On the guard of the cyber world: Ethical-hackers will appear in the Russian army


The Russian army will have special units, which will include ethical-hackers - people with technical education who will protect the "military Internet". They will scan the system for the presence of enemy cyber attacks and quickly neutralize them.

Conscripts will not be able to get into such units because only officers with special higher technical education can serve in a cyber army.

According to military expert Dmitry Boltenkov, it is necessary to block the attacking computers of the enemy and prevent him from getting into the network. Usually, software and hardware protection is used for this, as well as special devices that protect against hacking or warn of penetration.

It is already known that the software has already been created that should unite the field control stations and provide a multi-level network protection system.

According to experts, such a system will make it impossible for external access to the "military Internet". Protection includes several firewalls that prevent unauthorized access. So, specially designed antiviruses will track the unauthorized access of malware.

The exact place where the invasion occurred and the enemy could intercept radio signals or connect to the network will be detected with the help of special programs and equipment. Further, cybersecurity experts from the new unit can identify and localize the consequences of the attack.

The main advantage of this system is its autonomy because "military Internet" is not connected with the usual network, which means it is less prone to leaks and hacker attacks from outside.

The Ministry of Defense tested the work of the “military Internet” this year. The exchange of information at a speed of 300 Mbit/s was carried out between the field control stations at a distance of more than 2 thousand km. The military Department used special equipment and more than a thousand mobile communication and encryption complexes to create ultra-long data lines. The new system allows the exchange of information at a distance of several thousand kilometers, and all communication channels will be protected from hacking.

In addition, the Armed Forces of Russia are also creating a sovereign Internet - multiservice transport communication network (MTSS). It is planned to complete the first stage of work at the end of this year.

The scammers started to use fake video to steal money of the Russians



Fake videos appeared on the Internet with overlapping faces and voices of famous people with the help of which scammers steal funds. IT company JET warned Russians about this.

"A relatively new phenomenon deep fake has appeared on the network, it is fake videos with overlapping faces and voices of famous people on videos of various contents using Deep Learning technologies. This technology allows you to replace the movement of the lips and human speech on the video. It is difficult for an ordinary user to identify such fakes, and many take them for the truth," the company said.

Experts of the company found in the network fraudulent video using the image of the Russian showman and actor Dmitry Nagiyev, where he offers to visit a certain site and get a prize or cash reward. The company said that site visitors may lose money.

The company JET noted that the victims got to the portal with the generated domain name. Such sites only work for a couple of days, but criminals constantly open new ones.

According to Anna Oleinikova, an expert on neural networks in the company JET, deep fake is an extremely serious threat. "The range of malicious use of deep fake and similar technologies is very wide: blackmail, discrediting of media persons and politicians, unfair competition in business and politics," she said.

At the same time, the company notes that ordinary users can try to identify fakes, based on several signs. So, on fraudulent videos all the time eyes are open or half-closed, and around the head at sharp movements and change of lighting there are strange loops.

In turn, Stanislav Ashmanov, the head of the company "Neural networks of Ashmanov", said that it is very difficult to create believable deep fake. This requires a lot of different data and a complex algorithm. Now everything that appears on the Network suffers from a lack of quality and looks quite improbable.

“In my opinion, technology has not yet been completely improved to make video indistinguishable from reality, cheap and easy,” he added.


Fraudsters started selling customer data of the Russian Bank that fell under the reorganization of the Central Bank


A database of 70,000 Binbank customers leaked to the Internet, which was merged with Open Bank in early 2019. According to experts, this is the fault of the Bank of Russia, which at the stage of the introduction of the interim administration did not bother to check the information security of the credit institution. According to lawyers, clients who suffered as a result of a data leak have a chance to return funds in court.

It is known that for 5 thousand rubles ($77) dealers can get access to the name and surname of the client, find out passport details and place of residence.

Ashot Hovhannisyan, the founder of DeviceLock, said that the sold base consists of clients who at one time applied for an Elixir credit card. According to him, the database was sold to one wholesale buyer, and now several small underground dealers are engaged in trade in personal data.

