Fallout In Russia : One Suspicious Death & Three Cyber Spies Arrested

Uploaded on 2017-02-10 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, NEWS-Cybersecurity News

In the eerie world of international espionage, nothing of late has topped the official US accusation that Russian president Vladimir Putin plotted to put US president Donald Trump in power.

Now, the tale has become even more salacious with the reported arrest of three Russian cyber experts, one of whom was perp-walked out of a meeting with a bag over his head, and the suspicious death of a former KGB general.

Russia experts say the episode suggests a possible purge related to the US election hack. In a twist of Kremlinology, others say Putin may only be pretending to have arrested and killed cyber operatives. 

Or, others say, neither observation may be true. “Can we really trust Russian news?” asks Dave Aitel, a former analyst with the US National Security Agency, and now CEO of Immunity, a cyber intrusion protection firm.

The story of the arrests appears to have broken at the Russian newspaper Kommersant on Jan. 25. The paper reported (link in Russian) the arrests of Sergei Mikhailov, who heads the Center for Information Security, an arm of the Russian intelligence agency known by the acronym FSB; and Ruslan Stoyanov, a senior researcher with Kaspersky Lab, the computer security company.

Both men were last seen the first week of December. The independent newspaper Novaya Gazeta reported that (Russian), in a Stalin-style touch, a bag was suddenly thrown over Mikhailov’s head during a meeting of fellow intelligence officers, and he was led out. Mikhailov has not been seen since. The third arrest was of Dmitry Dokuchayev, a hacker known by the name “Forb.”

In all three cases, the charge is treason, according to Russian news accounts.

From here, the story gets hazy. One way or another, the arrests, according to the Russian media accounts, are linked to the country’s hacking of the US election. 

One suggestion is that those arrested are among the sources that led US intelligence agencies to conclude categorically that Russia hacked the election, that Putin ordered the hack, and that the objective was to help Trump.

Russian media suggest that one or more of the trio either leaked details of Russia’s role directly to American intelligence, or to Christopher Steele, the former British spy believed to have compiled the so-called Trump dossier. 

The dossier is a 35-page memo that suggested various links between Trump and Russia, involving information that allegedly made him vulnerable to extortion.

Which leads to the Dec. 26 death of a former KGB general named Oleg Erovinkin. An initial news account at the Russian website Life.ru said Erovinkin had been killed, shot twice in the head. That version quickly morphed into vaguer accounts of a death-under-investigation.

But the larger interesting fact related to Erovinkin’s death was that Steele’s memo cites a source close to Igor Sechin, the Putin intimate and chairman of Rosneft. And Erovinkin, a long-time senior aide to Sechin, must be that source, a number of the news accounts speculate. Thus, according to these news accounts, there is a link between the Steele memo and Erovinkin’s death.

A big question is why the Kremlin, given its controls over almost all the country’s media, wanted this news out. Among the guesses is that the Kremlin wants firmer confirmation for the US, and perhaps the world, that it in fact did hack the US election.

Aitel, the cyber expert, says the answer is simpler, that the news was “too big not to leak. It is not going to go unnoticed that Kaspersky’s lead researcher went missing.”

DefenseOne:            Cyber Strikeback: Putin’s Aide Hacked:


 

 

« Yahoo Spins A Cautionary Tale Dealing With Data Privacy
Who Owns The Data From The IoT? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

SecWest

SecWest

SecWest is the organizer of CanSecWest, PACSEC, originator of PWN2OWN, security auditing, and virtual engagement/training.

Digital Infrastructure Association (DINL)

Digital Infrastructure Association (DINL)

DINL is the leading representative for companies and organisations which are active within the Dutch digital infrastructure sector.

4iQ

4iQ

4iQ fuses surface, social, deep and dark web sources to research and assess risks to people, infrastructure, intellectual property and reputation.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

Cyjax

Cyjax

Cyjax monitors the Internet to identify the digital risks to your organisation, including cyber threats, reputational risks and the Darknet.

G DATA CyberDefense

G DATA CyberDefense

G Data developed the world's first antivirus software. We now ensure the security of small, large and medium-sized companies all over the world.

Sphonic

Sphonic

Sphonic provides regulated institutions of any size a powerful compliance & risk platform to quickly and securely onboard new customers and manage ongoing AML and Fraud & Risk trends.

LibraSoft

LibraSoft

Librasoft creates solutions to protect information from external and internal threats.

Searchlight Cyber

Searchlight Cyber

Searchlight Cyber is a leading darknet intelligence company. Working with law enforcement, industry, and end users to help protect society against the threats of the darknet.

HackNotice

HackNotice

HackNotice Teams is an all-in-one encompassing tool that monitors threats within your organization, different vendors, and third parties whose services you use.

Digistor

Digistor

Digistor is a leading manufacturer of industrial-grade flash storage products, secure storage products, and Removable Secure Data Storage.

Zorus

Zorus

Zorus provides best-in-class cybersecurity products to MSP partners to help them grow their business and protect their clients.

TokenEx

TokenEx

TokenEx Cloud Security Platform protects sensitive data to strengthen our clients' security postures while future-proofing their operations.

TempoCap

TempoCap

TempoCap is a European growth-stage technology fund with offices in London and Berlin. We invest across a variety of high- growth sectors including cybersecurity.

Allstate Identity Protection

Allstate Identity Protection

Allstate make it easy to provide complete identity protection, so everyone can live more confidently online.

Open Cybersecurity Alliance (OCA)

Open Cybersecurity Alliance (OCA)

OCA is building an open ecosystems where cybersecurity products interoperate without the need for customized integrations. We're making standards-based interoperable cybersecurity a reality.