Tag: Kremlin | SpinSafe

Ukraine war cuts ransomware as Kremlin co-opts hackers

October 23, 2022/in Internet Security

The Ukraine war has helped reduce global ransomware attacks by 10pc in the last few months, a British cybersecurity company has said.

Criminal hacking gangs, usually engaged in corporate ransomware activities, are increasingly being co-opted by the Russian military to launch cyberattacks on Ukraine, according to Digital Shadows.

“[The war] is likely to continue to motivate ransomware actors to target government and critical infrastructure entities,” said Riam Kim-McLeod, a threat intelligence analyst at Digital Shadows.

Such attacks partly contributed to a 10pc drop in the number of ransomware threats launched during the three months to September, said the London-based company.

The drop in ransomware may also partly be caused by tit-for-tat digital attacks between rival hacking gangs, Kim-McLeod said.

Researchers said the Lockbit gang, who recently targeted LSE-listed car retailer Pendragon with a $60m (£53.85m) ransom demand, were the target of attacks from their underworld rivals.

“The group is increasingly inviting resentment from competing threat groups and possibly former members,” said Kim-McLeod.

She explained that some cybercriminals’ servers went offline in September after what appeared to be an attack from competitors, saying: “In the world of cyber criminality, it is not uncommon for tensions to flare among rival groups.”

Officials from GCHQ’s National Cyber Security Centre have said ransomware is one of the biggest cyber threats facing the UK. Figures published by the Department for Digital, Culture, Media and Sport this year revealed the average costs to businesses caused by ransomware attacks is around £19,000 per incident.

US-based cyber security company Palo Alto Networks, however, warned that the average ransom payment it saw in the early part of this year was $925,000 (£829,000).

British businesses don’t feature highly on lists of commonly targeted countries, but some research suggests that when targeted, they are likely to pay out. Four fifths of targeted British companies gave in to ransomware criminals’ demands during 2021, according to Israeli cyber security company Proofpoint.

Lockbit is thought to be a Russian or Eastern…

Source…

Big Web Security Firms Ditch Russia, Leaving Internet Users Open To More Kremlin Snooping

March 12, 2022/in Internet Security

A protester holds a placard reading “Putin – No!” during an opposition rally in central Moscow, on March 10, 2019, to demand internet freedom in Russia. With internet and cybersecurity companies exiting the company, the web could be about to get far less open and secure in Russia than it was before the Ukraine invasion. (Photo by ALEXANDER NEMENOV/AFP via Getty Images)

AFP via Getty Images

Ordinary Russians face another major blow to their everyday lives due to the backlash to President Vladimir Putin’s invasion of Ukraine. On the same day, two major web-security companies have decided to quit selling to them, making Russians’ internet use more vulnerable to Kremlin snooping, hacking and other cybercrimes.

The departure of the two companies, Avast, a $6 billion antivirus provider based in the Czech Republic, and Utah-based website-certification firm DigiCert, will further isolate the country of 145 million people.

“We are horrified at Russia’s aggression against Ukraine, where the lives and livelihoods of innocent people are at severe risk, and where all freedoms have come under attack,” Avast CEO Ondrej Vlcek wrote on Thursday.

Vlcek said the company was including Belarus in the withdrawal of services, and was continuing to pay the full salaries of employees in Russia and Ukraine, many of whom it was helping to relocate.

“We do not take this decision lightly,” Vlcek wrote. “We’ve offered our products in Russia for nearly 20 years and users in this country are an important part of our global community.”

While Avast joins other antivirus companies, including NortonLifeLock and ESET, in halting sales, Russians will still be able to get antivirus protection from Moscow-based Kaspersky and other providers within the country. The departure of DigiCert could prove more significant.

DigiCert is one of the world’s biggest providers of website certificates, which aim to prove that when a person visits a site it’s owned by the entity they expected. If a website loses that certificate, it’s possible for hackers or a government to intercept a person’s attempt to reach a given site and replace it with their own webpage. That could then be used to launch…

Source…

U.S. catches Kremlin insider who may have secrets of 2016 hack

January 3, 2022/in Computer Security

In the days before Christmas, U.S. officials in Boston unveiled insider trading charges against a Russian tech tycoon they had been pursuing for months. They accused Vladislav Klyushin, who’d been extradited from Switzerland on Dec. 18, of illegally making tens of millions of dollars trading on hacked corporate-earnings information.

