Who Is Ilya Medvedovsky?

In the latest round of sanctions aimed at Russian cyberattacks, the U.S. Treasury Department sanctioned five companies.  Three are connected with one person, a Russian cybersecurity professional named Ilya Medvedovsky.

2355c3af762a81ba8cd0ac83025d0722

Ilya Medvedovsky

Medvedovsky is CEO of ERPScan, with offices in Palo Alto, near Stanford University, as well as Amsterdam, Prague, and Tel Aviv. He’s also CEO of Embedi, based in Berkeley and Tel Aviv. And finally, he is or was general director of Digital Security, one of Russia’s leading information security consultancies. (Medvedovsky is described in some reports as a past employee of Digital Security, but he’s described as general director in this TASS report.) All three companies were sanctioned June 11th by the U.S. Treasury.

The U.S. Treasury stated that “as of 2015” Digital Security “worked on a project that would increase Russia’s offensive cyber capabilities for the Russian intelligence services” including the FSB, the successor agency to the KGB. ERPScan and Embedi are described as being owned or controlled by Digital Security.

It’s unclear what connection, if any, Medvedovsky had to the FSB. I did come across an interesting press release on Digital Security’s web site. In 2015, Medvedovsky presented a report at a conference organized by Russia’s Defense Ministry titled “Cyberwar today: promising technologies of the future.”

Software and hardware solutions used in state institutions contain multiple vulnerabilities, and new, unexplained types of problems appear constantly. Recently it became known, for example, on the presence of vulnerabilities in the BIOS of motherboards and in the firmware of routers that are used in the public sector everywhere. All this opens up ample opportunities for cybercriminals and puts under attack not only business of large companies, but also national security. To confront threats, it is necessary to develop the country’s protective cyber capabilities.

Medevedovsky said in a statement that Digital Security has never been involved in politics. On his personal Facebook and Twitter accounts, he said he believes the sanctions were an act of retaliation. He says he has stepped on the toes of so many big U.S. companies by exposing some 600 vulnerabilities in the products of SAP, Oracle, Microsoft, IBM, Intel, Cisco, and others. “It was only a matter of time before one of them lobbied like that,” he wrote.

Digital Security clients include Sberbank, Yandex, Mail.Ru Group, Rosselkhozbank, Gazprombank, UniCredit Bank, Bank VTB 24, Rafifeisenbank, Sibur, and Metalloinvest, several of which are also under sanctions.

Medevedovsky is the author of a classic series of hacker books written in Russia,  “Attack via the Internet,” which were bestsellers in 1997-2000.

On Medvedovsky’s Facebook page, there was some talk of challenging the sanctions. But most of the replies seem to be high-fives over what an action the Russian hacking community seems to view as a badge of honor. “By current standards, it’s like the order of merit in front of the fatherland,” one commenter wrote.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s