In addition, according to law enforcement agencies, since the beginning of 2019, about a hundred former clients of Binbank lost their funds and filed a report. The amount of theft from the accounts is from three to one hundred thousand rubles ($ 46 – $1535). It is possible that the data leak affected the actions of Bank fraudsters.

The Federal Service for Supervision of Communications, Information Technology and Mass Communications (Roskomnadzor) sent a written request to Open Bank to clarify the situation. The letter contains a requirement to provide information on the reasons that led to the leak of personal data of bank customers (name, passport details, telephone number and address of clients), about the persons who committed the leak, as well as on the measures taken to eliminate the consequences of the incident.

According to Roskomnadzor, an untimely warning about leaks of personal data threatens the security of personal data of citizens.

Open Bank has denied information about the leak of personal information about Binbank depositors. The Open Bank Press Service stressed that there is no evidence that the leaked database has any relation to the clients of Binbank.


The Russian Quality System recommends covering up the camera and microphone of the laptop - Paranoia or not?


“The Internet is an insecure space, so you should not neglect the rules of digital hygiene”, assure experts of the Center of Digital Expertise of the Russian Quality System (Roskachestvo).

Experts remind that antivirus and updated software must be installed on the computer. They also recommend covering up the camera and microphone while they are not in use. This can be done with tape, duct tape or a special curtain.

"Spyware malware is able to activate a microphone or camera on the device," said Anton Fishman, the Head of the Group-IB system solutions Department. According to him, this is how Pegasus spyware works, which attacked Android and iOS through a vulnerability in older versions of WhatsApp messenger.

According to experts, even if you do not give different applications permission to access the microphone and camera, smartphones still monitor the owners, collect data about them. The reason is clear, first of all, in order to advertise the goods and services a person needs. Experts note that this happens even when access to the camera or microphone is disabled.

“We have to state that, in fact, sticking together a camera and a microphone is no longer paranoia, but one of the rules of digital hygiene,” said Ilya Loyevsky, deputy head of the Russian Quality System.

Moreover, Yevgeny Novikov, the Press Secretary of the Ministry of Digital Development, Communications and Mass Communications supported the recommendations of the Russian Quality System. He noted that Internet scammers often use methods of social engineering rather than technical vulnerabilities. In this regard, users of laptops and smartphones should take care of the protection of personal data, and not rely on antivirus.

“Internet users really should observe cyber hygiene and also take care of the safety of their personal data. You cannot completely rely on antiviruses,” said Novikov.

He noticed that he also is covering up the camera on the laptop.

Hacker Alexander Warskoy commented on the initiative of the Russian Quality System, calling these measures rather ridiculous. He added that if spies want to access devices, they will still get it.

Internet Ombudsman Dmitry Marinichev called paranoia the recommendation of the Russian Quality System. "Sticking a camera on a laptop is paranoia that can lead to Russians starting to cover up the TV with a towel."


More than half of Russians are not ready for e-passports


Previously, Ehacking News reported that the Russian government has determined the basic parameters of the future electronic passport. Documents of the new type will be issued to Russians from 2020 in Moscow, and it is planned to fully switch to digital passports by 2022.

It turned out that more than half of Russians are not ready to issue electronic passports. They believe that this document is not secure; in addition, they fear possible failures in the system and database. The results of a survey of the All-Russian Public Opinion Research Center proof this. A nationwide survey was conducted on July 25, 2019. The survey was attended by Russians aged 18 years.

According to the Russians, one of the key advantages of an electronic passport is its universality, as one document contains all the data. Citizens also noted the durability of this document format, low risks of loss, compactness and its practicality.

According to 22% of Russians, this document in electronic form is not secure. Another 8% of Russians are afraid of possible failures in the system and database. 4% believe that the risks of the new document format are associated with the possible leakage of data to third parties and the loss of the passport.

According to respondents, the most useful functions of an electronic passport can be the ability to use it as a Bank card (payment for services, receiving salaries/pensions/benefits and other charges); the function of storing several documents at the same time (passport, driver's license, employment record, etc.), as well as signing and sending documents to the State institution without visiting it.