Yet as authorities laid out their securities fraud case, a striking portrait of the detainee emerged: Klyushin was not only an accused insider trader, but a Kremlin insider. He ran an information technology company that works with the Russian government’s top echelons. Just 18 months earlier, Klyushin received a medal of honor from Russian President Vladimir Putin. The U.S. had, in its custody, the highest-level Kremlin insider handed to U.S. law enforcement in recent memory.

Klyushin’s cybersecurity work and Kremlin ties could make him a useful source of information for U.S. officials, according to several people familiar with Russian intelligence matters. Most critically, these people said, if he chooses to cooperate, he could provide Americans with their closest view yet of 2016 election manipulation.

According to people in Moscow who are close to the Kremlin and security services, Russian intelligence has concluded that Klyushin, 41, has access to documents relating to a Russian campaign to hack Democratic Party servers during the 2016 U.S. election. These documents, they say, establish the hacking was led by a team in Russia’s GRU military intelligence that U.S. cybersecurity companies have dubbed “Fancy Bear” or APT28. Such a cache would provide the U.S. for the first time with detailed documentary evidence of the alleged Russian efforts to influence the election, according to these people.

Klyushin’s path to the U.S. — his flight from Moscow via private jet, his arrest in Switzerland, and his wait in jail as Russia and the U.S. competed to win his extradition — is described in U.S., European and Swiss legal filings, as well as in accounts of more than a half-dozen people with knowledge of the matter who requested anonymity to speak about Moscow’s efforts and its causes for concern.

According to these accounts, Klyushin was…

Source…

Hacking Servers. Online Blocking. Police Raids. Information Attacks. What Won’t The Kremlin Do To Stop ‘Smart Voting’?

September 5, 2021/in Computer Security

Here’s the main reason why Aleksei Navalny has become such a potent political force and a threat to the Kremlin: his splashy exposés documenting corruption and ostentatious spending by government officials, usually accompanied by his acerbic wit.

But there’s another, equally potent reason: his Smart Voting campaign, an effort that aims to loosen the chokehold the Kremlin-allied United Russia political party has on elected legislatures nationwide.

And that’s why, with just weeks to go before nationwide elections to choose a new lower house of parliament, authorities have stepped up a crackdown on anything connected to Smart Voting.

“They are definitely fighting against Smart Voting,” Abbas Gallyamov, a Moscow-based political analyst, told Current Time, the Russian-language network run by RFE/RL in cooperation with VOA.

“We can’t forget that Smart Voting is the most dangerous of all of Navalny’s projects, at least at the present moment,” he said.

Smart Voting Goes High-Tech

The September 17-19 elections are crucial not only for cementing United Russia’s grip on the country’s political life. They’re also key to any constitutional maneuvering that the Kremlin might undertake in the run-up to the 2024 presidential election, when President Vladimir Putin may seek a fifth term.

The problem for the Kremlin is that, at least since last year, polling for United Russia has been at historic lows.

The opposition, headed by Navalny, has shown unprecedented effectiveness — using the Smart Voting tactic to secure victories for hundreds of opposition candidates in local elections across the country in 2018, 2019, and 2020.

In past years, the effort was more of a traditional word-of-mouth and public-relations campaign promoted by Navalny and his allies through their networks.

Russian opposition leader Aleksei Navalny -- who has been jailed in a notorious prison east of Moscow since February -- is seen on a screen via a video link during a court hearing in Moscow in June. — Russian opposition leader Aleksei Navalny — who has been jailed in a notorious prison east of Moscow since February — is seen on a screen via a video link during a court hearing in Moscow in June.

This year, with the national Duma elections looming, Smart Voting has gone high-tech, with a downloadable app launched on August 24 that identifies in every single race the candidate most likely to defeat…

Source…

Tag Archive for: Kremlin

Smart Voting Goes High-Tech