ICC) is a key event of Global Cyber Week, which is attended by leading experts from around the world. The event has no analogs in the world.

The II ICC will be held at the World Trade Center in Moscow. Sberbank is organizing a similar congress in Moscow for the second time. The first Congress was held on July 5-6, 2018 and gathered more than 2.2 thousand participants representing about 700 organizations from more than 50 countries. Russian President Vladimir Putin took part in the Congress.

Several important events will open Global Cyber Week. This is an International Cybersecurity Practical Conference OFFZONE, designed primarily for young people, and Cyber Polygon, the world's first online cybersecurity training for major international companies.

The press service said, "The participants of the Conference will learn about the most popular research and modern tools of protection firsthand, as well as take part in various competitions in ethical hacking."

More than one and a half thousand participants came to Global Cyber Week on the first day, whose age does not exceed 25 years. Everything can be hacked at the event, even the badges (a name card of each participant).

President of Sberbank German Gref said that Sberbank has created a platform to unite the world community against cyber threats. He believes that the work on creating a secure global cyberspace is at an early stage, and it is necessary to develop the effective international cooperation at the corporate level to successfully combat cybercrime.

Russian President Vladimir Putin said, "We are well aware that it is possible to neutralize cyber threats only together, combining the efforts of the entire international community."

Stanislav Kuznetsov, Deputy Chairman of the Board of Sberbank, is confident that International Cybersecurity Congress will provide an opportunity to exchange views and tested technologies, and to provide for risks in the future.

Hackers attacked the Russian State exam system for two days


Days of passing State exams are very important for 11th-grade students of Russian schools. Their future life depends on the results of the most important exam in life. It turned out that hackers wanted to influence the results of final exams.

The Federal Education and Science Supervisory Department reported on cyber attacks on information systems of the Unified State Exam (USE). According to the Department, mass DDoS-attacks on servers providing information exchange were recorded. The first attack was recorded on May 31 after the exam on history and chemistry, and then hackers attacked again the next day.

According to Sergey Kravtsov, the Head of The Federal Education and Science Supervisory Department, hackers tried to disable the system of the Department, but the experts managed to maintain the regular work of servers and their accessibility to users.

It is important to note that such attacks are carried out to overload the server and make it unavailable by sending a large number of requests.

It is known that cyber attacks did not lead to problems for organizers and graduates. Hackers chose unsuccessfully the time of the attacks as students already passed the exams. Fortunately, hacker attacks did not affect the processing of the results of the USE.

Law enforcement agencies are already informed about the incident. Now they are looking for persons who organized the attack on the infrastructure of the Ministry of Education of the Russian Federation.

This year exams will continue until July 1. At the moment there is a chance that such attacks will be repeated. The Department reported that it is ready for them and will not allow any failures.

An interesting fact is that last year on the first day of the USE, May 29, hackers attacked the site of online monitoring of the exams. According to Lyubov Dukhanin, the Deputy Chairman of the State Duma Committee on Education and Science, the USE system has sufficient protection to ensure the safety of the exams. She added that it was the first such attack on the site that controls the Unified State Exam.

GLONASS to protect signals of future satellites from hacker attacks


The Transport Safety Forum was held in St. Petersburg last week, in which the Chief Designer of GLONASS JSC Mikhail Korablev took part. He reported that the new Federal Target Program has a task to protect signals of future satellites from hacker attacks.

It is worth noting that GLONASS is a Russian satellite navigation system, one of only two fully functioning global satellite navigation systems in the world for today.

According to Mr Korablev, the task is to improve the accuracy of the GLONASS system and to increase the security of the signal, to combat spoofing (an attack on a satellite in which a navigation signal is faked).

"The attack of the ship management system is a problem. All ships use satellite navigation. There is a confirmed fact of information attacks on ships that do not allow making it possible to determine the location. Therefore, one of the tasks of the new program, in addition to improving accuracy, is to increase security," said Korablev.

It is not yet known how the satellite signal will be protected because the new Federal Target Program for the development of the GLONASS navigation system for the period 2021-2030 has not yet been approved. Currently, it is in the process of negotiation and should soon be sent for approval to the Government of the Russian Federation.

In the future, the entire GLONASS navigation system will be upgraded to the new GLONASS-K2 devices, which are fully assembled on the basis of domestic products. The first GLONASS-K2 satellite is scheduled to be launched into orbit at the end of 2019 - the beginning of 2020. It’s interesting to note that, currently, the GLONASS system orbital network includes 26 satellites.

