'Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics

Documents leaked by whistleblower angry over Ukraine war

Thursday - 30/03/2023 15:33 Author: Editors Desk Source: The Guardian
Composite: Guardian/Design/Sputnik/AFP/GETTY IMAGES/Facebook/Telegram
Composite: Guardian/Design/Sputnik/AFP/GETTY IMAGES/Facebook/Telegram

  •  Private Moscow consultancy bolstering Russian cyberwarfare
  •  Tools support hacking operations and attacks on infrastructure
  •  Documents linked to notorious Russian hacking group Sandworm
  •  Russian program aims to control internet and spread disinformation

by , Stiliyana Simeonova,  and 

The inconspicuous office is in Moscow’s north-eastern suburbs. A sign reads: “Business centre”. Nearby are modern residential blocks and a rambling old cemetery, home to ivy-covered war memorials. The area is where Peter the Great once trained his mighty army.

Inside the six-storey building, a new generation is helping Russian military operations. Its weapons are more advanced than those of Peter the Great’s era: not pikes and halberds, but hacking and disinformation tools.

The software engineers behind these systems are employees of NTC Vulkan. On the surface, it looks like a run-of-the-mill cybersecurity consultancy. However, a leak of secret files from the company has exposed its work bolstering Vladimir Putin’s cyberwarfare capabilities.

Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet.

The company’s work is linked to the federal security service or FSB, the domestic spy agency; the operational and intelligence divisions of the armed forces, known as the GOU and GRU; and the SVR, Russia’s foreign intelligence organisation.

One document links a Vulkan cyber-attack tool with the notorious hacking group Sandworm, which the US government said twice caused blackouts in Ukraine, disrupted the Olympics in South Korea and launched NotPetya, the most economically destructive malware in history. Codenamed Scan-V, it scours the internet for vulnerabilities, which are then stored for use in future cyber-attacks.

Read More (...)

  Reader Comments

You did not use the site, Click here to remain logged. Timeout: 60 second