Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Government

Russian Intelligence Services are Working with Ransomware Gangs, Report Says (cbsnews.com) 80

CBS News reports: Russian intelligence services worked with prominent ransomware gangs to compromise U.S. government and government-affiliated organizations, according to new research from cybersecurity firm Analyst1.

Two Russian intelligence bureaus — the Federal Security Service, or FSB, and Foreign Intelligence Service, or SVR — collaborated with individuals in "multiple cybercriminal organizations," security analysts with the firm say in the report. The research indicates these cybercriminals helped Russian intelligence develop and deploy custom malware targeting American companies that serve U.S. military clients... The code was launched sometime between June 2019 and January 2020 and hid in the background of Windows machines, silently harvesting keystrokes and sensitive documents...

Analyst1 does not attribute the rise in organized criminal ransomware directly to Russian President Vladimir Putin or the Kremlin. But DiMaggio does "strongly believe" the Russian government colluded with cybercriminal gangs to spy on American defense targets.

The report described said two different Russian cybercriminal groups attacked the same target, infiltrated their targeted systems, "then distributed malware using a PowerShell Windows application..."

The report's author, a lead researcher at Analyst1, tells CBS that the ransomware variation "crawls documents for specific keywords, like 'weapon' and 'top secret,' then quietly sends the info back to the attacker."
This discussion has been archived. No new comments can be posted.

Russian Intelligence Services are Working with Ransomware Gangs, Report Says

Comments Filter:
  • then Russian law enforcement can start a media blitz about how they're arrested criminal ransomware gangs, which can then be confirmed by a decrease of attacks observed by other nations.

    • It's a bit difficult for him to arrest people in Ukraine, Georgia and Baltic states. Not to say impossible.

      Ransomware moved there long ago and for a very simple reason - the banks there offer "cashing" bitcoins and do not ask any questions about the origin of said bitcoins. That service is not available in Russia. While Bitcoin is no longer illegal (as of 2019), the central bank has refused to issue license to any bitcoin clearing service [cnbc.com].

      This old slashdot article is an example: https://it.slashdot.org/ [slashdot.org]

      • That makes no sense. The banks will certainly care where the bitcoin came from since bitcoins entire point of creation is traceability. Will they also accept deposits of ransom cash?

  • Well duh! (Score:3, Insightful)

    by bferrell ( 253291 ) on Sunday August 15, 2021 @09:05PM (#61696041) Homepage Journal

    "Blank intelligence service" is working with "criminal groups...

    News at eleven

    Bay of pigs had involvement from organized crime too.

    • I am shocked, shocked I tell you! that someone would even suggest the FSB and SVR might be working with criminals to attack the US.
  • The report's author, a lead researcher at Analyst1, tells CBS that the ransomware variation "crawls documents for specific keywords, like 'weapon' and 'top secret,' then quietly sends the info back to the attacker."

    Ah for the days when "weapon" and "top secret" were kept in a filing cabinet and not on the internet.

  • Lesson for secure systems being: you need to additionally password protect confidential files.
  • Spies.. (Score:4, Funny)

    by hdyoung ( 5182939 ) on Sunday August 15, 2021 @09:15PM (#61696063)
    do shady stuff. News at 11.

    Theres some juicy examples of the US government doing similar, But for the most part, we do it better, and thus it goes undetected. When the US spy agencies get caught working with the mob/cartel/drugrunners/pimps/etc it goes down in the history books. Im sure for every example we know, there are 50 similar deals that are successfully kept quiet.

    On the other hand, Russian espionage seems to get caught with their pants down at least 5 times per year. I cant tell if they are truly that amateur and sloppy, or if its just a side effect of them building their entire civilization around the core concept of “no fu*&s given about anything”.

    I love the Russians. Theyre a problem, but life would be so much more boring without them. Theyre like that really entertaining, crazy neighbor. You know what I mean. The one where youre just waiting to read the headline “pants-less inebriated area man eaten by otters while launching home-built rocket”. Nothing to do but laugh.
    • by edis ( 266347 )

      Much of this is done, the reason of many reports.
      Should it lead to laughs, really...

