147057 stories

6:09 AM 12/6/2021 - Current News Review

1 Share

1:38 PM 10/6/2020 -  Major hurricane brews in Gulf of Mexico, threatens Louisiana, Florida Hopes of a ceasefire fading in Nagorno-Karabakh amid flare-up of violence A Harvard professor has claimed, without providing a single shred of evidence, that Russian intelligence agents were able to gain access to Walter Reed hospital where President Trump recovered from coronavirus over the weekend. New Mexico Democrat Starred in Pornos Saved Stories and Video News Review Saved Stories  |  Page  |  Links  |   News Playlist on YouTube     Saved Stories  |  Page  |  Links __________________________________________________ Saved Stories - None   Нагорный Карабах: новое наступление Snorkeling in Puerto Rico Trumps covid-19 diagnosis gives him one last chance to reset his campaign Суд оправдал нового премьера Киргизии, сидевшего за захват заложника Россия Армения: экономическая игра в одни ворота ОЗХО подтвердила отравление Навального "Новичком" Major hurricane brews in Gulf of Mexico, thr

Read the whole story
1 day ago
Share this story

Criminal hackers are now going after phone lines, too

1 Share

Criminal groups have been sending threatening messages in the past couple of months to companies that manage broadband phone services all over the world, promising they'll flood the digital phone lines with traffic and take them offline unless victims pay a ransom.

What those extortionists have discovered is that the number of phone calls that take place at least partially over the internet has quietly and dramatically increased over recent years — and there's a lot at stake when major providers go down.

Like landline providers, companies that manage digital phone calls, also known as voice over internet protocol (VoIP) services, are required to transmit audio in real time, facilitating personal, business and even emergency calls.

It's probably a bigger part of our lives than many people realize. It's much cheaper and often more accessible and scalable, a staple of working from home during the coronavirus pandemic. Small companies and people living overseas might have been using purely digital phone lines for years to reach customers, friends and family abroad. Large carriers and telecommunication companies often use VoIP to handle calls or connections between providers, while smaller carriers are routing tens of thousands of simultaneous calls over the internet. Call center companies handle over 1 million digital calls a day.

But if those companies that manage digital phone lines come under attack by a tsunami of fake callers, the behind-the-scenes mechanisms for beaming voices online begins to crumble fairly quickly.

"The challenge is that when you put all of the phone system on the internet, it exposes it to all of the other things that can go wrong on the internet," says Matthew Prince, CEO and co-founder of Cloudflare, a company that provides protection against the kinds of attacks currently hitting internet phone providers.

The digital telecommunications industry is scrambling to gird against attacks

Prince and other security providers who focus on digital communications started noticing an uptick in attacks on VoIP services this fall. Specialists on forums for network operators started posting about the attacks, discussing what to do.

"In layman's terms, people are freaking out," says Fred Posner, a VoIP security specialist.

While providers' themselves are mostly keeping quiet about these attacks, issuing terse email updates and sometimes social media posts to inform their customers about repeated outages, the security experts working with them are noticing a collective shift in mindset. Several of the experts interviewed by NPR agreed that the digital telecommunications industry was unprepared for this latest onslaught and has been forced to rethink their defensive strategy in a hurry. It's not just the big banks or major corporations in the sights of criminal hackers — it's everyone and anyone who can and will pay to get their businesses back online.

"I think the point that we're at right now is what we see is that there's a sort of huge spectrum in terms of preparedness: from organizations that don't know about the problem and are prepared, to organizations that know about the problem but aren't able to invest or are willing to invest because they don't think it relates to them," says Jen Ellis, vice president of community and public affairs for cybersecurity firm Rapid7 and who also served on the Ransomware Task Force, a public-private sector collaboration.

These extortionists don't actually have to hack victims to be a threat

That collective panic kickstarted when the digital communications provider <a href="http://Bandwidth.com" rel="nofollow">Bandwidth.com</a> got hit by a digital extortion campaign in late September, Posner says. Previous attacks had targeted smaller providers, but Bandwidth was the biggest company yet to suffer a DDoS, or "distributed denial of service," attack. While companies like Bandwidth expect a certain amount of legitimate traffic from users trying to make calls and send text messages, a DDoS attack involves bad actors directing a gargantuan number of illegitimate digital requests to its servers, overwhelming their ability to respond.

"I spent my career building big chunks of internet infrastructure, and I'm here to tell you that the internet really is just a series of tubes and those tubes have a certain amount of capacity," says Prince of Cloudflare.

The criminals involved in these recent VoIP attacks are financially motivated. But unlike when major companies like Colonial Pipeline were hacked and held ransom, these attackers don't actually have to hack into their victims to hold their services hostage. Merely weaponizing digital traffic is enough to at least temporarily disrupt a company's ability to operate.

According to Allan Liska, an intelligence analyst at threat intelligence firm Recorded Future, this method of combining ransom threats with DDoS attacks, has been around since at least 2019. Back then, the extortionists often didn't follow through on their threats to pummel victims with illegitimate traffic, because it was tough to reach the volume of signals required. "They weren't actually backed up," he says. But in recent months, some of these criminals have realized it doesn't actually take that much traffic to disrupt the specialized protocols involved in transmitting audio in real time.

