Russian Intelligence Services are Working with Ransomware Gangs, Report Says

CBS News reports: Russian intelligence services worked with prominent ransomware gangs to compromise U.S. government and government-affiliated organizations, according to new research from cybersecurity firm Analyst1.

Two Russian intelligence bureaus — the Federal Security Service, or FSB, and Foreign Intelligence Service, or SVR — collaborated with individuals in "multiple cybercriminal organizations," security analysts with the firm say in the report. The research indicates these cybercriminals helped Russian intelligence develop and deploy custom malware targeting American companies that serve U.S. military clients... The code was launched sometime between June 2019 and January 2020 and hid in the background of Windows machines, silently harvesting keystrokes and sensitive documents...

Analyst1 does not attribute the rise in organized criminal ransomware directly to Russian President Vladimir Putin or the Kremlin. But DiMaggio does "strongly believe" the Russian government colluded with cybercriminal gangs to spy on American defense targets.
The report described said two different Russian cybercriminal groups attacked the same target, infiltrated their targeted systems, "then distributed malware using a PowerShell Windows application..."

The report's author, a lead researcher at Analyst1, tells CBS that the ransomware variation "crawls documents for specific keywords, like 'weapon' and 'top secret,' then quietly sends the info back to the attacker."

And if Putin wants to prove otherwise.....

[nocoiner]

then Russian law enforcement can start a media blitz about how they're arrested criminal ransomware gangs, which can then be confirmed by a decrease of attacks observed by other nations.

Re:

[kot-begemot-uk]

It's a bit difficult for him to arrest people in Ukraine, Georgia and Baltic states. Not to say impossible.

Ransomware moved there long ago and for a very simple reason - the banks there offer "cashing" bitcoins and do not ask any questions about the origin of said bitcoins. That service is not available in Russia. While Bitcoin is no longer illegal (as of 2019), the central bank has refused to issue license to any bitcoin clearing service [cnbc.com].

This old slashdot article is an example: https://it.slashdot.org/ [slashdot.org]

Re:

[ArchieBunker]

That makes no sense. The banks will certainly care where the bitcoin came from since bitcoins entire point of creation is traceability. Will they also accept deposits of ransom cash?

Re: Putin will say it's not true, then what?

[keysdisease]

Letâ(TM)s not forget the First Anglo-Afghan War that started in 1839. Actually read Robert Fiskâ(TM)s tome, The Great War for Civilization for long term perspective.

Re:

[AlanObject]

What world leader is inclined to take any Biden response seriously given the way he is handling Afghanistan?

You mean dealing with the shitshow left to him by his predecessor who made a "deal" with the Taliban? He had two options: get out which is what the majority of U.S. voters want, or escalate.

Yeah great no-win setup but at least you seem happy.

Re:

[edis]

It was difficult to escalate. Generations there have been born straight into the arms.

Re:

[phantomfive]

He could have given the Afghanistanis logistical and air support. The Taliban broke the deal, they started killing people.

Re:

[ArchieBunker]

Agreed. Russia tried this back in the 1980s and it went just as poorly.

Obama announced the withdrawal (aka surrender)

[raymorris]

Speaking of shit shows left by ones predecessor (and it was a shit show we needed to get out of):

Barak Obama was the president to first announce the US withdrawal from Afghanistan, then cut troop levels by over 90%. That was a unilateral withdrawal, aka unconditional surrender. While he did remove 90% of US troops, he didn't complete the withdrawal during his term.

Trump first gave the professionals authority to decrease or increase troop levels as needed, resulting in a doubling of troops before they starte

Re:

[AlanObject]

The failure was in political and military intelligence. Many of the lower-level officers on the ground pretty much predicted what would happen but they weren't listened to. Instead, Biden was assured that the Afghanistan government could hold out for something like 18 months with the situation that they were left with.

If that were true then you wouldn't have the desperation on display at the airport. Not something anyone wanted to see.

If you read a clearly conservative leaning source like Fox News, he gets an F for his handling of it.

These are the news sources that were giving Biden an F for not get

Re:

[raymorris]

> Many of the lower-level officers on the ground pretty much predicted what would happen

So did the high-level officers.

The Biden team nevertheless chose the "Run away! Run away!" method rather than a more orderly, planned withdrawal that would have better protected our people and our allies.

