Companies Linked To Russian Ransomware Hide in Plain Sight (nytimes.com) 32
When cybersleuths traced the millions of dollars American companies, hospitals and city governments have paid to online extortionists in ransom money, they made a telling discovery: At least some of it passed through one of the most prestigious business addresses in Moscow. From a report: The Biden administration has also zeroed in on the building, Federation Tower East, the tallest skyscraper in the Russian capital. The United States has targeted several companies in the tower as it seeks to penalize Russian ransomware gangs, which encrypt their victims' digital data and then demand payments to unscramble it. Those payments are typically made in cryptocurrencies, virtual currencies like Bitcoin, which the gangs then need to convert to standard currencies, like dollars, euros and rubles.
That this high-rise in Moscow's financial district has emerged as an apparent hub of such money laundering has convinced many security experts that the Russian authorities tolerate ransomware operators. The targets are almost exclusively outside Russia, they point out, and in at least one case documented in a U.S. sanctions announcement, the suspect was assisting a Russian espionage agency. "It says a lot," said Dmitry Smilyanets, a threat intelligence expert with the Massachusetts-based cybersecurity firm Recorded Future. "Russian law enforcement usually has an answer: 'There is no case open in Russian jurisdiction. There are no victims. How do you expect us to prosecute these honorable people?'" Recorded Future has counted about 50 cryptocurrency exchanges in Moscow City, a financial district in the capital, that in its assessment are engaged in illicit activity. Other exchanges in the district are not suspected of accepting cryptocurrencies linked to crime.
That this high-rise in Moscow's financial district has emerged as an apparent hub of such money laundering has convinced many security experts that the Russian authorities tolerate ransomware operators. The targets are almost exclusively outside Russia, they point out, and in at least one case documented in a U.S. sanctions announcement, the suspect was assisting a Russian espionage agency. "It says a lot," said Dmitry Smilyanets, a threat intelligence expert with the Massachusetts-based cybersecurity firm Recorded Future. "Russian law enforcement usually has an answer: 'There is no case open in Russian jurisdiction. There are no victims. How do you expect us to prosecute these honorable people?'" Recorded Future has counted about 50 cryptocurrency exchanges in Moscow City, a financial district in the capital, that in its assessment are engaged in illicit activity. Other exchanges in the district are not suspected of accepting cryptocurrencies linked to crime.
Of course (Score:5, Interesting)
These gangs are tolerated. As long as you pay Putin a cut you're all good. Someone has to pay for his billion dollar palace. https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:2)
This is the way of history. It is not some abberation.
It is why people seize power, or go into it in a democracy.
Re: (Score:2)
C'mon, Putin's Gulag Republic is more democratic than that, there are all his cronies which will accept payment.
Re:Of course (Score:4, Funny)
In Russia they still have the concept of "one man, one vote". Putin is the man and he has the vote.
Re:Of course (Score:4, Interesting)
Were the authorities involve in the fraud? Was it just incompetence that let Madoff steal money in spite of the authorities being regularly informed of the fraud? This was a crime that resulted in a 150 year prison sentence once it became a media sensation.
My real concern here is that given that the US and other countries house so many criminals in skyscraper office towers, some who are international criminals, is that some vigilante might decide to destroy those office towers for retaliatory or political purposes.
Re: (Score:2)
Too big to fail are the famous words your're looking for.
Re: (Score:2)
I don't think Bernie stole billions. He just told people that their accounts were worth millions when the money wasn't there to back up the account status. The money simply never existed.
With Local Lockouts in the Software (Score:3)
Re:With Local Lockouts in the Software (Score:4, Informative)
Code in huge ransomware attack written to avoid computers that use Russian, says new report [nbcnews.com]
Re: (Score:2)
Code in huge ransomware attack written to avoid computers that use Russian, says new report [nbcnews.com]
One solution is to repurpose to only attack Russian targets and use their. C&Cnetworks to distribute. Would take a state actor with resources but would get Russia’s attention.