The internet wasn't initially designed to be a conduit for real-time voice, text and video communication, according to the security experts. That's because, in order to have a seamless conversation, each bit of audio has to arrive at exactly the right time or else the conversation won't make sense — whereas a website's contents can load in any order. When you speak into the receiver to make a digital call, the audio is translated into tiny packets of digital information and then transformed back on the receiver.

Sandro Gauci, a security expert who helps communications companies patch flaws in their systems, says a digital call requires approximately one packet of data to be sent around every 20 milliseconds for a phone call to function properly.

"As soon as you have a little bit of downtime, the system stops working right ... and since it's meant to be real time, this is a huge problem," Gauci says. "Our clients, if they are service providers, they are really concerned about denial of service because it makes them lose money every second their system is down."

That's exactly what the attackers have figured out how to do.

"It's continuing to escalate," says Liska. "And you know, one of the things about cybercriminals is they're copycats. If you see something that works very quickly, other groups are going to copy it."

Cybercriminals are claiming to be part of infamous hacking groups like Fancy Bear

Based on interviews with experts responding to these attacks, as well as a ransom note provided to NPR, attackers have falsely claimed to be part of well-known hacking groups such as Russia's Fancy Bear, which was tied by security firms to 2016 U.S. election interference activities, and REvil, a now infamous criminal ransomware group. Liska notes this is a popular tactic to convince victims that their tormentors are legitimate and make them more likely to pay.

"They are adopting names of well-known threat groups in the hopes of inspiring more fear," he says.

While providers have not shared information about whether or not they have considered paying ransoms to the attackers, many have had at least temporary success recovering from the attacks. But that doesn't mean the disruptions haven't had real impacts already.

Chet Wisniewski, principal research scientist at the security firm Sophos, moved to Vancouver, Canada, years ago and decided to switch to using VoIP full time in order to connect with friends and family in a more affordable way. Over the past couple weeks, he's seen an error screen on his handset, sometimes for hours at a time.

"Like everyone else, you know, we all rely on our mobile phones," Wisniewski says. "And I can't imagine the disruption, you know, to a business that relies on this service if their phones are unreliable for their sales teams and tech support and things like that. It'd be a real disaster."

The worst impact of a major telecommunications disruption would be the inability to call emergency services. Security experts tell NPR that at least some of the disruptions to major broadband providers have had a limited impact on 911 calls. The communications sector is listed by the Department of Homeland Security's cyberagency, CISA, as a part of critical infrastructure because it serves an "enabling function" to connect businesses, individuals, emergency services and governments, particularly in a crisis.

"Gosh, if there were going to be a kinetic war with an adversary — Russia, North Korea, Iran, whatever — look how fragile this is that some probably teenage kids with a botnet are able to take out major communication providers and demand ransoms from them," Wisniewski says. "What if it was a sophisticated, well equipped adversary like a nation state could wipe out our communication in minutes?"

The FBI was given the authority in recent years to disrupt botnets, which are essentially zombie armies of compromised devices that attackers use to flood their victims with traffic. It's possible those kinds of authorities would be helpful in going after these criminal groups. Reportedly, AT&T announced it has "taken steps to mitigate" a botnet that targeted thousands of VoIP servers within its network, though it's unclear whether that botnet was designed to launch denial of service attacks or for another purpose.

However, finding the extortionists is a real challenge. Most of the criminal groups demanding ransoms from broadband providers want payment in the digital currency Bitcoin to help cloak their identities.

Posner, the VoIP expert, says he's been thinking a lot over the past month about what needs to be done to defend the communications sector. "First of all, clearly there needs to be some law enforcement," he says. "These attacks are clearly violating existing laws, and there are few, if any, arrests or repercussions from these attacks. So it would be great if there could be some dedicated resources to help protect our infrastructure."

On the other side, companies are going to have to come up with a response plan. "From my end, it seems that more preparation is necessary," says Gauci, the security expert.

"More testing security testing is important," he says, "because you want to know where you stand and if your security protection mechanisms are actually working and if they are introducing new problems for you or not, and how you are able to recover." [Copyright 2021 NPR]

Read the whole story
1 day ago
Share this story

Who Is Ilya Sachkov, Russian Cyber CEO Linked to 2016 Election Fancy Bear Leaks?

1 Share

At a business awards ceremony in February 2019 at the Kremlin, a young cybersecurity entrepreneur named Ilya Sachkov chatted with Russian President Vladimir Putin. As cameras rolled, Sachkov invited Putin to visit the Moscow offices of his company, Group-IB, to see its powerful antihacking technologies firsthand. “You’ll definitely be astonished,” he said.

It was the height of Sachkov’s success. He’d started Group-IB as a college student and built it from a tiny consulting firm into one of Russia’s most prominent security businesses. The company had hundreds of employees and was trying to expand into the U.S., Europe, the Middle East, and Asia. Sachkov traveled the world, cutting a glamorous figure in smartly tailored suits.

In a dramatic reversal of fortunes, the once-globetrotting executive is now languishing behind bars after being arrested in September and accused of treason. Sachkov, 35, denies the charges. He faces up to 20 years in a labor camp.

