back to article Russia is struggling to keep its cybercrime groups on a tight leash

Russia's control of cybercrime groups that have come to play a part in its espionage activity is crumbling, according to Cybereason. The security intelligence outfit reached this conclusion after reviewing the latest tactics and procedures associated with high-profile cyber-espionage pops blamed on the Kremlin. Russia has made …

  1. Your alien overlord - fear me

    So Russia are only now learning that once you release the genie, shoving back in the bottle is very difficult.

    1. Anonymous Coward
      Anonymous Coward

      shoving back in the bottle is very difficult

      For people like the CIA and other western intelligence agencies yes, And they've got plenty of experience of that, from their own hoarded exploits going AWOL, or their support for Al Qaeda and the Taliban in the 1980s. For the FSB I'm far less convinced that they can't rein in their proxy warriors. Certainly there's a problem of "leakage" of tools and exploits. On the other hand, the FSB are part of a government entirely happy with brutality and lethal force, full knowledge of who these "players" are, and a willingness to exact revenge outside of their borders.

      If Putin and his chums decide that some cybercrim contractors are getting out of hand, I'd imagine that some very horrible examples will be made, and these examples will be exhibited to the other players, with a clear message "Stop making our lives difficult, stick to our rules, or this happens to you, your friends, your family - and even fleeing the country won't save you".

      1. Anonymous Coward
        Anonymous Coward

        "or their support for Al Qaeda and the Taliban in the 1980s"

        Organisations that grew out of the mujahedin that the CIA itself created. We in the UK are now collateral damage in the dirty tricks wars of the CIA. But, as we gave the US the idea for the CIA in WW2, you could argue that you sow what you reap.

        At the end of WW2, British politicians wanted our own dirty tricks department closed, because they were far-thinking. But the US jumped happily into the toybox. And now the US public is surrounded by security theatre while the Russians exploit it.

    2. Destroy All Monsters Silver badge

      It's a William Gibson world

      They set a Slamhound on Turner's trail in New Delhi, slotted it to his pheromones and the color of his hair. It caught up with him on a street called Chandni Chauk and came scrambling for his rented BMW through a forest of bare brown legs and pedicab tires. Its core was a kilogram of recrystallized hexogene and flaked TNT.

      He didn't see it coming. The last he saw of India was the pink stucco façade of a place called the Khush-Oil Hotel.

    3. Voland's right hand Silver badge

      Slightly different

      The genie is LOCAL and DOMESTIC. It CAN be shoveled back into the bottle by brute force if need be. In this case the "I know where you live" tactic can and does work.

      That is a considerable difference to the horde of genies FSB western counterparts have unleashed in Afghanistan, Syria, Lybia, Iraq, etc. There is no amount of brute force short of a turning these into a glass lake which can bottle THAT horde of genies quickly back into the bottle.

      1. Jeffrey Nonken

        Re: Slightly different

        Zymurgy's First Law Of Evolving System Dynamics: Once You Open A Can Of Worms, The Only Way To Recan Them Is To Use A Bigger Can.

    4. Rob D.

      Comparable in intent but not execution

      Cyber-attack capabilities represent the first opportunity in history for one nation state to materially damage the integrity of another nation state without ever setting foot on foreign territory. With armed conflict requiring physical presence of people or resources on the ground or in reasonable proximity (air and sea power) there is no comparable remote execution capacity - people, equipment and (for now at least) money all have to move. The activities of Russian, American and varying degrees other nations like Saudi Arabian or Iranian influences on armed groups in proxy war situations are not comparable in execution although they are comparable in intent.

      One important difference here is that if it had been possible to cultivate the extended cyber-attack capability within its own jurisdiction, then Russia probably would have done so - America, China and some less significant players do seek to retain direct control of the executors of their capabilities. Russia has been arguably braver (choose your own adjective here) to push the envelope of developing an aggressive capability (in this case, not defensive; separate question) which has greater rewards and some risks.

