Fallout In Russia : One Suspicious Death & Three Cyber Spies Arrested

Uploaded on 2017-02-10 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, NEWS-Cybersecurity News

In the eerie world of international espionage, nothing of late has topped the official US accusation that Russian president Vladimir Putin plotted to put US president Donald Trump in power.

Now, the tale has become even more salacious with the reported arrest of three Russian cyber experts, one of whom was perp-walked out of a meeting with a bag over his head, and the suspicious death of a former KGB general.

Russia experts say the episode suggests a possible purge related to the US election hack. In a twist of Kremlinology, others say Putin may only be pretending to have arrested and killed cyber operatives. 

Or, others say, neither observation may be true. “Can we really trust Russian news?” asks Dave Aitel, a former analyst with the US National Security Agency, and now CEO of Immunity, a cyber intrusion protection firm.

The story of the arrests appears to have broken at the Russian newspaper Kommersant on Jan. 25. The paper reported (link in Russian) the arrests of Sergei Mikhailov, who heads the Center for Information Security, an arm of the Russian intelligence agency known by the acronym FSB; and Ruslan Stoyanov, a senior researcher with Kaspersky Lab, the computer security company.

Both men were last seen the first week of December. The independent newspaper Novaya Gazeta reported that (Russian), in a Stalin-style touch, a bag was suddenly thrown over Mikhailov’s head during a meeting of fellow intelligence officers, and he was led out. Mikhailov has not been seen since. The third arrest was of Dmitry Dokuchayev, a hacker known by the name “Forb.”

In all three cases, the charge is treason, according to Russian news accounts.

From here, the story gets hazy. One way or another, the arrests, according to the Russian media accounts, are linked to the country’s hacking of the US election. 

One suggestion is that those arrested are among the sources that led US intelligence agencies to conclude categorically that Russia hacked the election, that Putin ordered the hack, and that the objective was to help Trump.

Russian media suggest that one or more of the trio either leaked details of Russia’s role directly to American intelligence, or to Christopher Steele, the former British spy believed to have compiled the so-called Trump dossier. 

The dossier is a 35-page memo that suggested various links between Trump and Russia, involving information that allegedly made him vulnerable to extortion.

Which leads to the Dec. 26 death of a former KGB general named Oleg Erovinkin. An initial news account at the Russian website Life.ru said Erovinkin had been killed, shot twice in the head. That version quickly morphed into vaguer accounts of a death-under-investigation.

But the larger interesting fact related to Erovinkin’s death was that Steele’s memo cites a source close to Igor Sechin, the Putin intimate and chairman of Rosneft. And Erovinkin, a long-time senior aide to Sechin, must be that source, a number of the news accounts speculate. Thus, according to these news accounts, there is a link between the Steele memo and Erovinkin’s death.

A big question is why the Kremlin, given its controls over almost all the country’s media, wanted this news out. Among the guesses is that the Kremlin wants firmer confirmation for the US, and perhaps the world, that it in fact did hack the US election.

Aitel, the cyber expert, says the answer is simpler, that the news was “too big not to leak. It is not going to go unnoticed that Kaspersky’s lead researcher went missing.”

DefenseOne:            Cyber Strikeback: Putin’s Aide Hacked:


 

 

« Yahoo Spins A Cautionary Tale Dealing With Data Privacy
Who Owns The Data From The IoT? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CloudHesive

CloudHesive

CloudHesive provides cloud solutions through consulting and managed services with a focus on security, reliability, availability and scalability.

Patchstack

Patchstack

Patchstack (formerly WebARX) is a web application security platform, which allows digital agencies and developers to monitor, protect and maintain their websites.

ThreatQuotient

ThreatQuotient

ThreatQuotient delivers an open and extensible threat intelligence platform to provide defenders the context, customization and collaboration needed for increased security effectiveness.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

H-11 Digital Forensics

H-11 Digital Forensics

H-11 Digital Forensics is a global leader of digital forensic technology.

Joint Accreditation System of Australia and New Zealand (JASANZ)

Joint Accreditation System of Australia and New Zealand (JASANZ)

JASANZ is the joint national accreditation body for Australia and New Zealand. The directory of members provides details of organisations offering certification services for ISO 27001.

Learn How To Become

Learn How To Become

At LearnHowToBecome.org, our mission is to help any job-seeker understand what it takes to build and develop a career. We cover many specialist areas including cybersecurity.

Vaadata

Vaadata

Vaadata are experts in ethical hacking. We secure your web, mobile and IoT platforms.

US Cyber Range

US Cyber Range

US Cyber Range is a scalable, cloud-hosted infrastructure providing students with virtual environments for realistic, hands-on cybersecurity labs and exercises.

Polaris Infosec

Polaris Infosec

Polaris Web Presence Protection (WPP) is powered by our proprietary artificial intelligence and machine learning engine to ensure that attacks are stopped before they affect your business.

TwoThreeFour

TwoThreeFour

ThreeTwoFour provide tailored cyber security solutions, delivered by highly-skilled, experienced consultants who respond to the real needs of you and your business.

eaziSecurity

eaziSecurity

eaziSecurity has built an eco-system of technology and services that bring enterprise scale security solutions to the SME marketplace.

Recon InfoSec

Recon InfoSec

The Recon InfoSec team includes analysts, architects, engineers, intrusion specialists, penetration testers, and operations experts.

RealDefense

RealDefense

RealDefense develops and markets various privacy, security and optimization technologies and services for consumers and small businesses.

RevEng.AI

RevEng.AI

RevEng.AI is designed to rigorously validate the integrity of software supply chains at a binary level, ensuring uncompromising security and trustworthiness in digital ecosystems.

Fisch Solutions

Fisch Solutions

Fisch Solutions offer IT Support & Cybersecurity for small to mid-sized businesses, government, and not-for-profit organizations in the New York, New Jersey, Connecticut tri-state area and beyond.