Re:

[Aighearach]

Still crying over President Obaama, I see. You're the biggest racist on slashdot, and that's saying something, so no real surprise there.

President Obama killed Bin Laden. That was why were there. It was victory. (President Bush had already killed all the other senior leaders from 2001)

So it wasn't unconditional surrender. It was unconditional victory. Oh, but I voted for Obama, so you hate America now. Fucking loser.

Re:

[raymorris]

I get it you have a boner for Obama. Are you trying to claim he DIDN'T announce that he would withdraw US troops from Afghanistan by 2014?

Or are you just trying to distract from the fact that he declared we'd leave (but didn't actually get it done), by pointing out that he gives you a boner?

Re:

[raymorris]

Ps - you're supposed to scream "RACIST!" when a *white person* points out that you're wrong about something.

It doesn't make any sense to scream it randomly, when nobody pointed out any hole in any argument you were making.

Also, it backfires if you scream "RACIST!" at somebody who isn't white.

Re:Putin will say it's not true, then what?

[battingly]

"Handling Afghanistan"? He comes along in year 20, draws the obvious conclusion that this must end, and, well, you know, ends it. Finally, somebody handles it the way it needs to be handled.

Re:

[edis]

Finally, somebody handles it the way it needs to be handled.

Well, it's not that he needs newborn Islamist state, established by militant uneducated gang. We'll see if there actually was something needed. Yes, world should accept one more Emirate in that place, if this is what local people see most sense in, even if some would be insulted in moving away from civil, science aimed society.

Re:

[nagora]

Finally, somebody handles it the way it needs to be handled.

What? Badly?

The problem is that Americans have no grasp of geo-politics. Everything is "none of our business; we shouldn't be involved; bring our boys home!" until the shit hits the fan and then it's "We can't allow this! Bomb them into the stone age! Shock and awe!"

Having a continent shared between themselves and two allies gives them a very rose-tinted view of the attractions of isolationism. But isolationism is simply not an option any more, assuming it ever was.

Re:

[Ol Olsoc]

What? Badly?

The problem is that Americans have no grasp of geo-politics. Everything is "none of our business; we shouldn't be involved; bring our boys home!"

Well now, considering that we've been in constant warfare since forever, except for the Carter administration, all I gotta say is cool story, bro!

But isolationism is simply not an option any more, assuming it ever was.

Ahh, the neocon has entered the room. The idea that the USA is some sort of world cop is a bit 2002.

There are plenty of legitimate times that military intervention is justified. The Bush family bitchfight with Hussein and the Bin Ladin Family isn't one of them. Neocons, those spunky Trotskyites who would bankrupt their country rather than miss a chance to pr

Re:

[nagora]

Ahh, the neocon has entered the room. The idea that the USA is some sort of world cop is a bit 2002.

There are multiple stopping points between isolationism and being world cop.

Re:

[Ol Olsoc]

Ahh, the neocon has entered the room. The idea that the USA is some sort of world cop is a bit 2002.

There are multiple stopping points between isolationism and being world cop.

Sure - where is the "None of our business", though. My history reading shows me the last time we were isolationist was the years betwixt 1918 and 1941.

Re:

[Ol Olsoc]

"Handling Afghanistan"? He comes along in year 20, draws the obvious conclusion that this must end, and, well, you know, ends it. Finally, somebody handles it the way it needs to be handled.

That was pretty much how this was going to turn out. Even if we were there for a hundred years.

Even if we drove ourselves bankrupt. Which by the way - imagine all that money spent on US infrastructure and jobs instead of a bitched up perpetual war for the Bush Family.

The only solution that would have a different outcome would be saturation nuking, and that's nuts.

Re:

[snowshovelboy]

What world leader is inclined to take any Biden response seriously given the way he is handling Afghanistan?

You mean withdrawing from an arguably illegal occupation, letting the former de-facto government take territory back from the US puppet regime set up by his predecessors? I would expect world leaders to take him more seriously, not less.

Re:

[93 Escort Wagon]

I would expect world leaders to take him more seriously, not less.

Let's not forget that quite a few countries were part of the original coalition, yet most of them had already eliminated their presence in Afghanistan over the past several years.

The Taliban claim they've changed. I don't really buy it, but since they're the only Afghans seemingly willing to actually fight for what their country - they'll now have a chance to prove it (or not) to the rest of the world.

In any case, I'm just glad we're pulling out. I understood the rationale for invading in the first place, b

Re:

[Applehu Akbar]

The Taliban claim they've changed.