Details of the crimes Sachkov is accused of are shrouded in official secrecy. (Russian authorities don’t disclose specific charges in treason cases.) But interviews with a half-dozen people close to the case reveal that the surprise detention of Sachkov has links to one of the government’s most notorious hacking operations.

One of his alleged transgressions is that he gave information to the U.S. government regarding a hacking team in Russia’s GRU military intelligence service—dubbed “Fancy Bear” by U.S. cybersecurity companies—and its efforts to influence the 2016 U.S. presidential election, four of the people tell Bloomberg. The information Sachkov disclosed helped the U.S. government identify GRU agents involved in the hacking, three of the people say. The FBI declined to comment.

Bloomberg couldn’t determine whether those alleged acts are part of the official charges against Sachkov. Russian media has reported that the charges relate to a separate incident from 2014.

Interviews with people familiar with his case—including close associates, former Group-IB employees, and ex-Russian security officials who maintain close ties to the government—reveal that Sachkov worked in recent years to ingratiate himself with Western intelligence and law enforcement agencies. He sought to reduce his dependence on Group-IB’s Russian state contracts and to enter international markets, a risky game that made him a target of suspicion for both the U.S. and Russia.

Group-IB tells Bloomberg its work in fighting cybercrime has relied only on official agreements or requests from law enforcement agencies, not informal relationships. Sergei Afanasyev, Sachkov’s lawyer, declined to comment on any aspects of his case.

“In Putin’s eyes, the most serious problem is traitors,” says Tatiana Stanovaya, founder of the political consulting firm R.Politik and a nonresident scholar at the Carnegie Moscow Center. “He is full of hatred toward people who leak information.”

U.S. President Joe Biden is seeking greater help from Moscow to curb ransomware attacks and hunt cybercrime gangs operating from Russia. The prosecution of Sachkov doesn’t bode well for those efforts, says Christopher Painter, a former top U.S. cybersecurity official: “This sends a bad signal about cooperation with the U.S.”

Group-IB performs digital forensics and hacking investigations, among other services, and builds technologies that look for breaches deep within computer networks. Some of its most consistent clients have been state-controlled corporations in Russia, including the country’s top two banks, Sberbank and VTB, and Russian government bodies such as the space agency, the central bank, the interior ministry, and the investigative committee (Russia’s equivalent of the FBI). The company obtained a license to work with secret government information, according to two former Russian security officials and an ex-employee. Group-IB denies having such a license.

Dmitry Volkov, a co-founder and now chief executive officer of Group-IB, told Bloomberg in October that Russia accounted for more than half the company’s revenue last year and that he expected that to fall to 40% by the end of 2021. Despite Sachkov’s imprisonment, Volkov said, the company is still looking for a strategic foreign investor and is continuing with plans for an initial public offering on an international market.

Volkov said in late November that Sachkov built bridges with law enforcement agencies around the world “as he has always seen the company’s primary goal in fighting cybercrime worldwide and protecting the company’s customers.” Although Group-IB has the knowledge to identify and counter cybercriminals, Volkov said, “it’s only law enforcement agencies that are authorized to carry out justice and ensure that attackers are captured and no longer pose a threat to anyone. This has been Group-IB’s universal strategy in all the regions of our presence.”

Four months after the awards ceremony at the Kremlin, Group-IB moved its headquarters from Moscow to Singapore, furthering Sachkov’s ambition to build an international powerhouse. He set up offices last year in Amsterdam and Dubai. One way Sachkov sought to establish his credentials internationally was to work with Western law enforcement, four people with knowledge of the matter say.

Sachkov’s mother, Lyudmila Sachkova, described her son as strongly goal-driven and unafraid to take on responsibility, as well as having a head for research and “a keen sense of justice.” Her son was inspired to set up his cybersecurity business after reading a book by two former U.S. Air Force cyberagents, Incident Response: Investigating Computer Crime, she told Bloomberg in a written statement through Group-IB.

Under the umbrella of fighting cybercrime, Group-IB promotes on its website collaboration agreements with Interpol, Europol, and other foreign law enforcement agencies—routine partnerships for Western technology companies. But in courting foreign officials while continuing to do government work in Russia, Sachkov walked a dangerous tightrope.

He became entangled in a byzantine web of powerful Russian technologists and intelligence officials who’ve now been accused of treason, according to earlier accounts in Russian media and new reporting by Bloomberg.

A central figure is Sergei Mikhailov, 47, a former senior official with the Federal Security Service, or FSB—the main domestic successor to the Soviet-era KGB—who led investigations into cybercriminals in Russia. Mikhailov was arrested in Moscow in December 2016, one month after the U.S. presidential election, and charged with treason. He was convicted in 2019 and sentenced to 22 years in prison after a trial in which Sachkov was a key witness for the prosecution, according to Mikhailov’s defense team, which has accused Sachkov of providing false testimony.

Although the official details of that case haven’t been made public, three people close to Sachkov and Mikhailov say the two men had known and worked with each other for years, including collaborating with foreign governments. Both ultimately provided information to Western officials that helped the U.S. prove Russia’s role in the election hacking, the people say. Those findings led to the sanctioning by the U.S. of top GRU officials and the indictment of 12 of its alleged agents. The FSB didn’t respond to a request for comment on whether Sachkov’s prosecution is linked to Russia’s meddling in the 2016 election.