  • when they set up some chump with mental health issues to prove they can catch terrorists.

  • by SuperKendall ( 25149 ) on Sunday August 15, 2021 @10:05PM (#61696167)

    Everyone, quickly download the Goatse image (you know which one, no I am not going to link to it), download it to a hidden folder called "TOP SECRET" and name the file "Weapon of Choice".

    The scanning will cease within a day.

    • Everyone, quickly download the Goatse image (you know which one, no I am not going to link to it), download it to a hidden folder called "TOP SECRET" and name the file "Weapon of Choice".

      The scanning will cease within a day.

      Yea, that would no doubt be interesting, of course you'd need to obfuscate the hash so each copy gets opened. In addition, knowing things are going to an adversary also gives you a vector into their machines.

    • by DewDude ( 537374 )

      They can already do that to me but all they get is an MKV of Christopher Walken dancing.

  • Strongly believes (Score:4, Informative)

    by Deep Esophagus ( 686515 ) on Sunday August 15, 2021 @10:20PM (#61696191)

    Analyst1 does not attribute the rise in organized criminal ransomware directly to Russian President Vladimir Putin or the Kremlin. But DiMaggio does "strongly believe" the Russian government colluded with cybercriminal gangs to spy on American defense targets.

    Good to know that "strongly believe" is sufficient proof nowadays.

    Don't get me wrong, I'm not defending Ivan and it's obvious to everyone that the cold war is still going strong and the Russians are in it up to their eyeballs. But we can "strongly believe" all we want and still not be able to do a fargin' thing about it. Come back when you have proof we can use to buy UN sanctions or justify retaliation in kind (assuming we're not already doing that).

    • Mod up. 'Strongly Believe' takes a major credibility hit when the authors have a conflict of interest - ie paid however so to do a report by some 3 letter agency, and then some PR to smear the defendant with prejudice. Or those lazy incompetent 3 letter agencies could simply rewrite and secure sloppy MS code, that MS is too lazy to fix itself. Many people would believe Homeland Security is complicit in keeping these gaping holes open, rather than plugging holes in the dam when water is seen gushing out. Pro
      • paid however so to do a report by some 3 letter agency, and then some PR to smear the defendant with prejudice.

        What court? There is no court. The court of public opinion for ... Russia relations ... is out of town this week and will not be back soon. Nobody cares about Russia. I mean that in the sense of, WHO'S opinion on Russia in your stupid theory is supposed to be moved by this? God bless average happy Russian citizens and all, but nobody gives a shit about the US dunking on Russia besides the Russian government. The motive in your theory is dumb and nonsensical.

    • by Uberbah ( 647458 )

      the Russians are in it up to their eyeballs

      According to the same people who spent the last five years lying to you that Trump was a Russian asset. Russia's defense budget is $45 billion. Less than 1/30th of what the US spends [motherjones.com] each year (base number has gone up since article was written).

      • You can be an "asset" without actually being aware that you are. The question then becomes was Trump really that naive?

        • by Uberbah ( 647458 )

          You can be an "asset" without actually being aware that you are.

          Yeah that was a giant crock, too.

          The question then becomes was Trump really that naive?

          You mean how gullible are liberals? Trump was FAR more hostile to Russia than either his successor or predecessor. Diplomatically, [cnn.com] militarily, [navytimes.com] and economically. [bbc.com]

          • Arguing about this is pointless since both of our minds are already made up and we'll never convince each other otherwise, but I'd just like to remind you of what Trump said when Bill O'Reilly asked Trump if he thought Putin was a killer.

            "But he's a killer. Putin's a killer!!", O'Reilly said emphatically.

            Trump replied: "There are a lot of killers. We got a lot of killers.. What? You think our country's so innocent?"

            Now I can't deny that the US has done some killing, but for the President of the United

            • by Uberbah ( 647458 )

              Trump replied: "There are a lot of killers. We got a lot of killers.. What? You think our country's so innocent?"