Durov accused the Russian authorities of trying to hack Telegram accounts of Ural journalists



Friday night, unknown persons tried to hack Telegram and Facebook accounts of famous journalists in Yekaterinburg. The Deputy Editor-in-Chief "URA.RU" Anton Olshannikov, PR specialist Platon Mamatov and the Editor-in-Chief of the site "MSTROK" (mstrok.ru) Natalia Vakhonina suffered from the actions of the unknown hacker. In addition, unknown persons attempted to gain access to the telegram channel of the portal "Momenty" (https://tlg.name/s/momenty_ekb/3292). It is interesting to note that all of them actively wrote about the protests against the construction of the temple in Yekaterinburg.

Hackers tried to log into the accounts of journalists from a desktop computer, the IP-address of which is registered in Spain, namely in Madrid. The two-factor authentication stopped hackers, but they managed to get confirmation codes from SMS. One of the victims asked for clarification to his mobile operator to find out how the attackers were able to enter the code, but he received the answer that the office does not "advise on these issues."

The journalists drew attention to the fact that they all actively participated in coverage of the protests related to the construction of the Church of St. Catherine in the Park near the Drama Theater in Yekaterinburg. From May 13 to 18 a number of unauthorized rallies of opponents and supporters of the Cathedral in the public garden took place in Yekaterinburg. About 100 people were detained in four days. After that, President Vladimir Putin intervened in the situation, who invited the local authorities to conduct a survey of citizens about their attitude to the construction project. On May 22, the survey data were published, showing that the majority of Yekaterinburg residents (74%) oppose the construction of a Temple.

The Creator of Telegram Pavel Durov said that Russian authorities tried to hack telegram accounts of Ural journalists. He connects the attack with the protests that continued in Yekaterinburg all last week.

“It reminds us that the authoritarian Government will stop at nothing to violate the privacy of its citizens,” wrote Pavel Durov in his Telegram channel. He emphasized that all hacking attempts failed.

Russia is ready to supply Vietnam with e-government technologies



The Ministry of Digital Development, Communications and Mass Communications of the Russian Federation reports that Russia is ready to supply Vietnam with e-government technologies, smart and safe city solutions, as well as information security products.

Rostelecom, Russia's largest provider of digital services and solutions, and Vietnam's leading provider of telecommunication services and information technology services Vietnam Posts and Telecommunications Group (VNPT) signed a Memorandum of understanding (MOU) aimed at developing cooperation in the field of information and communication technologies.

The Memorandum was signed by President and CEO of VNPT Pham Duc Long and President of Rostelecom Mikhail Oseevsky. The signing was attended by Prime Minister of Vietnam Nguyen Xuan Phuk and Prime Minister of the Russian Federation Dmitry Medvedev. In accordance with the text of the Memorandum, the main areas of cooperation are information security, e-government and smart cities.

The Memorandum involves the exchange of media products and programs, the implementation of joint thematic projects, press tours and internships of journalists.

In addition, Russia is ready to share its experience in the transition to digital broadcasting, to offer domestic equipment (digital broadcasting and television transmitters) for the Vietnam market and to establish cooperation in the design and construction of broadcasting networks.

According to Pham Duc Long, VNPT is implementing the digital transformation strategy to become the leading provider of digital services in the region. Cooperation with Rostelecom will help VNPT to successfully implement digital projects and e-government projects in Vietnam, helping to solve the important task of the digital transformation of Vietnam in the direction of digital government, digital economy and society.

Mikhail Oseevsky, President of Rostelecom, said that the business cooperation with VNPT in innovative high-tech platforms has been developing for the second year already. The signed Memorandum was an obvious confirmation of the interest of companies in the further expansion of cooperation.

The Dark Side of Kremlin- The Catalogue of Russian Data Leaks: All You Need To Know




Thousands of Russian emails and documents were leaked online in the late January in a catalogue named “The Dark Side of Kremlin”.


The catalogue was published by a “transparency collective” which goes by the name of “Distributed Denial of Secrets”.

DDoS encompasses an anonymous group of journalists, researchers, tech-experts and activists.

The documents contained private information regarding all the major hot-shots of Russia including the politicians, religious figures and the military.

The DDoS say, that their only job is to provide information to those who need it. If the information strengthens suspicions it hardly matters.