“According to Russians, the least useful functions of an e-passport are the opening of an Individual Enterprise / LLC (47%); entering into contracts with organizations in electronic form (52%) and notarization of electronic documents (53%)," - noted in the All-Russian Public Opinion Research Center.

State Duma Deputy Svetlana Bessarab commented on the survey data. In her opinion, everyone who doubts the security of an electronic document should be able to keep a paper one.

Deputy Chairman of the Duma Committee on Information Technology and Communications Andrei Svintsov expressed the opinion that the full digitalization of the economy will allow staying ahead of competitors, to create more comfortable conditions for citizens.


Banks collect biometric data of citizens in Russia






More than 70 Bank offices in the Irkutsk region are already working in the Unified Biometric System, which allows receiving services of bank remotely.


Recall that remote identification was launched in Russia in mid-2018. Clients just need to confirm their identity using biometric data - face images and voice recording.

According to the employer of the Irkutsk Branch of the Bank of Russia, clients need to come to the office once with a passport in order to register in the system. This procedure takes less than 1 minute. Today, 71 Bank offices work with such technologies in the Irkutsk region. Siberian residents can do the identification procedure in the biometric system in 687 branches of 57 banks.

Citizens have access to services of opening an account, obtaining a loan and transferring funds. These services can be obtained by phone, without a personal visit to the office of the Bank. The number of services will expand in the future. In addition, soon insurance companies will also recognize citizens by biometric data.

The new system has significantly reduced the number of Bank frauds. Thus, according to the Pochta Bank, the credit institution managed to block about five thousand fraud attempts in the last year through the biometric identification of clients.

Svetlana Ozeretskovskaya, the Head of Promotion of the Unified Biometric System project, stressed that "all biometric data is encrypted. It is almost impossible to restore them. This reduces the risk of compromise and does not allow attackers to take advantage of the data, even if some kind of leak occurs".

Meanwhile, cybersecurity specialists still see some weaknesses in the system. For example, Trojans in mobile applications or social networks can intercept biometric. But the authors of the biometric identification system are sure that even if your data gets to the criminals, the system will still calculate the fraud. According to the company Rostelecom, the probability of incorrect recognition of the client is 1 per 10 million. Moreover, the system will distinguish even twins from each other.

All data is in plastic: the usual passports of Russians will begin to change into digital


The Russian government has determined the basic parameters of the future electronic passport. Documents of the new type will be issued to Russians from 2020 in Moscow, and it is planned to fully switch to digital passports by 2022.

Paper passports will no longer be issued, but old documents will remain valid until their expiration date. People over 45 will continue to use paper documents indefinitely.

The e-passport will become a universal carrier of information about a person, necessary for his identification. The government is discussing the addition of other personal data to such a document, such as electronic signatures, fingerprints, insurance number.

However, the design of the electronic passport has not yet been approved. Prime Minister Dmitry Medvedev said that the main version is a plastic card with a chip, which will be complemented by the secure mobile application "My passport".

Such a document looks like a Bank card with a high degree of protection NFC-based chip will be integrated into the card and the card will also have a QR code and holographic protection. All components for the new document will be only "made in Russia".
Crypto-protection will increase the protection of a new passport against fakes. In addition, the mobile application "My passport" will give the opportunity to use a cloud digital signature, which is convenient for entrepreneurs. It is planned that the application will be available for all platforms — Android, iOS and even for the Russian operating system Aurora.

The government promised to pay maximum attention to the protection of electronic passports from hacking and manipulation.

It is interesting to note that Georgian citizens can already receive an electronic identity card, they can get it within three days for $ 10. A “smart” chip embedded in a plastic passport allows identifying the owner and getting all the information about his property, tax payments and even health.

"Now more than three million citizens of Georgia have electronic passports. Citizens from 14 years of age must obtain a passport", – said Givi Azarashvili, the Director of the House of Justice.



