In recent months, a number of public buildings of the Russian Federation have declared tenders to strengthen cyber protection, and this with a high probability means that their databases were hacked or sold. Perhaps the data of the person recognition systems in the Moscow metro have flowed.
The analyst was preparing the summary Andrew Bowenwho has been specializing in Russia for about 15 years and has been here repeatedly – on the cover of it microblog Twitter depicts riot police. Typically, the reports of Bowen and his colleagues are refuse Of the publications in the media and industry magazines – standard briefings for Washington deputies, and there are very few own analysts. But in one of the latest reports, Bowen briefly described the problems in the field of the Cyberborne of Russia.
The summary begins with a description of the composition of the Russian Cyberovsk. Their feature, Bowen writes, consists in the fact that different structural units compete with each other for influence, finances and personnel, often not knowing, for example, that their colleagues are committed by the same hack.
The report has some military units of the GRU of the Ministry of Defense and a number of Research Institute developing malicious software and hacker tools – experts call these groups of hackers Apt 28 (Advanced Persistant Threat), Fancy Bear, Sandoo, Tsar Team. It is noted that the foreign intelligence service (SVR) works thinner than the Ministry of Defense – secretly and professionally, trying to get longer access to the networks of interest. Just SVR (APT 29, Cozy Bear, Dukes) April 15 White House announced Guilty of spying by hacking SolarWinds networks.
According to the analyst, in recent years has increased the foreign activity of the FSB, which controls (and hires) domestic hackers along with the control of the “K” of the Ministry of Internal Affairs. One of the “Lubyansky” groups specializes in hacking infrastructure, energy facilities and networks; The other learned to skillfully imitate the “handwriting” of other hacker gangs. FSB hackers Western experts call Berserk Bear, Energetic Bear, Gamaredon, Teamspy, Dragonfly, Havex, Crouching Yeti, Koala. Of the elite security forces, except that the FSO was not seen in offensive cyberism, Bowen writes.
The fact that the problem of data leakage in Russia is also says that at the end of December 2020, the Moscow metro announced tender “Performing work on equipping the video identification system of the Moscow metro software and hardware component of the state of security of information resources.” With a high degree of probability, this purchase means that the video surveillance system in the Moscow metro, which managed to recognize millions of people, was already hacked. The metro will spend 230 million rubles on its improvement. The tender was won by Cross Technolodzhis, the winner must perform work before the end of June 2021.
Similarly in February Rosreestr Highlighted 468.4 million rubles for the creation of a “integrated information security system” after a large -scale leak. On January 19, the telegram channel “VCK-OGPU” announced the drain of real estate data in the suburbs, instead of the owners of which the “Russian Federation” is listed in the bases.
Cybersecurity can be devoted to part of the annual message of the president Vladimir Putin Federal Assembly. Two months ago, at a meeting of the College of the FSB, the head of state stated that in 2020 the number of most dangerous attacks on Russian information resources, including resources of authorities and management, It has grown Almost three and a half times.
The US Congress called the weak places of the cybersecurity of Russia
Last week, the States imposed sanctions against Russia due to the attack of hackers on American government agencies-the Kremlin was declared the organizer of the cyber attack in December immediately after the opening of surveillance through SolarWinds services. Octagon got acquainted with the analytical report …
“ВЧК ОГПУ”