The alleged treachery by Mikhailov and Sachkov had roots, in part, in a long-running conflict between the GRU and the FSB, which compete for resources and prestige in many areas, including foreign hacking operations, according to three people familiar with the matter.

Crowdstrike Holdings Inc., a U.S. cybersecurity company hired in 2016 to investigate the hack of the Democratic National Committee, pinned that breach and the subsequent leak of confidential internal documents on the GRU, in findings endorsed later by U.S. intelligence agencies. Crowdstrike also found that the GRU and FSB had each hacked the DNC’s servers in independent operations in 2015 and 2016, suggesting competition between the agencies.

The hacking of the DNC’s servers resulted in the whistleblowing organization WikiLeaks publishing about 20,000 private emails just before the Democratic National Convention that chose Hillary Clinton as the party’s nominee for president in July 2016. The documents, which showed efforts by party officials to undermine Clinton’s chief rival for the nomination, Bernie Sanders, forced the resignation of the head of the DNC, Representative Debbie Wasserman Schultz. Clinton has blamed her defeat in the general election by Donald Trump on Russia’s interference. Putin has repeatedly denied that the Russian state has meddled in U.S. elections.

Three people familiar with Sachkov’s case tell Bloomberg that one reason he may have been targeted is that he provided information to Western agencies about Vladislav Klyushin, the founder of another Russian cybersecurity company with Kremlin ties, who was arrested by Swiss authorities at the request of the U.S. in March, after he stepped off a private jet on his way to a skiing holiday with his family.

Klyushin, 41, has been in a Swiss maximum-security detention facility since then, fighting extradition to the U.S. on insider-trading charges. His lawyer, Oliver Ciric, says American authorities want to charge his client with orchestrating the election hacking. He argues that the insider-trading charges were created as a “pretext” to get Klyushin to the U.S. to pressure him to provide information about the operation.

Through his lawyer, Klyushin tells Bloomberg that he doesn’t know why he was arrested in March and not before, saying he traveled freely to Europe before then. He says he doesn’t know whether Mikhailov and Sachkov had offered any information about him and doesn’t know about possible cooperation between Group-IB and Western intelligence services.

Klyushin has a wealth of information about Russian interference in the 2016 election, and his extradition to the U.S. would be very damaging for the Kremlin, two people familiar with the matter say. He owns a company in Russia called M13, whose website states it provides media-monitoring services to the Kremlin, the defense ministry, and other Russian institutions. One of Klyushin’s senior employees—Ivan Yermakov—was among the 12 alleged GRU operatives charged in the U.S. over the election hacking, and he is also a co-defendant in the insider-trading case against Klyushin, according to U.S. judicial documents reviewed by Bloomberg.

For Sachkov, there were danger signs in the final few weeks before his September arrest. He told associates that he’d been warned to not leave the country. According to one person close to him, he feared he’d be arrested. If Russian authorities ever found out the information he’d shared, he allegedly told another person, they would have him killed.

Sachkov’s fate will be decided in a secret trial that his defense team says might not start for 12 to 18 months. He’s being held in Moscow’s Lefortovo Prison, a notorious ex-KGB detention site with a long history of housing political prisoners, known for its harsh conditions and severe rules restricting inmates’ communications. A human-rights ombudsman who visited Sachkov in October says he complained that he wasn’t allowed to send or receive letters and was being kept in an information vacuum.

Afanasyev, Sachkov’s lawyer, said on Nov. 22 that the conditions of his imprisonment had improved. He’s been transferred to a better cell and is now receiving letters, as well as medicine and food meeting his dietary requirements—though as of Dec. 1, he hadn’t received any family visits, Afanasyev said. He also said Sachkov is “giving testimony” to investigators from behind bars.

In a letter he passed to his attorney, Sachkov—whose pretrial detention has been extended for an additional three months, to Feb. 28—appealed to Putin to allow him out of prison under home arrest. “I’m not a traitor or a spy. I’m a Russian engineer,” he wrote, according to Afanasyev.
Read next: Cybercriminals Cash Out Ransoms at Moscow’s Tallest Tower

Read the whole story
1 day ago
Share this story

Bloomberg: как Илья Сачков запутался в византийской сети российских кибертехнологов и сотрудников спецслужб

1 Share

Илья Сачков, обвиняемый в государственной измене в России, якобы предоставил США информацию об операции Fancy Bear с целью повлиять на выборы в США.

На церемонии вручения бизнес-награды в феврале 2019 года в Кремле молодой предприниматель в сфере кибербезопасности Илья Сачков побеседовал с президентом России Владимиром Путиным. Под присмотром камер, Сачков пригласил Путина посетить московский офис его компании Group-IB, чтобы самому увидеть мощные антихакерские технологии. «Вы определенно будете удивлены», — отметил тогда он.

Это была вершина успеха Сачкова. Он основал Group-IB еще студентом, а затем превратил ее из крошечной консалтинговой фирмы в один из самых известных бизнесов в сфере безопасности в России. В компании работали сотни сотрудников, и она пыталась расширить свою деятельность на США, Европу, Ближний Востоке и Азию. Сачков путешествовал по миру, создавая гламурный образ в элегантно сшитых костюмах.