The e-voting system in Moscow has passed the first tests


On Thursday, July 11, the first stage of testing the e-voting system was completed, which will be used during the experiment in the elections of deputies of the Moscow City Duma on September 8.

According to Artem Kostyrko, the head of the Information Technologies Department of the capital of the Russian Federation, 178 attempts were made to replace the bulletins.

“Several attempts were recorded to find a link to a unique anonymized bulletin during the test voting. The attacks were professional,” Kostyrko said.

Kostyrko explained that it was not a system failure, but a data output failure. However, it happened 3 hours before the end of the voting. By this time, 75% of all participants voted.

He noted that the system was ready for attacks and they were fixed to be sent to the e-voting monitoring group for study.

Moreover, 1253 students took part in the testing and pointed out the shortcomings. "We conducted the first testing with students for a reason, because they are advanced users of gadgets, they can compare with applications and point out shortcomings," Kostyrko added.

Kostyrko noted that several more public tests are planned. "IT professionals will test e-voting system next week. We will ask hackers to try to hack the system, put a fake voice and so on."

In addition, a hacker who can hack the electronic voting system will be offered a cash prize of 1.5 million rubles (23 800 $). He added, “if hackers manage to hack the system, it doesn't mean it's bad. This means that our colleagues gave us an opportunity that we did not see. And we will say thank you to them!”

Recall that the idea of conducting an experiment with the blockchain elections to the Moscow City Duma at the end of February was proposed by a group of Russian State Duma deputies representing United Russia and the Liberal Democratic Parties. The Russian State Duma supported the proposed bill, and on May 29, Russian President Vladimir Putin signed the relevant law. On September 8, electronic voting will be held in three electoral districts, and voters will be able to decide in what form they will vote in traditional or online.

Russian cyber security specialists massively quit from Russian banks



The Central Bank’s requirements for information security, which have dramatically increased over the past year, led to the departure of specialists in this field from banks to other industries. This situation has risks for banks and their customers. Experts noted that hackers who in 2019 refocused the attack from banks to government offices and industrial companies, can come back.

The banking market is in a dangerous situation, because the leading information security experts leave banks, finding application in other industries.

According to Alexander Vinogradov, the former head of the information security service at Zlatkombank, only among his acquaintances, 11 important Bank security officers who held senior positions resigned from credit institutions and found work in other areas — Telecom, retail, etc.

"The guys are just tired: the load on information security specialists has increased many times over the past year, the requirements have increased many times, many do not stand the load,” he said.

"The maximum responsibility and requirements with a very dubious return," — said Denis Malygia, the former head of the service of the Bank "Garant-invest", commenting on his decision to leave the post.

According to the information security experts, there is another problem, it is the unwillingness of banks to allocate budgets, which is why the risks of successful hacker attacks increase. Specialists of Group-IB said that 74% of the banks are not ready for hacker attacks.

Experts believe that the departure of information security specialists from banks is a dangerous trend. Maria Voronova, the Director of Consulting at InfoWatch Group of Companies, said that personnel risks, in particular, shortage of personnel, are one of the main operational risks in the field of information security.

According to experts, it is rather difficult to find a replacement for those who quit the bank. It may take about six months to find a new head of information security service.

It is interesting to note that in the first quarter of 2019, cyber attacks on the financial sector amounted to 6% of the total number of attacks on legal entities. State institutions (16%), medical (10%) and industrial companies (10%) became the most popular among hackers. If the bank security system will be more vulnerable, hackers can switch to this area.

The Central Bank of Russia has found problems with cybersecurity in all verified Banks


This year, the Bank of Russia checked 75 Banks for compliance with cybersecurity requirements and found all violations of the requirements. The head of the CBR Elvira Nabiullina informed about this, speaking at the II International Cybersecurity Congress (ICC).

Nabiullina said, "Since last year, the Central Bank as a regulator has the authority to supervise financial institutions in terms of how they fulfill cyber security requirements. Last year we checked 58 Banks, this year - 75. Problems and violations were found in all of them."