Re:How about... (Score:5, Informative)
"we have had some terrible administrations" Like the previous one who thought of NATO as a protection racket and tried to shake down the Europeans. We also lost 4 years when we should have been changing the energy mix of the U.S. so it wasn't beholden to those nice oil industries. Didn't Dear Leader promise to bring back coal? It's a good thing he was inept and couldn't figure out how.
I give up, what corporate masters do you think Biden has? Just for the record, the gold star for grift goes to Reagan. He privatized government services so his Republican buddies could soak up the wealth. This went on for years with the Republicans screwing government, then campaigning on the platform that government doesn't work.
It reached an apotheosis with the tax cut during Dear Leader's reign. Republican automatons promised it would pay for itself as they rewarded corporate American and their wealthy contributors. It couldn't pay for itself because money was so easily borrowed that any bright idea already had enough funding. It was wasted. But we do have expanded deficits to show for it .
Re: (Score:2)
Coal in the USA was killed by cheaper, much cheaper fracked natural gas. The same way that coal was killed in the UK by cheaper North Sea gas. Even if you where to remove all the regulations on coal, natural gas would still be cheaper.
Trump was only inept if he believed he could fight those cold hard economics. The only way to bring back coal would be to pass legislation that forced companies to burn coal to generate power, and that is so anti free market that only Republicans with coal mines in there back
Re: (Score:2)
And one nominal Democrat: Joe Manchin.
Re: (Score:1)
I'm curious.
I hear these stories about how unhappy everyone is in the US at the moment, but all the numbers seem to suggest everything is about the same or slightly better than under Trump.
Is this just half (or more) of the country being in the thrall of a relentlessly negative media and/or relying on their facebook feed for information?
Cruise Missile (Score:3)
The bastards cleaned out all the medical records at my kids' pediatrician office. Even all their vaccination records. Next time I have to register them for a school, I don't know WTF I'm going to do about it.
Needless to say, I've changing providers. Likely 3/4's of their patients have a parent in IT. I hope this hurts their business enough that they'll be more careful from now on.
Re:Cruise Missile (Score:4)
Re: (Score:3)
Schools require that medical records come straight from the doctors office. I'm hoping the (new) doctor will accept the records back from the schools so my kids don't have to get all their shots over again. That happened to me when I started college and it was the sickest I've ever felt.
But, yeah, paper copies. Would have been nice if they still had a file cabinet.
Re: (Score:2)
I haven't tried to request a paper copy of mine or my child's complete medical records, but I'd be a little surprised if you could just ask for them and actually get them without either an Olympic level of effort or maybe even getting a lawyer on their case.
I'd guess that none of the systems have an easy "export to PDF" option due to security or other compliance reasons, as well as providers being unwilling to provide the information for fear of lawsuits or even losing patients to competing providers.
Remember kids, backup backup backup (Score:2)
Lack of sufficient data backup procedures sounds like the real sin here. Even without hackers there are still drive crashes and natural disasters to wipe out data.
They should deny medical facilities licenses unless they pass routine backup inspections.
Re: (Score:1)
If a HDD is about to crash it doesn't normally look around the network and find the locations that you backed up to and make sure to delete them first, but that is SOP for someone running one of these scams.
And when you said "Lack of sufficient data backup procedures" you should have emphasized "sufficient". And I can tell you, most orgs procedures are "insufficient" for what a targeted and deliberate attacker will do. To beat this sort of stuff backups need to be immutable or offline (and preferably both)
Re: (Score:2)
Medical records should be backed up to WORM LTO tapes IMHO. Good luck changing those even if the tape is still in the drive.
Re: (Score:1)
Try the procedure without meth next time.
Russia is a mafia state (Score:2)
Pedant FTW! (Score:2)
"Hide in plain sight."
You mean, "Not hiding."
Send spies to cut/spike power and damage pipes (Score:2)
...Make these ba$tards actually pay a price for once.
In the Russian Federation media they write that it (Score:2)
There is so much mutual contempt and cold hatred on both sides that I have a premonition that we are approaching an armageddon confrontation.
Perhaps, in several thousand years scientists on a planet far away in space will be asking: why there is no other intelligent life in space, no radio signals, nothing. Great silence.