В результате драматического поворота судьбы исполнительный директор теперь томится за решеткой, после ареста в сентябре по обвинению в госизмене. 35-летний Сачков отрицает обвинения. Ему грозит до 20 лет исправительно-трудового лагеря.

Сачков (справа) с Путиным в 2015 году на мероприятии для молодых ИТ-специалистов 

Подробности преступлений, в которых обвиняю Сачкова, не разглашаются. Но интервью с людьми, близкими к этому делу, показывают, что неожиданное задержание Сачкова может быть связано с одной из самых печально известных хакерских операций правительства.

Одно из предполагаемых правонарушений Сачкова в том, что он предоставил правительству США информацию о группе хакеров в ГРУ, которую американские компании по кибербезопасности окрестили «Fancy Bear», и ее попытках повлиять на президентские выборы в США в 2016 году, рассказали сразу четыре источника Bloomberg. По словам трех человек, информация, которую раскрыл Сачков, помогла правительству США идентифицировать агентов ГРУ, причастных к взлому. В ФБР от комментариев отказались.

Bloomberg не смог определить, являются ли эти предполагаемые действия частью официальных обвинений против Сачкова. Российские СМИ сообщили, что обвинения касаются отдельного инцидента, произошедшего в 2014 году.

Интервью с людьми, знакомыми с его делом, включая близких соратников, бывших сотрудников Group-IB и бывших российских силовиков, которые поддерживают тесные связи с правительством, показывают, что в последние годы Сачков старался снискать расположение западных спецслужб и правоохранительных органов. Он стремился уменьшить свою зависимость от российских государственных контрактов Group-IB и выйти на международные рынки — рискованная игра, которая сделала его объектом подозрений как в США, так и в России.

«Это плохой сигнал для желающих сотрудничать с США»

В самой Group-IB ответили Bloomberg, что их работа по борьбе с киберпреступностью основана только на официальных соглашениях или запросах правоохранительных органов, а не на неформальных отношениях. Сергей Афанасьев, адвокат Сачкова, отказался комментировать какие-либо аспекты его дела.

«В глазах Путина самая серьезная проблема — это предатели», — считает Татьяна Становая, основатель политической консалтинговой фирмы R.Politik и иногородний научный сотрудник Московского центра Карнеги. «Он не любит людей, которые сливают информацию».

Президент США Джо Байден добивается от Москвы большей помощи для пресечения атак программ-вымогателей и охоты на киберпреступные банды, действующие из России. Судебное преследование Сачкова не сулит ничего хорошего для этих усилий, говорит Кристофер Пейнтер, бывший высокопоставленный сотрудник службы кибербезопасности США: «Это плохой сигнал для желающих сотрудничать с США».

Group-IB, среди прочего, выполняет цифровую криминалистику и расследования хакерских атак, а также создает технологии, которые ищут утечки глубоко в компьютерных сетях. Некоторыми из его наиболее постоянных клиентов были корпорации, контролируемые российским государством, в том числе два крупнейших банка страны — Сбербанк и ВТБ, а также российские государственные органы — Роскосмос, Центральный банк, МВД и Следственный комитет РФ. По словам двух бывших российских силовиков и одного бывшего сотрудника, компания получила лицензию на работу с секретной государственной информацией. Group-IB отрицает наличие такой лицензии.

Дмитрий Волков, соучредитель, а ныне главный исполнительный директор Group-IB, сказал Bloomberg в октябре, что на Россию приходилось более половины выручки компании в прошлом году и что он ожидал, что к концу 2021 года эта сумма упадет до 40%. По словам Волкова, несмотря на заключения Сачкова в тюрьму компания все еще ищет стратегического иностранного инвестора и планирует провести первичное публичное размещение акций на международном рынке.

В конце ноября Волков сказал, что Сачков наладил мосты с правоохранительными органами по всему миру, «поскольку он всегда видел главную цель компании в борьбе с киберпреступностью во всем мире и защите клиентов компании». Хотя Group-IB обладает знаниями для выявления киберпреступников и борьбы с ними, сказал Волков, «только правоохранительные органы имеют право осуществлять правосудие и обеспечивать, чтобы злоумышленники были задержаны и больше не представляли угрозы для кого-либо. Это универсальная стратегия Group-IB во всех регионах нашего присутствия».

Через четыре месяца после церемонии награждения в Кремле Group-IB перенесла свою штаб-квартиру из Москвы в Сингапур, поддерживая амбиции Сачкова по созданию международного центра. В прошлом году компания открыла офисы в Амстердаме и Дубае. Один из способов, которым Сачков стремился утвердить свой авторитет на международном уровне, заключался в сотрудничестве с западными правоохранительными органами, уверены источники Bloomberg.

Мать Сачкова, Людмила Сачкова, описывала своего сына как целеустремленного и не боящегося брать на себя ответственность, а также как обладающего умом исследователя и «острым чувством справедливости». Ее сын был вдохновлен на создание своего бизнеса в области кибербезопасности после прочтения книги двух бывших киберагентов ВВС США «Реагирование на инциденты: расследование компьютерных преступлений», — рассказала она Bloomberg.

