Pierluigi Paganini
January 15, 2017
A raw intelligence document published last week contains much information about President Donald Trump and the approach of the Kremlin to the cyber espionage.
According to the report, the Russian Federal Security Service (FSB) offers bribes for back doors into commercial products, it uses to recruit black hat hackers in every way, including blackmail and coercion. The document reports the FSB used the sale of cheap PC game containing malware to compromise the machines. The report also reveals that the Russian Intelligence has cracked the popular Telegram instant messaging service.
The intelligence report has been prepared by a former British agent, he received the information about the hack of the Telegram service by a “cyber operative.”
“His/her understanding was that the FSB now successfully had cracked this communication software and therefore it was no longer secure to use,” reads the document.
Telegram was used by opponents of the government, for this FSB decided to crack it.Telegram is the work of two Russian brothers and billionaires, Nikolai and Pavel Durov. They had previously created Vkontakte – an alternative to Facebook. However, they got in trouble over some Ukrainian personal data issue and fled to Berlin from Russia in 2014.
Telegram leverages on a custom encryption process it made up itself for this reason security experts and privacy advocates raised several times questions about its security.
When it comes to cyberattacks, Russia’s offensive tactics include targeting foreign governments, especially Western governments; penetrating foreign corporations, especially banks; monitoring of the domestic elite; and attacking political opponents inside Russia and abroad.
According to the cyber spy, the Russian government received the support of an IT staffer at Telegram.
The Russian intelligence in one circumstance compromised some IT gear used by a foreign director of a Russian state-owned enterprise in order to conduct cyber espionage on Western organizations via backdoor.
The FSB offered a U.S. citizen of Russian descent funding for an IT startup in exchange for a backdoor into the software developed by the company. In this way, Russian cyber spies could deliver a malware to launch targeted attacks.
The intelligence document doesn’t provide further details on the cyber operations conducted by Russian hackers.
It is interesting as obvious the interest for the representatives of the G7 governments and NATO.
“External targets include foreign governments and big corporations, especially banks,” the document says, but mainly succeeds only among lower level targets. It says it has “limited success in attacking top foreign targets like G7 governments, security services and but much more on second tier ones through IT back doors, using corporate and other visitors to Russia.”
In order to target G7 governments, nation-state actors hit second-tier organizations, including western private banks and the governments of smaller states that are allied with the Western states.
“Hundreds of agents, either consciously cooperating with the FSB or whose personal and professional IT systems had even unwittingly compromised, were recruited,” continues the document.
The Russian institutions also suffer the cyber attacks of multiple cyber gangs, including Carbanak, Buktrap and Metel.
“The Central Bank of Russia claimed that in 2015 alone there had been more than 20 attempts at serious cyber embezzlement of money from corresponding accounts held there, comprising several billions of Rubles,” continues the report.
[adrotate banner=”9″]
(Security Affairs – Telegram, cyber espionage)