They also mentioned that their collection of data including emails, chat logs and attachments were hacked a few years ago by several hacking groups in Russia and Ukraine.

The Cyber Junta, Russian hackers Shaltai-Boltai, Ukrainian Cyber Alliance and other international parties were among the few accused.

The information leaked includes private documents and emails from the Ministry of Defense, the Russian Presidential Administration and other high-level political operatives.

Russia’s Prime Minister Dimitry Medvedev’s phone was hacked and his holiday pictures were uploaded online.

Russian President’s chef who controls companies that cater fancy banquets in Kremlin also lost his private notes to the leak.

The leak also includes the elaborate personal notes made by the chef on conversations between Putin and European leaders from Italy and Britain.

The most revealing hacks were the ones that came from the Russian Presidential Administration, which fairly let the Russian government, be a little more “transparent”.

The leak had details on how the government controls the Russian media and the way it transmits messages etc.

The most concerning part is that no one knows for sure how much and what kinds of information have been laid out bare in the open.

The leaks also provide an insight about the relations between Ukraine and Russia.

The inner-doings of Russia’s proxies and other insidious groups have also been brought into the light.

The DDoS had experienced a wipe on their servers making it imperative for them to upload it soon, in order to prevent the data from being censored.

Reportedly, this leak can’t be considered as a revenge for anything that has happened before, it was just an attempt at transparency.

A lot of the information present in the leaks was already available on the web but a lot of new investigations have been given birth due to this massive leakage.

This Russian document leak has created a paradigm shift in the way countries take their cyber-security seriously.

Analyzing these leaks could possibly lead Russia to adopting a new way of securing the web and its Presidential administration.

The government has already started taking care of its cyber-security vigilantly and all the loop holes will soon be filled up.

Anonymous use of messengers in Russia is prohibited


After 180 days, all messengers will be required to identify their users by phone numbers of operators. Prime Minister Dmitry Medvedev signed a government resolution approving the relevant rules last week. He believes that this is necessary for the safety and convenience of users.

The administrators of the messenger will check the information about the correctness of the number. The mobile operator is given 20 minutes to process the request from the Service.

Services will be available only to persons to whom the phone number is issued. In addition, mobile operators will enter information into their databases about which applications their customers are using.

According to the Head of Roskomnadzor Alexander Zharov, anonymous use of messengers prevents to investigate crimes. "The possibility of anonymous communication in messengers complicates the activities of Law Enforcement Agencies in the investigation of crimes."

In turn, the experts were skeptical about the initiative. Thus, the Director of the Association of professional users of social networks and messengers Vladimir Zykov believes that foreigners may face problems with SIM-cards of their countries. In addition, illegal sale of SIM cards of foreign operators may begin.

According to citizens, the legalization of relations between messengers and operators will only lead to negative consequences: the increase in the price of tariffs, the disappearance of anonymity in messengers, the growth of hacker attacks.

In General, the Russians do not believe that these rules will work at all. As we remember, Roskomnadzor's attempt to destroy Telegram led to the blocking of thousands of IP addresses and serious financial losses of innocent companies. And the messenger continued to work.
 

Investing in the digital economy - A Special communication network for Russian officials


The Russian government approved the national program "Digital economy" and allocated 1 trillion rubles (217 billions $) from the Federal budget for the implementation of the presidential task — in six years to triple domestic investment in the digital economy, to create a modern, safe and accessible to all IT-structure, to transfer state agencies mainly to Russian software.

In other words, the government decided to move from the category of countries with developing economies to the list of developed economies at the expense of IT-projects.

It is interesting to note that experts have already begun work on the creation of a wireless network for officials and representatives of law enforcement agencies. It should appear by 2024. You can find this proposal in the passport of the national program "Digital economy."

The network will use LTE-450 technology, which is characterized by high-speed and low latency data transmission. Devices in this range can work walkie-talkies, as well as transmit video.

By the way, for the operation of the announced network requires a frequency range of 450MHz, which uses the company Tele2. Tele2 representatives say that the company is ready to take part in the project and now they are discussing it with the authorities.

The passport of the "Digital Economy" does not say how much money will be required to create a communication network.

Ransomware Attack from Russian IP’s jeopardizes the Victims and Locks Their PC’s



A Newfound Ransomware by the name of Sigma is known to be spreading from Russia-based IP's with the assortment of social engineering procedures in order to jeopardize the victims and lock the contagion computer.