Путин и Сачков (крайний справа) встречаются с победителями Национальной премии «Немальский бизнес 2019», вручаемой молодым владельцам малых и средних предприятий Фотограф: Алексей Никольский/СПУТНИК/AFP/GETTY IMAGES

Под эгидой борьбы с киберпреступностью Group-IB продвигает на своем веб-сайте соглашения о сотрудничестве с Интерполом, Европолом и другими иностранными правоохранительными органами — стандартные партнерские отношения для западных технологических компаний. Но, ухаживая за иностранными чиновниками, при этом продолжая выполнять правительственную работу в России, Сачков шел по опасной дорожке.

Он запутался в византийской сети влиятельных российских технологов и сотрудников спецслужб, которых теперь обвиняют в государственной измене, согласно более ранним сообщениям в российских СМИ и новым сообщениям Bloomberg.

Центральная фигура — 47-летний Сергей Михайлов, бывший высокопоставленный сотрудник Федеральной службы безопасности (ФСБ) — главного внутреннего преемника советского КГБ — который руководил расследованиями киберпреступности в России. Михайлов был арестован в Москве в декабре 2016 года, через месяц после президентских выборов в США, по обвинению в государственной измене. Он был осужден в 2019 году и приговорен к 22 годам лишения свободы после судебного разбирательства, на котором Сачков был ключевым свидетелем обвинения. Защита Михайлова обвинила Сачкова в даче ложных показаний.

Хотя официальные подробности этого дела не разглашаются, трое близких к Сачкову и Михайлову людей говорят, что эти двое знали и работали друг с другом в течение многих лет, в том числе сотрудничая с иностранными правительствами. Оба в конечном итоге предоставили западным официальным лицам информацию, которая помогла США доказать роль России во вмешательстве в выборы США, уверены источники Bloomberg.

Эти выводы привели к санкциям со стороны США в отношении высших должностных лиц ГРУ и предъявлению обвинения 12 его предполагаемым агентам. В ФСБ не ответили на просьбу прокомментировать, связано ли преследование Сачкова с вмешательством России в выборы 2016 года.

Михайлов на заседании суда в Москве в 2019 году. Фотограф Павел Головкин/AP PHOTO

Предполагаемое предательство Михайлова и Сачкова отчасти уходит корнями в давний конфликт между ГРУ и ФСБ, которые борются за ресурсы и престиж во многих сферах, в том числе за иностранные хакерские операции, по словам трех человек, знакомых с этим вопросом.

Crowdstrike Holdings Inc., американская компания, занимающаяся кибербезопасностью, нанятая в 2016 году для расследования взлома Национального комитета Демократической партии, зафиксировала это нарушение и последующую утечку конфиденциальных внутренних документов ГРУ в выводах, подтвержденных позже спецслужбами США. Crowdstrike также обнаружил, что ГРУ и ФСБ взламывали серверы DNC в ходе независимых операций в 2015 и 2016 годах, что свидетельствует о конкуренции между агентствами.

В результате взлома серверов DNC организация WikiLeaks опубликовала около 20 000 личных писем незадолго до Национального съезда Демократической партии, в котором Хиллари Клинтон была выбрана кандидатом от партии на пост президента в июле 2016 года. Соперник по выдвижению, Берни Сандерс, призвал уйти в отставку главу DNC Вассермана Шульца. Клинтон обвинила свое поражение на всеобщих выборах от Дональда Трампа вмешательством России. Путин неоднократно отрицал вмешательство российского государства в выборы в США.

Три человека, знакомые с делом Сачкова, рассказали Bloomberg, что одна из причин, по которой он мог стать жертвой, заключается в том, что он предоставил западным агентствам информацию о Владиславе Клюшине, основателе другой российской компании по кибербезопасности, связанной с Кремлем. В марте он был арестован швейцарскими властями по запросу США, после того, как он сошел с частного самолета по пути на лыжные каникулы со своей семьей.

41-летний Клюшин с тех пор находится в швейцарском изоляторе строгого режима, борясь с экстрадицией в США по обвинению в инсайдерской торговле. Его адвокат Оливер Сирик утверждает, что американские власти хотят обвинить его клиента в организации взлома выборов. Он уверен, что обвинения в инсайдерской торговле были созданы как «предлог», чтобы заставить Клюшина приехать в США и заставить его предоставить информацию об операции вмешательства.

Через своего адвоката Клюшин сообщил Bloomberg, что он не знает, почему его арестовали лишь в марте, а не раньше, заявив, что до этого он свободно ездил в Европу. Он говорит, что не знает, передавали ли Михайлов и Сачков какую-либо информацию о нем, и не знает о возможном сотрудничестве между Group-IB и западными спецслужбами.

Клюшин может обладать обширной информацией о вмешательстве России в американские выборы 2016 года, и его экстрадиция в США будет очень неприятной для Кремля, говорят два человека, знакомых с этим вопросом. Он владеет компанией в России под названием M13, на веб-сайте которой указано, что она предоставляет услуги по мониторингу СМИ Кремлю, министерству обороны и другим российским учреждениям. Один из высокопоставленных сотрудников Клюшина — Иван Ермаков — был среди 12 предполагаемых оперативников ГРУ, обвиненных в США в хакерских атаках во время выборов, а также он является сообвиняемым в деле о возможной инсайдерской торговле Клюшина, согласно судебным документам США, рассмотренным Bloomberg. .