The Chairman of the Central Bank added that the problems found in Banks should not be considered critical, but they can become such over time, if not to take measures to prevent possible cybercrime.

Nabiullina noted that protection from cyber risks and the level of cybersecurity in the near future will become a competitive advantage for all companies. At the same time, the main drawback is that the business processes of Banks do not include the management of cyber risks.

The Chairman of the Central Bank drew attention to the fact that Russian bankers have no particular fear of hackers. Apparently, for this reason, certain shortcomings or problems were identified in each financial organization.

According to Nabiullina, there is a neglect of cybersecurity in society, and the heads of companies do not understand the problem.

Nabiullina stressed, “Our task is to use new technologies and try to go a step further, keeping up with hackers.”

Russian Prime Minister Dmitry Medvedev also spoke at the ICC. He said that it was necessary "to develop global security standards". Also, Medvedev noted that crimes that are committed with the help of the Internet "have no boundaries."

It should be noted that earlier German Gref, CEO, Chairman of the Executive Board of Sberbank, expressed the opinion that the heads of large companies should be paranoid in the fight against cyber threats: "We are responsible not only for ourselves, but we have hundreds of millions of our customers."

The cyber security week began in Moscow


For the first time, Sberbank holds Global Cyber Week, an international cybersecurity week, in Moscow; it will be held from 17 to 21 June. The first day of Global Cyber Week began on Monday.

The II International Cybersecurity Congress (ICC) is a key event of Global Cyber Week, which is attended by leading experts from around the world. The event has no analogs in the world.

The II ICC will be held at the World Trade Center in Moscow. Sberbank is organizing a similar congress in Moscow for the second time. The first Congress was held on July 5-6, 2018 and gathered more than 2.2 thousand participants representing about 700 organizations from more than 50 countries. Russian President Vladimir Putin took part in the Congress.

Several important events will open Global Cyber Week. This is an International Cybersecurity Practical Conference OFFZONE, designed primarily for young people, and Cyber Polygon, the world's first online cybersecurity training for major international companies.

The press service said, "The participants of the Conference will learn about the most popular research and modern tools of protection firsthand, as well as take part in various competitions in ethical hacking."

More than one and a half thousand participants came to Global Cyber Week on the first day, whose age does not exceed 25 years. Everything can be hacked at the event, even the badges (a name card of each participant).

President of Sberbank German Gref said that Sberbank has created a platform to unite the world community against cyber threats. He believes that the work on creating a secure global cyberspace is at an early stage, and it is necessary to develop the effective international cooperation at the corporate level to successfully combat cybercrime.

Russian President Vladimir Putin said, "We are well aware that it is possible to neutralize cyber threats only together, combining the efforts of the entire international community."

Stanislav Kuznetsov, Deputy Chairman of the Board of Sberbank, is confident that International Cybersecurity Congress will provide an opportunity to exchange views and tested technologies, and to provide for risks in the future.

The Russian Embassy responded to accusations from London in cyber attacks


The Press Secretary of the Russian Embassy in the UK said that the cyber attacks, which were stated by the British Minister, are not a real problem, but only a reason for the forcing of anti-Russian sentiment.

Recall that on Thursday, British Foreign Minister Jeremy Hunt once again accused Russia of carrying out cyber attacks in order to "undermine the critical infrastructure" and "change the results of the elections" in many countries.

The diplomatic mission stressed that the Russian side "repeatedly at various levels offered British partners cooperation on the issue of cyber threats". However, there has been no reaction from London.

The diplomats expressed the opinion that the new anti-Russian statement of the British Minister indicates that the Russian cyber attacks are not a problem for the British authorities, but an occasion to " forcing anti-Russian sentiments on an international scale."

The Russian Embassy stressed that such statements cause regret and serious concern. In addition, they added that, perhaps, London in this way hides preparations for a cyber attack on Russia.

However, no one in Europe believes Hunt. The President of the Czech Republic Milos Zeman commented on the allegations of Russian influence on the elections.

