Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
United States

Companies Linked To Russian Ransomware Hide in Plain Sight (nytimes.com) 32

When cybersleuths traced the millions of dollars American companies, hospitals and city governments have paid to online extortionists in ransom money, they made a telling discovery: At least some of it passed through one of the most prestigious business addresses in Moscow. From a report: The Biden administration has also zeroed in on the building, Federation Tower East, the tallest skyscraper in the Russian capital. The United States has targeted several companies in the tower as it seeks to penalize Russian ransomware gangs, which encrypt their victims' digital data and then demand payments to unscramble it. Those payments are typically made in cryptocurrencies, virtual currencies like Bitcoin, which the gangs then need to convert to standard currencies, like dollars, euros and rubles.

That this high-rise in Moscow's financial district has emerged as an apparent hub of such money laundering has convinced many security experts that the Russian authorities tolerate ransomware operators. The targets are almost exclusively outside Russia, they point out, and in at least one case documented in a U.S. sanctions announcement, the suspect was assisting a Russian espionage agency. "It says a lot," said Dmitry Smilyanets, a threat intelligence expert with the Massachusetts-based cybersecurity firm Recorded Future. "Russian law enforcement usually has an answer: 'There is no case open in Russian jurisdiction. There are no victims. How do you expect us to prosecute these honorable people?'" Recorded Future has counted about 50 cryptocurrency exchanges in Moscow City, a financial district in the capital, that in its assessment are engaged in illicit activity. Other exchanges in the district are not suspected of accepting cryptocurrencies linked to crime.

This discussion has been archived. No new comments can be posted.

Companies Linked To Russian Ransomware Hide in Plain Sight

Comments Filter:
  • Of course (Score:5, Interesting)

    by ArchieBunker ( 132337 ) on Monday December 06, 2021 @10:21AM (#62051915)

    These gangs are tolerated. As long as you pay Putin a cut you're all good. Someone has to pay for his billion dollar palace. https://en.wikipedia.org/wiki/... [wikipedia.org]

    • This is the way of history. It is not some abberation.

      It is why people seize power, or go into it in a democracy.

    • by gtall ( 79522 )

      C'mon, Putin's Gulag Republic is more democratic than that, there are all his cronies which will accept payment.

    • Re:Of course (Score:4, Interesting)

      by fermion ( 181285 ) on Monday December 06, 2021 @12:20PM (#62052355) Homepage Journal
      Bernie Madoff, who stole billions over decades,had his offices in the famous Lipstick building in NYC. Mainstream financial media to this day claims it was a growing legitimate business with no need to commit fraud. The authorities were present with good evidence in the early 1990s, at a time when Madoff was a principle at NASDAQ. Yet it was 2008 when clients began withdrawal of money en masse that the authorities could no longer ignore the fraud.

      Were the authorities involve in the fraud? Was it just incompetence that let Madoff steal money in spite of the authorities being regularly informed of the fraud? This was a crime that resulted in a 150 year prison sentence once it became a media sensation.

      My real concern here is that given that the US and other countries house so many criminals in skyscraper office towers, some who are international criminals, is that some vigilante might decide to destroy those office towers for retaliatory or political purposes.

      • Too big to fail are the famous words your're looking for.

      • Bernie Madoff, who stole billions over decades

        I don't think Bernie stole billions. He just told people that their accounts were worth millions when the money wasn't there to back up the account status. The money simply never existed.

  • by speedlaw ( 878924 ) on Monday December 06, 2021 @10:26AM (#62051925) Homepage
    Didn't I read somewhere, probably here, that the ransomware was written not to operate on machines which are Russian Language ?
  • by CubicleZombie ( 2590497 ) on Monday December 06, 2021 @10:41AM (#62051947)

    The bastards cleaned out all the medical records at my kids' pediatrician office. Even all their vaccination records. Next time I have to register them for a school, I don't know WTF I'm going to do about it.

    Needless to say, I've changing providers. Likely 3/4's of their patients have a parent in IT. I hope this hurts their business enough that they'll be more careful from now on.

    • by Fly Swatter ( 30498 ) on Monday December 06, 2021 @11:11AM (#62052045) Homepage
      Get a small fireproof box designed to hold a few file folders at home or a safety deposit box, and in the future get a paper copy of all important documents and put them there. Yea paper copies, some will groan, but having a paper trail is not a meme it is a fact of life.
      • Schools require that medical records come straight from the doctors office. I'm hoping the (new) doctor will accept the records back from the schools so my kids don't have to get all their shots over again. That happened to me when I started college and it was the sickest I've ever felt.

        But, yeah, paper copies. Would have been nice if they still had a file cabinet.

      • I haven't tried to request a paper copy of mine or my child's complete medical records, but I'd be a little surprised if you could just ask for them and actually get them without either an Olympic level of effort or maybe even getting a lawyer on their case.

        I'd guess that none of the systems have an easy "export to PDF" option due to security or other compliance reasons, as well as providers being unwilling to provide the information for fear of lawsuits or even losing patients to competing providers.

    • Lack of sufficient data backup procedures sounds like the real sin here. Even without hackers there are still drive crashes and natural disasters to wipe out data.

      They should deny medical facilities licenses unless they pass routine backup inspections.

      • If a HDD is about to crash it doesn't normally look around the network and find the locations that you backed up to and make sure to delete them first, but that is SOP for someone running one of these scams.

        And when you said "Lack of sufficient data backup procedures" you should have emphasized "sufficient". And I can tell you, most orgs procedures are "insufficient" for what a targeted and deliberate attacker will do. To beat this sort of stuff backups need to be immutable or offline (and preferably both)

        • by jabuzz ( 182671 )

          Medical records should be backed up to WORM LTO tapes IMHO. Good luck changing those even if the tape is still in the drive.

  • so this should not come as a surprise. As long as Capo Putin gets his cut they can go on.
  • "Hide in plain sight."

    You mean, "Not hiding."

  • ...Make these ba$tards actually pay a price for once.

  • is the US government that employs illegal sanctions to suppress competition. I am not taking sides I'm just stating a fact.

    There is so much mutual contempt and cold hatred on both sides that I have a premonition that we are approaching an armageddon confrontation.

    Perhaps, in several thousand years scientists on a planet far away in space will be asking: why there is no other intelligent life in space, no radio signals, nothing. Great silence.

Remember, UNIX spelled backwards is XINU. -- Mt.

Working...