Для Сачкова в последние несколько недель до его сентябрьского ареста появились первые признаки опасности. Он сказал коллегам, что его предупредили, чтобы он не покидал страну. По словам одного из близких ему людей, он опасался ареста. Если российские власти когда-либо узнают информацию, которой он поделился, они прикажут его убить, опасался Сачков.

Судьба Сачкова будет решена в ходе секретного судебного процесса, который, по словам его защиты, может начаться не раньше, чем через 12-18 месяцев. Он содержится в московской Лефортовской тюрьме, печально известном месте с долгой историей содержания политических заключенных, известной своими суровыми условиями и строгими правилами, ограничивающими общение сокамерников. Уполномоченный по правам человека, посетивший Сачкова в октябре, говорит, что он жаловался на то, что ему не разрешают отправлять и получать письма и что его держат в информационном вакууме.

Афанасьев, адвокат Сачкова, 22 ноября заявил, что условия заключения улучшились. Его перевели в камеру получше, и теперь он получает письма, а также лекарства и еду, отвечающие его диетическим потребностям, хотя по состоянию на 1 декабря его не навещали родственники, сказал Афанасьев. Он также сказал, что Сачков «дает показания» следователям.

В письме, которое он передал своему адвокату, Сачков призвал Путина выпустить его из тюрьмы под домашний арест. «Я не предатель и не шпион. Я русский инженер», — утверждается в письме по словам Афанасьева.

Перевод Станислава Прыгунова, специально для БВ.

Read the whole story
1 day ago
Share this story

covid-19 rates and rain season - Google Search

1 Share

Rainy Season and COVID-19 - Samitivej Hospital

https://www.samitivejhospitals.com › article › detail › ra...
<a href="https://www.samitivejhospitals.com" rel="nofollow">https://www.samitivejhospitals.com</a> › article › detail › ra...
During the 2019 influenza outbreak, there were a total of 390,733 patients and 27 deaths from the disease. The groups experiencing the highest illness rates ...
covid-19 and rainy season
rain impact on covid-19
virus in the rain
can fog carry coronavirus
is covid airborne
can you get covid from snow

Common questions

For informational purposes only. Consult your local medical authority for health advice.

Web results

The impact of weather on COVID-19 pandemic - Nature

https://www.nature.com › scientific reports › articles
<a href="https://www.nature.com" rel="nofollow">https://www.nature.com</a> › scientific reports › articles
by M Ganslmeier · 2021 — Like other epidemic diseases, the trajectories in many countries show strong seasonal patterns with fewer cases during summer and more during ...

How does weather affect COVID-19? - Medical News Today

https://www.medicalnewstoday.com › articles › how-do...
<a href="https://www.medicalnewstoday.com" rel="nofollow">https://www.medicalnewstoday.com</a> › articles › how-do...
Aug 16, 2020 — Brazilian researchers looked at rainfall worldwide, and confirm COVID-19 cases also increase with greater precipitation. For each average inch ...
covid-19 and rainy season
rain impact on covid-19
virus in the rain
can fog carry coronavirus
is covid airborne
can you get covid from snow

People also search for

Weather, Air Pollution, and COVID-19 Transmission - Projects ...

https://projects.iq.harvard.edu › covid19
<a href="https://projects.iq.harvard.edu" rel="nofollow">https://projects.iq.harvard.edu</a> › covid19
We have developed interactive figures to visualize evidence-based projections of the impact of weather on the potential transmission rate of COVID-19 from May 1 ...
covid-19 and rainy season
rain impact on covid-19
virus in the rain
can fog carry coronavirus
is covid airborne
can you get covid from snow

People also search for

Scientists Uncover the Seasonality of COVID-19 - Eos.org

https://eos.org › research-spotlights › scientists-uncover...
<a href="https://eos.org" rel="nofollow">https://eos.org</a> › research-spotlights › scientists-uncover...
Jul 29, 2021 — Much like the flu, COVID-19 fluctuates with the seasons, spiking in the winter and abating as the weather warms in temperate climates.
covid-19 and rainy season
rain impact on covid-19
virus in the rain
can fog carry coronavirus
is covid airborne
can you get covid from snow

People also search for

A correlation study between weather and Covid-19 pandemic ...

https://www.sciencedirect.com › science › article › pii
<a href="https://www.sciencedirect.com" rel="nofollow">https://www.sciencedirect.com</a> › science › article › pii
by MM Menebo · 2020 · Cited by 122 — Temperature and precipitation associate with Covid-19 new daily cases: A ... as the country prepare to enter into a new weather season.

Seasonal changes in COVID-19 likely about people as much

https://www.startribune.com › seasonal-changes-in-covi...
<a href="https://www.startribune.com" rel="nofollow">https://www.startribune.com</a> › seasonal-changes-in-covi...
Jun 4, 2021 — Twins fans eager for warmer weather and the pandemic's end enjoy some ... The positivity rate of COVID-19 testing in Minnesota dropped to a ...
covid-19 and rainy season
rain impact on covid-19
virus in the rain
can fog carry coronavirus
is covid airborne
can you get covid from snow

People also search for

Policy and weather influences on mobility during the ... - PNAS

https://www.pnas.org › content
<a href="https://www.pnas.org" rel="nofollow">https://www.pnas.org</a> › content
by Y Wu · 2021 — Because COVID-19 will remain dangerous until safe and effective ... filtered the weather and mobility time series to remove seasonal trends ...