"Fake news is that Russians, Chinese or someone else influence the elections. Such false news is aimed at creating panic, they are spread by those who are afraid of losing. They are looking for an excuse to lose the election in advance," the Czech leader said.

It is worth noting that Russia has repeatedly denied all the allegations of attempts to influence democratic processes in different countries. Western countries have repeatedly attacked Moscow on this issue.

Earlier, for example, the State Secretary Mike Pompeo said that Russia interfered in the US elections in 2012, in 2008 and in 2004. However, he did not provide any evidence of his words.

Russian Senator Alexei Pushkov drew attention to the fact that from Pompeo's statements it can be concluded that "Russia has been interfering in the US elections since he went to school." At the same time, he noted with irony that maybe Moscow chose Pompeo.

The Russian State Duma will be engaged in the protection of personal data on the Internet



This week at a meeting of the State Duma deputies the State Duma Deputy Pyotr Tolstoy recalled the global leak of personal data, which became known in early May. In particular, passport data of the Vice-speaker of the lower chamber Alexander Zhukov appeared in the Network. In this regard, the parliamentarians decided to create a working group that will deal with data protection issues in the implementation of the national project Digital Economy.

According to Pyotr, just recently, personal data of 2 million Russian citizens including passport data of members of the Government were publicly available. “First, personal data of people is leaked, then their property, then money from Bank accounts. We need to take measures to protect personal data”, said Tolstoy.

It is worth noting that the experts called the cause of the leak in the errors in the legislation and illiteracy of website developers. The problem arose because of two requirements in the law – on the publication of decisions on the approval of large transactions, which often include passport details of the founders and on the use of electronic signature in the documents of customers and suppliers, which contains the name, e-mail and insurance certificate.

Tolstoy stressed that the reason for the incident was the lack of data protection, which is almost completely publicly available.

Peter Tolstoy reminded that in Russia there is a project Digital economy, which implies adequate protection of the rights of citizens. He believes that the collection of all information about a person under one file is against the law on personal data and is an extremely dangerous idea. In addition, he recalled the problem of availability of modern technologies for residents of certain areas, in some Russian villages there is no Internet and cellular communication.

According to him, now it is important to find an answer to the question of how to protect the rights of citizens and their interests in the implementation of a project on a Digital Economy.

"Any data processing of a citizen should be carried out only with his consent – voluntary and informed," said the Deputy.

As a result, at the suggestion of State Duma Speaker Vyacheslav Volodin, it was decided to create a working group that should deal with security issues within the framework of the national project. Deputies intend to listen to the first offers from colleagues in a month.


The Ministry of Internal Affairs of the Russian Federation to create a portal for complaints against hackers


In Russia, a special resource that will allow better fight against hackers to be created. Citizens themselves will be able to inform on hackers who either suffered from hackers or simply noticed some violations.

The concept of the service is the collection of information on cybercrime from citizens and legal entities, as well as government agencies, and then accumulating it in one system. The resource will be continuously and automatically collect data about the threats.

It will be possible to tell about violations by phone, e-mail, messenger, SMS and social networks. The database of the resource will also be updated due to the already existing systems in Russia: for example, a Unified Biometric System, a Portal of Public Services.

Citizens and government agencies will be able to use the service for free. Today in Russia there is no single place to collect information about cybercrime, access to which could be obtained by all interested citizens.

The system is being created by the Russian organization Data Economy. The organization was created to provide services in the Development of the Digital Economy in Russia supporting socially significant projects and initiatives. The founders of the organization are the Russian Government, ASI, Russian Post, Sberbank, a number of telecommunications and IT companies.

However, an employee of one of the IT companies said that the effectiveness of this system is sharply questionable, as the data from the public resource will be in the hands of attackers very soon and will only help them quickly modify the attack to be unnoticed.

It is interesting to note that the concept of a single portal was approved by the organization Data Economy and sent for approval to the Cabinet of Ministers. The total amount of financing of the national project for the next six years is more than 1.5 trillion rubles.