User's that were targeted on through the malignant SPAM Messages that contained a proclamation originated from the "United States District Court" with a pernicious attachment.


Presently the attackers utilizing the Email scam so as to make sure that the targeted victims perform the diverse malicious activities all the while manipulating the user by some emergency strings of dread and giving rise to the victim’s inquisitiveness.The Sigma Ransomware Attack directed from around 32 Russian based IP's and the attacker enlisted in the particular domain which is specifically utilized to perform different attacks.

The creators of the Malware utilized more obfuscation works by asking for the password to open the file and avoid the discovery.At first, the malignant documents required a password to open since it tricks the user to download the attachment that ought to be protected since the mail is originated from the court.

In the event that it finds that the Macros are turned off on the victim's machine then it further convinces the users to turn it on which contains malevolent VBScript.

Then, the VBScript will download the first Sigma Ransomware payload from the attack summon, control server and save it in the %TEMP% folder.Downloaded malware emulates as a legit svchost.exe process which assists in downloading an additional malware.

The Malware utilized a variety of obscurity strategy to conceal it and sidestep the discovery and it revokes itself on the off chance that it finds any virtual machine or sandboxes present.

 "Looking with malware so complex on the sides, social engineering traps and technical design is a challenge hard even for even security-mindful users," says Fatih Orhan, the Head of Comodo Threat Research Labs.

As indicated by the Comodo Research, uncommon to a portion of its ransomware relatives, Sigma does not act promptly but rather sneaks and makes secretive observations first. It makes a rundown of important documents, checks them and sends this incentive to its C&C server alongside other data 
about the victim's machine.

Likewise if the sigma Ransomware finds no files then it erases itself and it stops the infection in the event that it finds the country location of Russian Alliance or Ukraine. Later it associates with its order and control servers and builds up the Tor Connection and Sigma Ransomware begins to encode documents on the machine.

After the complete encryption, it will show the ransom notes of that contains the definite and detailed data of the attack and the request of the attack to the victims   to get in touch with them by means of sigmacs@protonmail.com and furthermore mentioning the infection ID.

Additionally, the attack demands the payoff sum through bitcoin and the cost will be settled in view of how instantly the victims contact to the attack.



Britain's National Cyber Security Centre Issues a Warning of a Global Campaign for the Possibility of Some Kind of Russian Activity


Britain's National Cyber Security Centre (NCSC) is on high caution for the likelihood of some kind of Russian movement. More people and resources have been dedicated towards the examination and investigation.

 The FBI and the US Department of Homeland Security issued a joint alarm cautioning of a global campaign with the foremost targets being internet service providers, firms running critical infrastructure, government departments and large companies.

White House cyber security co-ordinator Rob Joyce in a press conference session about the alert said that the US and its allies had "high confidence" that Russia was behind this "broad campaign".

He additionally said that, a huge number of machines coordinating information and data around the net were being targeted, as suggested by the insight gathered by the US and UK.

Despite the fact that it is conceivable that Russian intrusions might increment in the coming future, yet, it is too soon to be sure without a doubt if so. Up until this point, there has been moderately minimal indication of this in the US or UK, in spite of the fact that Russia is blamed for propelling ruinous attacks against Ukraine.

It merits saying that Britain and the US will do relatively indistinguishable activities in Russia, pre-positioning in Russian networks to have the capacity to react.

What nobody is very certain of is whether this makes an impediment somewhat like commonly assured nuclear destruction in the Cold War.
Furthermore, Mr. Joyce said that:
 “Many different organisations had come under attack for months at a time in a bid to scoop up valuable intellectual property, business information or to get at their customers and when we see malicious cyber-activity, whether Kremlin or other nation state actors, we are going to push back.

Ciaran Martin, head of the UK's NCSC, said that the issuing of the alert denoted a "significant moment" as the two forces had at no other time given joint exhortation on the most proficient method to manage attacks.

The worldwide crusade contained nitty gritty data about attack techniques, including the signs left when hardware has been compromised , and how networks arranges change when they have been broken.

Mr Martin said GCHQ, NCSC's parent association, had followed the risk postured by Russian cyber-gangs for over 20 years. Further intelligence about the attacks had been included by "multiple" cyber security associations and organizations, he added.

Nevertheless the guidance given to firms incorporates approaches to design their systems accurately and also gives an insight on how to apply patches to address hardware vulnerabilities