America sanctions IT firms with links to Russian Intelligence

Goatman

ADC
Book Reviewer
For people who have an interest in IT Security, ....amazing what you find sculling about....this US Treasury Press release is 6 days old.....apologies if there is another thread covering this, which I may have missed.

Washington seeks to expose Russian intelligence activity


SOURCE : U.S Treasury Press Release dtd 15 April

[U.S ] Treasury’s first use of the E.O. of April 15, 2021 targets companies operating in the technology sector of the Russian Federation economy that support Russian Intelligence Services. The following companies are designated for operating in the technology sector of the Russian Federation economy:

  • ERA Technopolis;
  • Pasit, AO (Pasit);
  • Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA);
  • Neobit, OOO (Neobit);
  • Advanced System Technology, AO (AST); and
  • Pozitiv Teknolodzhiz, AO (Positive Technologies).

ERA Technopolis is a research center and technology park funded and operated by the Russian Ministry of Defense. ERA Technopolis houses and supports units of Russia’s Main Intelligence Directorate (GRU) responsible for offensive cyber and information operations and leverages the personnel and expertise of the Russian technology sector to develop military and dual-use technologies.

Pasit is a Russia-based information technology (IT) company that conducted research and development in support of Russia’s Foreign Intelligence Service’s (SVR) malicious cyber operations.

SVA is a Russian state-owned research institute specializing in advanced systems for information security located in Russia. SVA conducted research and development in support of the SVR’s malicious cyber operations.

Neobit is a Saint Petersburg, Russia-based IT security firm whose clients include the Russian Ministry of Defense, SVR, and Russia’s Federal Security Service (FSB). Neobit conducted research and development in support of the cyber operations conducted by the FSB, GRU, and SVR. Neobit was also designated today pursuant to cyber-related E.O. 13694, as amended by E.O. 13757, WMD-related E.O. 13382, and the Countering America’s Adversaries Through Sanctions Act (CAATSA) for providing material support to the GRU.

AST is a Russian IT security firm whose clients include the Russian Ministry of Defense, SVR, and FSB. AST provided technical support to cyber operations conducted by the FSB, GRU, and SVR. AST was also designated today pursuant to E.O. 13694, E.O. 13382, and CAATSA for providing support to the FSB.

Positive Technologies is a Russian IT security firm that supports Russian Government clients, including the FSB. Positive Technologies provides computer network security solutions to Russian businesses, foreign governments, and international companies and hosts large-scale conventions that are used as recruiting events for the FSB and GRU. Positive Technologies was also designated today pursuant to E.O. 13694, E.O. 13382, and CAATSA for providing support to the FSB.
'
The Russian Intelligence Services — specifically the Federal Security Service (FSB), Russia’s Main Intelligence Directorate (GRU), and the Foreign Intelligence Service (SVR) — have executed some of the most dangerous and disruptive cyber attacks in recent history, including the SolarWinds cyber attack. The FSB and GRU were previously sanctioned in 2016, and again in 2018, for malicious cyber activity, and most recently on March 2, 2021 for activities related to the proliferation of weapons of mass destruction (WMD).

The FSB was involved in the August 2020 poisoning of Aleksey Navalny with a chemical weapon, specifically a nerve agent known as Novichok. The GRU also engaged in activities that materially contributed to the possession, transportation, and use of Novichok related to a March 2018 poisoning in the United Kingdom.

The FSB has also used its cyber capabilities to target Russian journalists and others who openly criticize the regime, as well as U.S. government personnel and millions of private citizens around the world. To bolster its malicious cyber operations, the FSB cultivates and co-opts criminal hackers, including the previously designated Evil Corp, enabling them to engage in disruptive ransomware attacks and phishing campaigns.

The GRU’s malign cyber activities include deployment of the NotPetya and Olympic Destroyer malware; intrusions targeting the Organization for the Prohibition of Chemical Weapons and the World Anti-Doping Agency; cyber attacks on government systems and critical infrastructure in Ukraine and the state of Georgia; and hack-and-leak operations targeting elections in the United States and France.