Chinese hackers attacked Russian companies and government agencies for 9 years



Russian Security Companies Positive Technologies and Kaspersky Lab discovered a cyber group which for several years stole data from more than 20 Russian companies and government agencies. The expert said that such groups are usually engaged in political intelligence or industrial espionage.

The hacker group has been working for at least 9 years. The names of the companies attacked by hackers were not disclosed. But it is specified that 24 Russian important organizations were attacked.

According to Positive Technologies, the attackers used Chinese developers to create their tools and used during the attacks Chinese IP addresses. Moreover, the keys for some versions of malicious programs are found on specialized forums where people from China communicate.

Positive Technologies gave the name TaskMasters to the hacker group because it created specific tasks in the task scheduler that allows hackers to execute commands of the operating system and run software at a certain point in time. After penetration into local networks of the enterprises, leaks of information were used for espionage.

Kaspersky Labs said they have been tracking the activity of this group since 2016, and they call it BlueTraveler. According to experts, hackers attack more often government agencies, mainly from Russia and the CIS. In addition, they confirm that the attackers speak Chinese and the methods used by Asian attackers is popular for political intelligence or industrial espionage.

An interesting fact is that the attacks of Asian hackers for years remained unnoticed by antivirus or information security services. Hackers downloaded without trace gigabytes of information, files, documents and drawings to their servers.

Known hackers of financial institutions prefer the method using the task scheduler. Namely, the Russian-speaking groups Cobalt and MoneyTaker use this method.

It is worth noting that at the end of 2018, cybersecurity experts reported that the financial sector of Russia for the year lost at least 3 billion rubles from cyber attacks.

Data Leakage in the Federal portal of public services exposes the personal data of millions of Russians

Details of passport, social security number and employment data of 2.24 million Russian citizens were publicly available. Ivan Begtin, the Chairman of the Data Markets Association was discovered this leak. He analyzed the information of the largest Russian electronic trading platforms, where commercial purchases and public procurement are placed, and where important data was publicly available.

Begtin checked 562 thousand records of ZakazRF, 550 thousand records of RTS-tender, as well as records of Sberbank AST and other major Russian electronic trading platforms. Confidential information was in the public domain on each of the websites.

According to the Chairman of the Data Markets Association, the error occurred due to the illiteracy of developers and inaccuracies in the legislation. In his opinion, decisions on approval of major transactions should be published in the public domain by law. These documents often contain personal data. Second, the electronic signature that customers and suppliers use contains data about the name, e-mail and social security number.

Konstantin Bochkarev, the legal advisor of CMS, said that the disclosure of passport data may result in criminal liability for violation of privacy. According to him, there were examples when the phone number was recognized as a personal or family secret in practice of the Moscow city court.

Experts believe that the developers have violated the law "On personal data". The data can be removed by Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications (Roskomnadzor) on the request of an individual or media reports.

At the moment, Roskomnadzor has already sent to the electronic trading platforms requests for the disclosure of personal data of more than 2 million bidders.

It is interesting to note that Google said in December that the data of 52.5 million people started to be publicly available due to an error in the Google+ service. Applications independently requested data on age, name and e-mail. The company assured that the card data and other personal data were not available to the application.

Roskomnadzor demanded that VPN services connect to the register of prohibited sites

Roskomnadzor for the first time demanded that the owners of VPN services connect to the register of banned sites in Russia. According to the law, VPN providers and Anonymizers connected to it are obliged to filter traffic.

The requirements for connecting to the State Information System (FGIS) were sent to the operators of 10 VPN services NordVPN, Hide My Ass!, Hola VPN, OpenVPN, VyprVPN, ExpressVPN, TorGuard, IPVanish, Kaspersky Secure Connection and VPN Unlimited.

FGIS contains a single register of banned Internet resources in the Russian Federation. According to the law, VPN services and Anonymizers are obliged to restrict access to Internet resources prohibited in Russia. So, services are required to connect to this system to gain access to the registry.

According to the current legislation, VPN services are required to connect to FGIS within 30 working days from the date of sending the requirements. Otherwise, FGIS may decide to restrict access to the VPN service.

