Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Spies and Hackers: Russians Sanctioned by US

From Russia’s most powerful security agencies to obscure firms with meaningless names, here is a look at the entities sanctioned by the United States for alleged hacking targeting November’s presidential election.

From Russia’s most powerful security agencies to obscure firms with meaningless names, here is a look at the entities sanctioned by the United States for alleged hacking targeting November’s presidential election.

– Intelligence agencies –

The Main Intelligence Directorate (GRU) of the Russian military is arguably Russia’s most secretive agency, and has neither a website nor a press office.

The agency was established right after the Bolshevik Revolution and today is run from a state-of-the-art compound built under Putin in 2006 in north-western Moscow.

The GRU has been headed since February by Igor Korobov, who took over following the death of previous chief Igor Sergun. Korobov, who was also sanctioned as an individual, had been Sergun’s deputy before 2016. Three of his deputies are also on the sanctions list.

Russia’s Federal Security Service (FSB) is the country’s most powerful security agency. The FSB emerged from the domestic branch of the Soviet-era KGB to become Russia’s main internal intelligence agency after the collapse of the USSR.

Putin, a former KGB officer, headed the FSB under Boris Yeltsin and the agency has grown in power and prestige ever since he moved to the Kremlin.

The sprawling agency is headquartered at the iconic Lubyanka building in central Moscow and reports directly to Putin. Since 2008 it has been headed by Alexander Bortnikov.

Advertisement. Scroll to continue reading.

It has its own academy and a vast budget that is mostly classified.

– Associated firms –

The three firms which the US accuses of assisting the GRU-led hack are Special Technology Centre (STLS), Zorsecurity (Esage Lab) and Professional Association of Designers of Data Processing Systems (ANO PO KSI), Obama said.

STLS says on its website it produces radio signal direction finding equipment, which is often used by security services to locate equipment like mobile phones.

Reports have also indicated the firm is the manufacturer of the Orlan drone, which are used by the Russian military and have been shot down in eastern Ukraine, according to Kiev.

Zorsecurity was founded by Alisa Shevchenko, a female hacker who also goes by the cyber name Esage.

A 2014 Forbes profile of her said Shevchenko’s speciality was helping companies find vulnerabilities. In 2014, US software giant Microsoft acknowledged she helped locate a vulnerability and thereby protect its customers.

On Friday, Shevchenko said on her Twitter blog that she was dumbfounded that her “little simple company (closed long ago at that) could possibly appear on the same list with the FSB and international terrorists.”

The Professional Association of Designers of Data Processing Systems is a research and development firm based near Moscow that produces various microelectronic and scanning equipment, including the digital ballot boxes used in Russian elections.

– Most wanted hackers –

Additionally the US Treasury has imposed sanctions on Russian nationals Yevgeny (Evgeniy) Bogachev and Aleksey Belan who have long been on the FBI’s most wanted lists and who are not known to have Russian government connections.

Bogachev, also known by various online nicknames like “Slavik”, is wanted for administering a scheme that infected US computers with malware known as Zeus to steal bank information, with victims ranging from banks to a Native American tribe.

The virus was later modified as GameOver Zeus (GOZ) and resulted in financial losses of over $100 million after infecting up to a million computers.

The FBI has offered a reward of $3 million for information leading to arrest of Bogachev, whom the FBI describes as “one of the worlds worst” cyber criminals and who reportedly resides in Russia’s Black Sea coastal town of Anapa.

Aleksey Belan is a Russian citizen residing in Latvia who is wanted by the FBI for hacking three US e-commerce companies to steal data from millions of accounts to sell to criminals.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...