Tagged: FSB

What Is Russia’s Centre for Information Security?

The New York Times reports on a series of arrests involving Russia’s FSB, the successor agency to the KGB that may be connected to the hacking of the 2016 U.S. Election.

According to the Times, one of those arrested, Sergei Mikhailov, was serving as deputy director FSB’s Centre for Information Security. He was arrested on a charge of treason. Earlier in the month, the head of the Centre, Andrei Gerasimov, was dismissed.

What is the FSB’s Centre for Information Security?

Some answers come from Jeffrey Carr, a security consultant out of Seattle who runs the consulting firm TAIA Global and published Inside Cyber Warfare. Carr describes the FSB’s Centre for Information Security (also known as Military Unit 64829) as the organization in charge of protecting Russia’s Internet.

“In sum, any Internet operation originating in Russia are almost certainly monitored and probably overseen by the FSB ISC,” Carr wrote in this analysis. “Current Russian press covers Russian intentions to implement further restrictions on RuNet to counter foreign attempts to wage “information warfare” against Russian and ideologically subvert the Russian population. Whatever final form the new restrictions take, the FSB ISC will be heavily involved.”

In his book, Inside Cyber War, Carr goes a bit further.  The Centre not only defends the Russian Internet (RuNet) it can also attack.
screen-shot-2017-01-28-at-8-24-12-am
Also arrested was Dmitry Dokuchayev, a former hacker going by the pseudonym Forb who agreed to work for the FSB in exchange for dropping charges of credit card fraud. In an interview with a Russian newspaper, (or here in the original Russian) Dokuchayev/Forb said he had carried out a successful cyberattack on the US government.
screen-shot-2017-01-28-at-9-45-08-am

I would be wary of any reports that claim the Centre hacked the U.S. election. Cyberwarfare like conventional warfare is a confusing picture, with many different groups carrying out different but overlapping missions.

Different FSB components are responsible for attacks outside Russia. One is the FSB’s 16th Center, also known by the Orwellian name of the FSB Center for Electronic Surveillance of Communications, according to TAIA Global Another is the FSB’s 18th Center. Another is the FSB’s Fifth Directorate. All three were blamed for cyberattacks and propaganda during the Russian invasion of the Crimean Peninsula.

And President Obama’s executive order imposing sanctions in response to the hacking of the 2016 U.S. Election names both the FSB and the GRU, the main intelligence directorate. It’s believed that the GRU hacks were passed along to Wikileaks and other media outlets during the election.

There’s no evidence yet that the Centre for Information Security had a hand in the 2016 U.S. election hacking, but with their complete command of the Russian Internet they almost certainly would have known about it.