It turned out that Roskomnadzor demanded to connect to the FGIS after receiving approval from the Federal Security Service.

It's important to note that the search engines operators Yandex, Mail.ru, Sputnik, Rambler are currently connected to FGIS. At the beginning of 2019 Roskomnadzor fined the company Google for 500 thousand rubles for non-execution of requirements about connecting to FGIS.

QR-codes on historical buildings of Russian city Astrakhan that led to Adult sites have been removed


Hacker reportedly changed website location of the QR-codes on historical buildings of Russian city Astrakhan and replaced them with adult website link. There was no technical detail provided how hacker was able to change the location of QR code.

When residents and guests of the city scanned QR-codes, their phones opened resources for adults, instead of sites with historical references.

Galina Goteeva, the Minister of Culture and Tourism of the region, said on March 15 that the signs with QR codes on the historical buildings of Astrakhan were changed.

QR-codes on historically significant buildings of Astrakhan were placed a few years ago. It was assumed that people can get a historical reference about the building after scanning the code with a mobile phone. Already in November last year, the Media reported about QR codes leading to porn sites and dating sites for quick sex.

In fact, the Regional Ministry of Culture for a long time struggled with the elimination of porn content, the signs were removed with great difficulty. And only at the end of the year sex traffic was stopped completely.

However, it is still a mystery why the signs with QR-codes hung for so long and why they were not promptly replaced. In total, there are at least 15 signs. QR-codes stopped working more than a year ago, but officials did not pay any attention to it: first, the pages gave an error, and later they began to lead to porn sites.

Hackers used the Roskomnadzor registry for attacks on Yandex


 Yandex and several other major Russian resources a few days ago were subjected to a powerful DNS-attack. The attackers used vulnerabilities in the system of blocking sites.

"Any company and any website can suffer from such actions, " said a representative of the Press Service of Yandex.

The reason for the attack was a discovered vulnerability in the blocking system of Roskomnadzor websites. The criminals carried out the attack using DNS by changing the entries in the domain name system. They linked the addresses of new attacked sites with already blocked domains. So they managed to restrict access to the pages.

As a result, some user services were extremely slow. This was due to the fact that many operators carried out all traffic to these pages through a system of the Deep Packet Inspection — DPI.

The blocking of IP-addresses of the company Yandex was avoided, as the employees of the organization successfully repelled the attack for several days. The publication suggested that the hacker attack could be associated with the adoption of the law on the sustainability of the Runet: the problems were fixed during the rally.

The vulnerability exploited by the attackers has been known since 2017.

*Russian Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications (Roskomnadzor)

Hackers Using Smart Devices to Launch Phishing Attack against Russian Business


Cybersecurity experts recorded a unique mass attack on Russian business. It is unique because hackers disguised themselves as well-known brands and used smart devices. This is the first mass attack of this kind.

Hackers presented themselves as representatives of famous brands, including retail chains, construction and oil companies. They sent e-mails with malicious software, in particular, on behalf of the Auchan hypermarket chain, or on behalf of the transnational energy Corporation Gazprom, qualitatively copying their style.

The e-mails contained the encryption virus Shade/Troldesh, it encoded files on users devices and demanded from them a fee for access to them.

Vladimir Dryukov, Director of the Solar JSOC Cyber Attack Monitoring and Response Center, noted that the intensity of this phishing mailing is several times higher than usual. According to him, the attack affected about 50 largest companies in Russia, whose employees received 10-50 letters a day. Group-IB experts recorded up to 2000 mailings per day.

The main feature of these attacks is the use of smart devices, for example, hacked routers around the world, as they are much more difficult to track. In addition, virus emails can be sent from any device that is capable of it, for example, modems, ecosystems of smart homes, network storage. Experts believe that in the future the number of hacker attacks using them will only grow.

"Usually IOT devices are used for DDoS attacks. Sending phishing emails from routers is still exotic, " said Vladimir Dryukov.

It is worth noting that the attacks on Russian companies began in November, but their peak came in February. Which companies were attacked and how much damage was caused to them is not disclosed.