      1. ArrZarr
        Headmaster

        Re: Comparable in intent but not execution

        Goanna nit pick that one - don't need to set foot on a country to lob a nuke at it.

      2. I ain't Spartacus Gold badge

        Re: Comparable in intent but not execution

        Russia has been arguably braver (choose your own adjective here) to push the envelope of developing an aggressive capability (in this case, not defensive; separate question) which has greater rewards and some risks.

        Russia is much poorer. They ranked 12th in the world on nominal GDP last year - smaller than Italy, Canada or South Korea. Although obviously labour costs are lower - so for something manpower intensive they're at much less disadvantage.

        There's an ex diplomat that I read sometimes, Charles Crawford. And one of his sayings when talking about Putin's policies is, "chaos is fair". Hadn't realised it was a quote from The Joker until I looked it up.

        The idea being the the Soviets lost the Cold War on the economy but if the ex-KGB people running the place can be cleverer, then unleashing chaos knackers everyone equally. But they're willing to take more pain (well inflict on their own citizens who have no choice in the matter), than the West is - and maybe they also bet that they can dance better...

        There's a bit of a 1930s feel to the Russian leadership, we didn't lose the Cold War, we were betrayed. The German 1918 "stab in the back" thing again. Because I guess the alternative is admitting that the system they served was both evil, and useless. Even though I doubt many were believing communists, as the KGB even then was plugged into organised crime.

        They also profitted from the chaos of the Yeltsin years, so why not again? The same playbook two, making money via criminal gangs, or via exploiting the privatisation of state enterprises - or later stealing those off the people who originally stole them, to entrench their powerbase.

        The question is, do they have an objective? Or is more a case of fuck the lot of you, if we can't have everything we want we'll screw it all up for you as well? I suspect they're quite a nihilistic lot. They joined the Communist party in the 70s, when it was already clear to many how badly it was going - but that was the only way to get ahead. And the way to get luxuries (or even neccessities) was corruption and the black market.

        So I guess this is just their normal playbook now. And damn the consequences.

  2. Chris G Silver badge

    To Rogue Russian Contractors

    All I can say is ' Beware Bulgarians bearing brollies.'

    On the other hand, those ex CIA assets who go rogue often seem to commit uncharacteristic sucide, presumably from remorse.

    1. Robert Carnegie Silver badge

      Make it look like suicide.

      Yeah, that's done.

  3. Joe Harrison

    "The capabilities that were once indicative of a nation-state actor are now an affordable commodity for the private sector," reports Cybereason.<p?

    This tries to say that the state and the private sector are competing equally for talent. Which can never be true because the state can pay in a coin unavailable to the private sector - the state has the power to make any awkward criminal charges just go away.

    1. kventin

      why THE state? is there only one?

      if recent (70 years') history taught us anything, if you have awkward criminal charges in, say, Germany, certain south american countries wouldn't give a damn (forgive my klatchian).

      another option is joining the other team -- it worked for legion etranger, why shouldn't it work for hackers?

      1. Potemkine Silver badge
        Headmaster

        Legio Patria Nostra

        legion etranger

        Légion étrangère - these guys deserve to be named correctly

        Salut à vous, Légionnaires!

  4. Paul Herber Silver badge

    and I thought the first Russian cyber attack was nicknamed DOS-vedanya.

  5. c1ue

    Pretty interesting seeing an all-Israeli company point to Russia as working with hackers to further national prerogatives.

    I guess its totally different when the same behavior occurs in the IDF or NSA?

  6. allthecoolshortnamesweretaken

    This is only marginally different from, say, the NSA using contractors like Booz Allen etc.

  7. Anonymous Coward
    Big Brother

    Kremlin losing control of hackers says CIA front organization

    "the Russian government had a problem of recruiting technology talent to accomplish their goals. Through necessity they turned to outsourcing and contractors"

    I would have thought it's the NSA who has the problem with outsourcing :)

    "Cybereason' .. Founded by elite Israeli-Intel cybersecurity experts" link ..

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021