              Now I can't deny that the US has done some killing, but for the President of the United States to attempt to justify what Putin does

              Where's this so called "justification"? Sounds more like "eh, maybe we might not want to throw stones in a glass house." It wasn't Putin that boasted that he was "really good at killing people", not Putin who had "terror Tuesdays" to decide who was going to be made g

    • Analyst1 does not attribute the rise in organized criminal ransomware directly to Russian President Vladimir Putin or the Kremlin. But DiMaggio does "strongly believe" the Russian government colluded with cybercriminal gangs to spy on American defense targets.

      Good to know that "strongly believe" is sufficient proof nowadays.

      Don't get me wrong, I'm not defending Ivan and it's obvious to everyone that the cold war is still going strong and the Russians are in it up to their eyeballs. But we can "strongly believe" all we want and still not be able to do a fargin' thing about it. Come back when you have proof we can use to buy UN sanctions or justify retaliation in kind (assuming we're not already doing that).

      Who, besides you, is claiming it's sufficient proof of anything? And foreign policy is not a reactive courtroom drama you watch on TV after it happens. Everything is always in motion, and everyone is always guessing what will come next so they can get ahead. I mean you're the one that mentioned Cold War, er duh, you know this already.

      So this is the analyst's opinion, and the reasons for it are given in the report. The one that was linked. I clicked it, the link works, what's your excuse? Any conclusio

  • Anything they accuse of Russians or the Chinese doing, keep in mind the English speaking countries do it also.
  • "Russian intelligence services worked with prominent ransomware gangs to compromise U.S. government .. organizations, according to new research from CIA front Analyst1."
    • They catch these "ransomware gangs", stomp on their throat and ask "so.... what info did you happen to get, oh you downloaded data off of some US congressman's office computer.... what data was there I wonder". Which of course = working with. What were they supposed to do? Delete it without reading or making a copy of the juiciest stuff? Just to show respect for their geo political enemy? Lol yeah ok.

  • Non-linear hybrid war is their duty and they're apparently rather good at it. The Cold War never ended.

    US cooperation with Russia on nonsense like ISS (which had zero effect winning "hearts and minds") merely displays weakness. NATO etc should be working to cripple the Russian economy to reduce their war budget and inflict maximum financial damage. ALL the Cold War toolkit should be employed and Russian operatives overseas dealt with the way Mossad deals with terrorists.

    • by gweihir ( 88907 )

      Th ISS is not nonsense, unless you are anti-science. For example, there is quite a bit of zero-g research that does not serve spaceflight and that cannot be done on earth and that currently cannot be done with robotics in space either.

  • Without hard proof, it is completely worthless.

  • "Russian Intelligence Services are Working with Ransomware Gangs"

    They ARE the Ransomware Gangs.

  • They really do not have enough expertise and have to cooperate with criminals? Poor boys (and girls)! Russia should install an additional service like the NSA with some 17.000 professionals, not just criminal amateurs! The NSA does not need to cooperate with criminals, except we regard the CIA as a criminal organization. But killing politicians, starting wars and changing regimes in the service of banana or oil companies (or simply the military-industrial complex) is certainly not a crime, because these bri

  • Why wouldn't a foreign government contract services from its own domestic private armed services providers. That's what this is, its Russia contracting with their own cyber version of Blackwater.

    • by hey! ( 33014 )

      To avoid provoking a response against Russia. If all the crap they're enabling could be traced back to Russia, how long would it take other countries to decide to put Russian behind some kind of digital Iron Curtain? If you work with friendly elements in a hostile country, you're less exposed.

  • As they did for decades (and may still be) to try to overthrow the government of Cuba?

    But then, the NSA and the CIA keep the hacking in-house, mostl.

  • The story is credible, but after the make up of Irak's WMD, I still have trouble to consume US accusations on other countries.

Enzymes are things invented by biologists that explain things which otherwise require harder thinking. -- Jerome Lettvin

Working...