Hackers are increasingly penetrating the Russian government's IT infrastructure for the purpose of illegally mining cryptocurrencies, a law enforcement-affiliated expert said at a conference on Thursday.
Two hypotheses compared on the activity of hackers in Russia
According to Nikolai Murashov, deputy director of the National Coordination Center for Computer Incidents, hackers are actively exploiting the IT infrastructure of Russian government agencies, defense agencies, medical institutions and research institutes to mine cryptocurrencies.
Murashov talked about it during his speech at the Infoforum conference in Moscow, although he did not provide specific details about these attacks, the TASS news agency reported. At the same time, researchers from cybersecurity firm Group-IB say crypto mining is actually one of the least popular ways for hackers to raise funds, both globally and in Russia specifically.
According to Group-IB's “Hi-Tech Crime Trends 2020-2021” report, published last November, the biggest cyber security threat to businesses is malware encryption.
“Even those hacker groups that previously attacked banks by stealing money through targeted action on credit cards, ATMs and SWIFTs are now using encrypted malware,” IB Group spokesman Pavel Sedakov said.
Getting large amounts of money right away seems to be a more attractive tactic than waiting for the mining software to mine a significant number of cryptocurrencies, he said.
Furthermore, hackers have now increased the value of ransom demands on victims, both to decrypt the data and not publish it online. Sometimes, it's the same government employees who abuse computer access at work to mine cryptocurrencies.
Previous
Murashov said that, in December 2019, two Russian citizens were tried for using the government's IT infrastructure, including a municipal water utility company, to mine cryptocurrencies (instead of buy Bitcoins).
Also in 2019, several employees of the Russian Scientific Research Institute of Experimental Physics in Sarov were sentenced to pay fines and imprisonment for mining on the computers of a nuclear research laboratory.
Everything related to cryptography in Russia falls under the supervision of the Federal Security Service, or FSB, which is the successor to the KGB. The National Cyber Incident Coordination Center was created by the FSB in 2018 to manage the security of the infrastructure underpinning the crucial issues for the Russian government.
FSB is also overseeing everything related to cryptography used by government entities in Russia, including the use of cryptography by blockchain projects run by private companies.
