It was a concerted effort that began with the large-scale invasion of Russia on February 24, 2022 and has not let up since: Pro-Ukrainian hackers have targeted Russian government agencies and companies, collecting classified information and passing it on to Ukrainian security and security agencies passed on to intelligence forces.

There are discrepancies in the total number of breaches and leaks reported in the last 20 months. So far this year, Roskomnadzor, Russia’s digital regulator, has identified 150 major leaks, while Kaspersky Lab, a Russian cybersecurity firm, reported 168 leaks totaling around 2 billion lines of data, including 48 million containing top-secret passwords.

After the Russian invasion, numerous hackers around the world expressed their solidarity with Ukraine and took action. “My colleagues and I work on the principle: ‘If something can be hacked, then it must be hacked,’” said a representative of the Cyber.Anarchy.Squad group. “We believe in targeting everything that is accessible, especially if it is significant in defeating the enemy.”

“BlackBird”, one of the founders of the DC8044 community, explained that the main goal of the hack of Russian companies was to obtain data useful to the Ukrainian security forces.

“The personal information collected by our groups is typically shared with security forces,” he said. “They collect and analyze this information to effectively support their operations.”

Hackers also work closely with the Ukrainian intelligence services: they are involved in reconnaissance, sabotage and information operations. Andrey Baranovich, co-founder of the Ukrainian CyberAlliance group, said: “If we spend 24 hours hacking something, our victims should spend at least a week recovering, and in the optimal case the victim should not recover at all.”

Hackers agree that known leaks are just the tip of the iceberg; In most cases, after hackers gain access to data, they try not to disclose the information publicly so that the hacked organization cannot respond. “Some databases that hackers already have access to are constantly becoming saturated with large amounts of new data, and spitting it out publicly means losing that access,” BlackBird says.

How vulnerable is Russia to hacker attacks?

Data breaches become public when hackers want to harm an enemy or build a reputation. Of course, data is also sold for money – to spammers, fraudsters and data aggregators. “We sell and leak data all the time,” admits Michael Myers, a member of the hacker group UHG. “We are primarily trying to help our military personnel, but we also need to fund our technical operations.”

Obviously, all other things being equal, the more people use the Internet and leave their data there, the more data leaks will occur. Russia is among the world leaders in internet use, and the COVID-19 pandemic has only increased this dependence.

The West’s economic sanctions are not making things easier for Moscow: many Western IT companies whose anti-hacking solutions were previously purchased by Russian companies – Cisco, IBM, Imperva, Fortinet, Norton, Avast – have restricted their activities in Russia or set.

“If Russian companies could previously afford to use the largest, most well-known and proven anti-hacking software, now they have to improvise,” notes an expert who wished to remain anonymous.

“The fact that Russia is extremely dependent on Western technologies, which are now incredibly difficult to obtain without manufacturers, makes hacking Russia all the easier,” notes Baranovich of the Ukrainian Cyber ​​Alliance.

How does Russia fight hackers?

In theory, Roskomnadzor, Russia’s media and information technology agency, is tasked with protecting personal data. This is an otherwise very active government agency: it blocks opposition sites, enforces censorship in Russia, examines ways to shield Russian networks from outside attacks, and even ensures that Vladimir Putin is not called offensive names. Due to the scale of the tasks, there are simply no resources left to protect Russians’ personal data and the law does not provide any real assistance in this regard.

“The entire fight against leaks today consists of sending letters and feigning violent activity,” notes the information security expert. “Some meager fines are only imposed when a scandal breaks in the media.”

This is what protecting personal data looks like. Any operator of personal data – be it Russia’s leading Internet company Yandex or a regional pizza delivery service – must be entered into the operator register. There are now almost a million such companies. If a leak occurs, the company is obliged to notify Roskomnadzor, which usually initiates an investigation and then potentially forces the company to face administrative liability. The maximum fine is 100,000 rubles ($1,100).

Companies are afraid

The Ministry of Digital Development is currently preparing a draft law aimed at reducing the number of data breaches. It increases penalties for companies whose data has been leaked. For the first violation – 3-15 million rubles (33,000 – 170,000 US dollars), for a new violation – 3% of the company’s annual turnover, but not less than 15 million rubles and not more than 500 million rubles (5,500,000 US dollars -Dollar).

At the same time, the company can reduce the fine if it can reach an agreement with the majority of victims, including people whose data was leaked, and offer them compensation. This should be done through government services.

Business is traditionally afraid that officials will use it not for good, but for their personal interests

Roskomnadzor has proposed to introduce actual licensing of large operators of personal data (more than a million records) using the same law. The proposal involves moving to a licensing system where companies with more than a million records must meet certain criteria. These criteria include hiring at least five people with higher education in information security, demonstrating the ability to pay large fines, and restricting data processing to within Russia. Roskomnadzor would then conduct an assessment of the company’s IT infrastructure to determine whether it is adequately protected.

Although this all sounds reasonable, business has traditionally feared that, having received leverage in the form of heavy fines and licenses, officials will use it not for good, but rather for their own personal interests – economic or otherwise .

“Such a law encourages officials to try to increase the number of fines instead of stopping leaks,” the cybersecurity expert concludes.

From your website articles

Related articles on the Internet

Source :

Leave a Reply

Your email address will not be published. Required fields are marked *