Weather Variability and COVID-19 Transmission - MDPI

https://www.mdpi.com › pdf
<a href="https://www.mdpi.com" rel="nofollow">https://www.mdpi.com</a> › pdf
by H McClymont · 2021 · Cited by 26 — Keywords: COVID-19; weather; temperature; humidity; precipitation; ... seasonal influenza, it is predicted that SARS-COV-2 could have a ...

Does Rain Wash Away COVID-19 Coronavirus? - Forbes

https://www.forbes.com › marshallshepherd › 2020/04/29
<a href="https://www.forbes.com" rel="nofollow">https://www.forbes.com</a> › marshallshepherd › 2020/04/29
Apr 29, 2020 — Most states have closed playgrounds. Some studies suggest that the virus can linger on surfaces for hours to days. ... He says that rain can ...

Why one doctor is 'very worried' about COVID-19 heading into ...

https://www.accuweather.com › health-wellness › how-f...
<a href="https://www.accuweather.com" rel="nofollow">https://www.accuweather.com</a> › health-wellness › how-f...
In addition to cold weather causing a potential spike in cases, seasonal allergies that strike in the fall could complicate the matter further, as some symptoms ...

COVID Sure Looks Seasonal Now - The Atlantic

https://www.theatlantic.com › health › archive › 2021/11
<a href="https://www.theatlantic.com" rel="nofollow">https://www.theatlantic.com</a> › health › archive › 2021/11
Nov 20, 2021 — But evidence is piling up that COVID really is a seasonal disease, surging with the weather and the annual rhythms of human life.

Does COVID-19 Have Seasons? An Update with Ben Zaitchik

https://earthobservatory.nasa.gov › blogs › 2021/03/22
<a href="https://earthobservatory.nasa.gov" rel="nofollow">https://earthobservatory.nasa.gov</a> › blogs › 2021/03/22
Mar 22, 2021 — At the start of the pandemic, there was some speculation that seasonal weather could influence the spread of COVID-19, with the virus ...

Weather Conditions and COVID-19 Incidence in a Cold Climate

https://www.frontiersin.org › fpubh.2020.605128 › full
<a href="https://www.frontiersin.org" rel="nofollow">https://www.frontiersin.org</a> › fpubh.2020.605128 › full
Feb 25, 2021 — Background: The current coronavirus disease 2019 (COVID-19) is spreading globally at an accelerated rate. There is some previous evidence ...

Is COVID-19 Seasonal? | The Scientist Magazine®

https://www.the-scientist.com › news-opinion › is-covid...
<a href="https://www.the-scientist.com" rel="nofollow">https://www.the-scientist.com</a> › news-opinion › is-covid...
Nov 10, 2021 — While the weather isn't currently the dominant factor driving SARS-CoV-2 transmission, experts say that in the future COVID-19 may become a ...

Coronavirus seasonality, respiratory infections and weather

https://bmcinfectdis.biomedcentral.com › articles
<a href="https://bmcinfectdis.biomedcentral.com" rel="nofollow">https://bmcinfectdis.biomedcentral.com</a> › articles
by GL Nichols · 2021 — Seasonal coronavirus infections in children under 3 years old were more ... The outbreak of coronavirus disease 2019 (COVID-19) caused by ...

COVID-19 transmission is higher with warm weather and ...

https://www.news-medical.net › news › COVID-19-tran...
<a href="https://www.news-medical.net" rel="nofollow">https://www.news-medical.net</a> › news › COVID-19-tran...
Sep 23, 2021 — A new study finds that environmental factors and human mobility predict seasonal changes in COVID-19 rates, just as in influenza and similar ...
Read the whole story
1 day ago
Share this story

Omicron variant and supersreader events - Google Search

1 Share

Web results

Norway Christmas party becomes largest Omicron ...

https://www.scmp.com › News › World › Europe
<a href="https://www.scmp.com" rel="nofollow">https://www.scmp.com</a> › News › World › Europe
7 hours ago — A corporate Christmas party in Norway turned into an Omicron superspreader event, with up to 60 people possibly infected, officials say.

Christmas Party in Norway Turned Into an Omicron 'Super ...

https://www.businessinsider.com › Science
<a href="https://www.businessinsider.com" rel="nofollow">https://www.businessinsider.com</a> › Science
2 days ago — A corporate Christmas party turned into the biggest Omicron 'super spreader event' outside South Africa, with up to 60 people infected.

Omicron variant likely spreads fast; COVID vaccine optimism

https://www.usatoday.com › news › health › 2021/12/04
<a href="https://www.usatoday.com" rel="nofollow">https://www.usatoday.com</a> › news › health › 2021/12/04
2 days ago — Many experts believe vaccines will likely continue protecting against severe disease, but the mutated variant may prove highly infectious.
Read the whole story
1 day ago
Share this story
Next Page of Stories