In addition, the Russian Intelligence Services’ third arm, the SVR, is responsible for the 2020 exploit of the SolarWinds Orion platform and other information technology infrastructures. This intrusion compromised thousands of U.S. government and private sector networks. The scope and scale of this compromise combined with Russia’s history of carrying out reckless and disruptive cyber operations makes it a national security concern. The SVR has put at risk the global technology supply chain by allowing malware to be installed on the machines of tens of thousands of SolarWinds’ customers. Victims of the compromise include the financial sector, critical infrastructure, government networks, and many others. Further, this incident will cost businesses and consumers in the United States and worldwide millions of dollars to fully address.

Additionally, the SVR stole “red team tools,” which mimic cyber attacks to help customers better protect themselves, from a U.S. cyber security company. These tools, if made public or used offensively by the SVR or other actors, would create additional opportunities for malign actors to target computer systems worldwide.

The private and state-owned companies designated today enable the Russian Intelligence Services’ cyber activities. These companies provide a range of services to the FSB, GRU, and SVR, ranging from providing expertise, to developing tools and infrastructure, to facilitating malicious cyber activities.

SANCTIONS IMPLICATIONS

As a result of today’s action, all property and interests in property of the designated persons described above that are in the United States or in the possession or control of U.S. persons are blocked and must be reported to OFAC. In addition, any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked. Unless authorized by a general or specific license issued by OFAC, or exempt, OFAC’s regulations generally prohibit all transactions by U.S. persons or within (or transiting) the United States that involve any property or interests in property of designated or otherwise blocked persons. The prohibitions include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any blocked person or the receipt of any contribution or provision of funds, goods, or services from any such person. '
 

ches

LE
Its about time. This has been an active threat to the west (inc UK) since 14/15 maturing during the Brexit debacle & the 2016 US election. The US aspect of it almost completely ignored by the Trump administration.
 

AlienFTM

MIA
Book Reviewer
IBM have three centres in Russia. I do hope they're on the ball.
 
Its about time. This has been an active threat to the west (inc UK) since 14/15 maturing during the Brexit debacle & the 2016 US election. The US aspect of it almost completely ignored by the Trump administration.

I'm reading a book about Trump and his Russian connection. He has been up their arrse's for years, their Mafia and their politicos, which are really one and the same thing once you start following the family tree of inter-related connections. Like many things though, whilst the administration was ignoring the problem I reckon that the three letter agencies were still working on it, just not able to do anything overt.

IBM have three centres in Russia. I do hope they're on the ball.

Interesting to know. When the wife was at B*rcl*ys they stuck their nose into Russia with a view to doing business there and were royally conned. Paid for operating licences (millions), etc, then in due course enquired about receiving the documentation, were referred to another department and were told there was no record of any licensing payment having been made.

My biggest whinge about former Sov and the Chinese came about when I started observing who the post-grad students at uni in the UK were. After GW1 we still had Iraqi students, at my place a few of them were loudly, and openly supporting Saddam. Then there were, and still are nowadays the Chinese and Russian students, who all have log ons to the UK academic net. And, like the ones on my own post-grad cohort were given log ons to govt based systems for their research.

On the one hand there may be sanctions on material goods, but on the other hand they are being taught in western universities.........because they are paying. There needs to be a bit more of a look at what the sanctions actually affect.
 

Goatman

ADC
Book Reviewer
Deeply buried in that US Treasury piece there is a line concerning American financial institutions underpinning the Russian Rouble ( or rather ceasing to after June 2021.....)

Even as pure economic muscle slowly beheaded the lurching Soviet zombie state, it looks like los banditos Yanqis are planning to pull the rug from under Tsar Vlad The Improbable's feet.

Huzza - more champagnski there Charlie!


1619449502268.png
 

Latest Threads

Top