This time when they play soccer with women's heads, they have promised to use updated FIFA rules.

Re:

[snowshovelboy]

That's horrific but unfortunately its not horrific enough for US congress to actually declare a war. And if you are an American, its probably not horrific enough for you to vote for a people who would make it a priority to do so.

Re:

[kot-begemot-uk]

In the greater scheme of things Afghanistan will be a festering wound in the side of Russia, China and Iran. One mistake in handling it and they are down the route to destruction taken by the Soviets in 1979. Even if they do not make mistakes, they now have to spend a few Bn every year on reinforcing their allies along the Afghan border as well as border security. It also imperils a number of Chinese and Russian infrastructure projects in Central Asia and Pakistan.

Was that worth the 800Bn dumped into it?

Well duh!

[bferrell]

"Blank intelligence service" is working with "criminal groups...

News at eleven

Bay of pigs had involvement from organized crime too.

Re:

[Jzanu]

The "intelligence" service recruited from criminals for the same reason they recruit them into Wagner. Those people kill without concern. This was obvious from the start. Wait for the news that Wagner is involved in Afghanistan next.

Re:Well duh!

[edis]

You underestimate. First, country is run by the KGB officer, who knows better than anybody, that there are no former KGB people.

Second, you underestimate, that milking 'puters, credit cards, pirating software is national industry in the country looming with brave talent, while at the same time limited on quality of life. I loved reading Russian magazine, dedicated to this - that was very good. It is opposing Western lifestyle, as position where one starts from. It's organic.

Finally, the one who downplays his opponent is more likely to lose long term.

Re:

[Registered Coward v2]

How about this. Pathetic lame arse DUMB russian agents, need to work with hackers because they too stupid to do computer stuff, yep uh huh, absolutely.

Oh wait, that makes no sense because they are smart and the Russian Government is an authoritarian state (yep uh huh) and has tens of thousands of agents, smart ones, they get the pick of the litter, less tech industry competition and no corrupt contractors.

Poor Borish and Natasha don't know how to code must pay hackers with crypto currency to use Komputa thing for them. SO FUCKING LAME

Criminals are cheap labor. The work for "Do this or you disappear and we take all your money."

SpaceX vs the 20 year upgrade to the space suit

[raymorris]

Ransomware is a significant industry in Russia.
They have a lot of professionals.

For the government to work with them is kinda like NASA working with SpaceX. It just makes sense, if you ignore the whole criminal thing.

The other day we read about how NASA has spent a billion dollars trying to design the upgrade from spacesuit 4.0 to spacesuit 5.0, and it'll take them at least 20 years to have a flyable suit. In less time, Elon Musk has built SpaceX from nothing. Would it make sense for NASA to work with Space

Re:

[smoot123]

I am shocked, shocked I tell you! that someone would even suggest the FSB and SVR might be working with criminals to attack the US.

Pardon, your compartment is open.

[Ostracus]

The report's author, a lead researcher at Analyst1, tells CBS that the ransomware variation "crawls documents for specific keywords, like 'weapon' and 'top secret,' then quietly sends the info back to the attacker."

Ah for the days when "weapon" and "top secret" were kept in a filing cabinet and not on the internet.

Password protection

[blessedvirtue]

Lesson for secure systems being: you need to additionally password protect confidential files.

Re:

[edis]

Not enough.

Spies..

[hdyoung]

do shady stuff. News at 11.

Theres some juicy examples of the US government doing similar, But for the most part, we do it better, and thus it goes undetected. When the US spy agencies get caught working with the mob/cartel/drugrunners/pimps/etc it goes down in the history books. Im sure for every example we know, there are 50 similar deals that are successfully kept quiet.

On the other hand, Russian espionage seems to get caught with their pants down at least 5 times per year. I cant tell if they are truly that amateur and sloppy, or if its just a side effect of them building their entire civilization around the core concept of “no fu*&s given about anything”.

I love the Russians. Theyre a problem, but life would be so much more boring without them. Theyre like that really entertaining, crazy neighbor. You know what I mean. The one where youre just waiting to read the headline “pants-less inebriated area man eaten by otters while launching home-built rocket”. Nothing to do but laugh.

Re:

[edis]

Much of this is done, the reason of many reports.
Should it lead to laughs, really...

