The $1 billion Russian cyber company that the US says hacks for Moscow

[ad_1]

The public side of Positive is like many cybersecurity companies: staff look at high-tech security, publish research on new threats, and even have cutesy office signs that read “stay positive!” hanging above their desks. The company is open about some of its links to the Russian government, and boasts an 18-year track record of defensive cybersecurity expertise including a two-decade relationship with the Russian Ministry of Defense. But according to previously unreported US intelligence assessments, it also develops and sells weaponized software exploits to the Russian government. 

One area that’s stood out is the firm’s work on SS7, a technology that’s critical to global telephone networks. In a public demonstration for Forbes, Positive showed how it can bypass encryption by exploiting weaknesses in SS7. Privately, the US has concluded that Positive did not just discover and publicize flaws in the system, but also developed offensive hacking capabilities to exploit security holes that were then used by Russian intelligence in cyber campaigns.

Much of what Positive does for the Russian government’s hacking operations is similar to what American security contractors do for United States agencies. But there are major differences. One former American intelligence official, who requested anonymity because they are not authorized to discuss classified material, described the relationship between companies like Positive and their Russian intelligence counterparts as “complex” and even “abusive.” The pay is relatively low, the demands are one-sided, the power dynamic is skewed, and the implicit threat for non-cooperation can loom large.

Tight working relationship

American intelligence agencies have long concluded that Positive also runs actual hacking operations itself, with a large team allowed to run its own cyber campaigns as long as they are in Russia’s national interest. Such practices are illegal in the western world: American private military contractors are under direct and daily management of the agency they’re working for during cyber contracts. 

US intelligence has concluded that Positive did not just discover and publicize flaws, but also developed offensive hacking capabilities to exploit security holes that it found

Former US officials say there is a tight working relationship with the Russian intelligence agency FSB that includes exploit discovery, malware development, and even reverse engineering of cyber capabilities used by Western nations like the United States against Russia itself. 

The company’s marquee annual event, Positive Hack Days, was described in recent US sanctions as “recruiting events for the FSB and GRU.” The event has long been famous for being frequented by Russian agents. 

Positive did not respond to a request for comment.

Tit for tat

Thursday’s announcement is not the first time that Russian security companies have come under scrutiny. 

The biggest Russian cybersecurity company, Kaspersky, has been under fire for years over its relationships with the Russian government—eventually being banned from US government networks. Kaspersky has always denied a special relationship with the Russian government.

But one factor that sets Kaspersky apart from Positive, at least in the eyes of American intelligence officials, is that Kaspersky sells antivirus software to western companies and governments. There are few better intelligence collection tools than an antivirus, software which is purposely designed to see everything happening on a computer, and can even take control of the machines it occupies. US officials believe Russian hackers have used Kaspersky software to spy on Americans, but Positive—a smaller company selling different products and services—has no equivalent. 

Recent sanctions are the latest step in a tit for tat between Moscow and Washington over escalating cyber operations, including the Russian-sponsored SolarWinds attack against the US, which led to nine federal agencies being hacked over a long period of time. Earlier this year, the acting head of the US cybersecurity agency said recovering from that attack could take the US at least 18 months.

[ad_2]

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Battlefield 2042 Specialists & launch maps revealed By EA
Latest News

Battlefield 2042 Specialists & launch maps revealed By EA

After months of speculation, EA and DICE have finally unveiled Battlefield 2042, with the reveal trailer already live and a gameplay one set to premiere on Sunday, during Microsoft’s E3 conference. There may be additional information released at that point but for now we already know quite a bit about the new maps and the Specialists, 2042’s version of the […]

Read More
UK Travel Green List & Rules for entering
Latest News

UK Travel Green List & Rules for entering

Red list countries and territories What you must do if you have been in a country or territory on the red list in the 10 days before you arrive in England. If you have been in a country or territory on the red list in the last 10 days you will only be allowed to […]

Read More
Latest News

Belarus to face Slovakia in 2021 IIHF World Championship opener

Belarus will open the 2021 IIHF World Championship against Slovakia in Riga on 21 May, BelTA has learned. The Group B match will be played at the Olympic Sport Center. The faceoff is at 20.10. Belarus 5 TV channel will broadcast the match live. Ahead of the IIHF World Championship Belarus played a number of […]

Read More