Russia reports increase in cyber-attacks by Western special services

Just as Western governments are concerned about Chinese or Russian state hackers, the Kremlin worries that its government agencies are under increasing western attack, and is concerned about skill shortages in government.

Kremlin concerned that use of western IT is a security vulnerability
Kremlin concerned that use of western IT is a security vulnerability

There has been a significant increase in the number of cyber-attacks conducted by foreign special services on web-servers at Russian state bodies and critical infrastructure since the beginning of the current year, according to recent statements by Nikolai Patrushev, a Secretary of the Russian Security Council, (a consultative body that formulates the Russian President's policies on national security issues).

According to Patrushev, despite repeated warnings to desist, the majority of Russian officials continue to use Western IT-services in their work, a practice which is claimed to be associated with a high threat of information leakage and which opens up the possibility of a remote blockade of their work from abroad.

Patrushev adds that the level of knowledge, skills and abilities of officials responsible for IT security in the Russian state bodies remains poor, with only six percent having specifically studied information security.

Since the beginning of the current year Russian state agencies and bodies have suffered more than 10 million cyber-attacks.

An example was an attack on the web-server of Russia's President Vladimir Putin, (at the end of last year), which resulted in denial of service lasting several hours on the Kremlin's web-servers. Dmitry Peskov, an official spokesman of Russia's President, told SCmagazineUK.com that the attack was conducted from abroad and was organised with the participation of the special services of some foreign states. Other details were not disclosed.

This official web-server of Russia's President has again been subject to cyber-attacks this year, however most attacks are reported to have been prevented by the Russian Federal Security Service at their initial stage.

According to Ilya Sachkov CEO of Group-IB, a Russian private company which specialises in investigation of cyber-crimes, the primary motives for hackers attacking the web-servers of Russian state bodies is for cyber-espionage, as well as for propaganda.

Also, the number of cyber-attacks for political purposes has increased in recent years. The majority of these are DDoS attacks, however there has also been an increase in other types of cyber-attack.

While the extent of US surveillance activity was revealed by Snowden, and the Stuxnet attack on an Iranian nuclear power station is widely understood to have been a US/Israeli operation, western governments have yet to admit offensive cyber-activity - though the UK has formally accepted it as a legitimate option. And approved language that defines cyberspace as a domain of war. Similarly, Russia and China have denied conducting such operations despite evidence to the contrary. However, it is generally assumed that all governments with the capability to do so currently engage in cyber-espionage.

Sergey Stepanichev, a senior analyst of NPO Energia, a Russian IT company which designs anti-virus software, told SC that the sophistication of cyber-attacks is constantly improving and it is expected that their numbers will significantly increase prior to September elections to the Russian Parliament (State Duma).

Stepanichev has also reiterated that simple installation of anti-virus software is no longer enough to deal with the range of cyber-threats faced, while modern IT security system at state organisations involves building a   monitoring system and the system of  information exchange on cyber threats.