Re:

[Mattcelt]

I see a bunch of guys sitting around a table somewhere in Virginia making stuff up and laughing their asses off.

They were in Virginia, but then Moscow was forced to sell the property when the US government figured out what was going on there.

opposite of the fbi

[mSparks43]

when they set up some chump with mental health issues to prove they can catch terrorists.

So What? I Mean Unless They Do Something About It

[theshowmecanuck]

-nt

Simple way to overcome this attack

[SuperKendall]

Everyone, quickly download the Goatse image (you know which one, no I am not going to link to it), download it to a hidden folder called "TOP SECRET" and name the file "Weapon of Choice".

The scanning will cease within a day.

Re:

[Registered Coward v2]

Everyone, quickly download the Goatse image (you know which one, no I am not going to link to it), download it to a hidden folder called "TOP SECRET" and name the file "Weapon of Choice".

The scanning will cease within a day.

Yea, that would no doubt be interesting, of course you'd need to obfuscate the hash so each copy gets opened. In addition, knowing things are going to an adversary also gives you a vector into their machines.

Re:

[DewDude]

They can already do that to me but all they get is an MKV of Christopher Walken dancing.

Strongly believes

[Deep Esophagus]

Analyst1 does not attribute the rise in organized criminal ransomware directly to Russian President Vladimir Putin or the Kremlin. But DiMaggio does "strongly believe" the Russian government colluded with cybercriminal gangs to spy on American defense targets.

Good to know that "strongly believe" is sufficient proof nowadays.

Don't get me wrong, I'm not defending Ivan and it's obvious to everyone that the cold war is still going strong and the Russians are in it up to their eyeballs. But we can "strongly believe" all we want and still not be able to do a fargin' thing about it. Come back when you have proof we can use to buy UN sanctions or justify retaliation in kind (assuming we're not already doing that).

Re:

[Canberra1]

Mod up. 'Strongly Believe' takes a major credibility hit when the authors have a conflict of interest - ie paid however so to do a report by some 3 letter agency, and then some PR to smear the defendant with prejudice. Or those lazy incompetent 3 letter agencies could simply rewrite and secure sloppy MS code, that MS is too lazy to fix itself. Many people would believe Homeland Security is complicit in keeping these gaping holes open, rather than plugging holes in the dam when water is seen gushing out. Pro

Re:

[ToasterMonkey]

paid however so to do a report by some 3 letter agency, and then some PR to smear the defendant with prejudice.

What court? There is no court. The court of public opinion for ... Russia relations ... is out of town this week and will not be back soon. Nobody cares about Russia. I mean that in the sense of, WHO'S opinion on Russia in your stupid theory is supposed to be moved by this? God bless average happy Russian citizens and all, but nobody gives a shit about the US dunking on Russia besides the Russian government. The motive in your theory is dumb and nonsensical.

Re:

[Uberbah]

the Russians are in it up to their eyeballs

According to the same people who spent the last five years lying to you that Trump was a Russian asset. Russia's defense budget is $45 billion. Less than 1/30th of what the US spends [motherjones.com] each year (base number has gone up since article was written).

Re:

[No Longer an AC]

You can be an "asset" without actually being aware that you are. The question then becomes was Trump really that naive?

Re:

[Uberbah]

You can be an "asset" without actually being aware that you are.

Yeah that was a giant crock, too.

The question then becomes was Trump really that naive?

You mean how gullible are liberals? Trump was FAR more hostile to Russia than either his successor or predecessor. Diplomatically, [cnn.com] militarily, [navytimes.com] and economically. [bbc.com]

Re:

[No Longer an AC]

Arguing about this is pointless since both of our minds are already made up and we'll never convince each other otherwise, but I'd just like to remind you of what Trump said when Bill O'Reilly asked Trump if he thought Putin was a killer.

"But he's a killer. Putin's a killer!!", O'Reilly said emphatically.

Trump replied: "There are a lot of killers. We got a lot of killers.. What? You think our country's so innocent?"

Now I can't deny that the US has done some killing, but for the President of the United

Re:

[Uberbah]

Trump replied: "There are a lot of killers. We got a lot of killers.. What? You think our country's so innocent?"

Now I can't deny that the US has done some killing, but for the President of the United States to attempt to justify what Putin does

Where's this so called "justification"? Sounds more like "eh, maybe we might not want to throw stones in a glass house." It wasn't Putin that boasted that he was "really good at killing people", not Putin who had "terror Tuesdays" to decide who was going to be made g

Re:

[ToasterMonkey]

Analyst1 does not attribute the rise in organized criminal ransomware directly to Russian President Vladimir Putin or the Kremlin. But DiMaggio does "strongly believe" the Russian government colluded with cybercriminal gangs to spy on American defense targets.

Good to know that "strongly believe" is sufficient proof nowadays.

Don't get me wrong, I'm not defending Ivan and it's obvious to everyone that the cold war is still going strong and the Russians are in it up to their eyeballs. But we can "strongly believe" all we want and still not be able to do a fargin' thing about it. Come back when you have proof we can use to buy UN sanctions or justify retaliation in kind (assuming we're not already doing that).

Who, besides you, is claiming it's sufficient proof of anything? And foreign policy is not a reactive courtroom drama you watch on TV after it happens. Everything is always in motion, and everyone is always guessing what will come next so they can get ahead. I mean you're the one that mentioned Cold War, er duh, you know this already.

So this is the analyst's opinion, and the reasons for it are given in the report. The one that was linked. I clicked it, the link works, what's your excuse? Any conclusio

Those evil Russians

[louzer]

Anything they accuse of Russians or the Chinese doing, keep in mind the English speaking countries do it also.

Insert cyber bullshit :]

[terrorubic]

"Russian intelligence services worked with prominent ransomware gangs to compromise U.S. government .. organizations, according to new research from CIA front Analyst1."

Re:

[times05]

They catch these "ransomware gangs", stomp on their throat and ask "so.... what info did you happen to get, oh you downloaded data off of some US congressman's office computer.... what data was there I wonder". Which of course = working with. What were they supposed to do? Delete it without reading or making a copy of the juiciest stuff? Just to show respect for their geo political enemy? Lol yeah ok.

Re:

[Registered Coward v2]

They catch these "ransomware gangs", stomp on their throat and ask "so.... what info did you happen to get, oh you downloaded data off of some US congressman's office computer.... what data was there I wonder". Which of course = working with.

And you believe this would NOT happen if the CIA found out that a hacking group had dumped information from Russian congressmen?

Of course. In the end, intelligence is about the accuracy and reliability of the information, not where it came from.

That's their duty and they're good at it.

[couchslug]

Non-linear hybrid war is their duty and they're apparently rather good at it. The Cold War never ended.

US cooperation with Russia on nonsense like ISS (which had zero effect winning "hearts and minds") merely displays weakness. NATO etc should be working to cripple the Russian economy to reduce their war budget and inflict maximum financial damage. ALL the Cold War toolkit should be employed and Russian operatives overseas dealt with the way Mossad deals with terrorists.

Re:

[gweihir]

Th ISS is not nonsense, unless you are anti-science. For example, there is quite a bit of zero-g research that does not serve spaceflight and that cannot be done on earth and that currently cannot be done with robotics in space either.

A politically opportune claim

[gweihir]

Without hard proof, it is completely worthless.

Hardly

[nospam007]

"Russian Intelligence Services are Working with Ransomware Gangs"

They ARE the Ransomware Gangs.

Poor Russian Intelligence Agencies!

[be_kul]

They really do not have enough expertise and have to cooperate with criminals? Poor boys (and girls)! Russia should install an additional service like the NSA with some 17.000 professionals, not just criminal amateurs! The NSA does not need to cooperate with criminals, except we regard the CIA as a criminal organization. But killing politicians, starting wars and changing regimes in the service of banana or oil companies (or simply the military-industrial complex) is certainly not a crime, because these bri

uhh so what?

[snowshovelboy]

Why wouldn't a foreign government contract services from its own domestic private armed services providers. That's what this is, its Russia contracting with their own cyber version of Blackwater.

Re:

[hey!]

To avoid provoking a response against Russia. If all the crap they're enabling could be traced back to Russia, how long would it take other countries to decide to put Russian behind some kind of digital Iron Curtain? If you work with friendly elements in a hostile country, you're less exposed.

Like the CIA and the FBI working with the Mafia?

[whitroth]

As they did for decades (and may still be) to try to overthrow the government of Cuba?

But then, the NSA and the CIA keep the hacking in-house, mostl.

Credibility

[manu0601]

The story is credible, but after the make up of Irak's WMD, I still have trouble to consume US accusations on other countries.