Home Security US sanctions Russian firms, individuals over cyber attacks
US sanctions Russian firms, individuals over cyber attacks Featured

The United States Treasury has imposed sanctions on three Russian individuals and five Russian companies, claiming they have assisted the military and intelligence services in Moscow to conduct cyber attacks against Washington and its allies.

One Russian company which the US has pushed out of public sector business in the country, Kaspersky Lab, was not among those named.

The five companies named on Monday are Digital Security, ERPScan, Kvant Scientific Research Institute, Divetechnoservice and Embedi. The three individuals named — Aleksandr Lvovich Tribun, Oleg Sergeyevich Chirikov and Vladimir Yakovlevich Kaganskiy — were all linked to Divetechnoservice.

US Treasury Secretary Steve Mnuchin said Washington was working to "counter malicious actors working at the behest of the Russian Federation and its military and intelligence units to increase Russia’s offensive cyber capabilities".

"The entities designated today have directly contributed to improving Russia’s cyber and underwater capabilities through their work with the FSB and therefore jeopardise the safety and security of the United States and our allies.”

Last year, Embedi published details of the Equation Editor bug which existed in all versions of Microsoft Office, leading the complete removal of the feature by Microsoft as a mitigation. The company has investigated vulnerabilities in a range of products.

Embedi spokesman Alex Kruglov told iTWire that being singled out in this manner was an unpleasant surprise.

"We think that the only thing US Home Treasury has on us is that part of our team is indeed former Digital Security employees. But for now we have no connections with Russia," he said in response to iTWire's request for comment.

Kruglov, the head of marketing for Embedi, said: "We worked with US vendors a lot on improving their product security. You can find acknowledgements from different vendors (Microsoft CVE-2017-11882, Intel CVE-2017-5689, CVE-2017-5721, CVE-2017-5722, Cisco CVE-2018-0171, Symantec CVE-2018-5234, Schneider Electric CVE-2017-9968, CVE-2017-9969 – with IOActive).

"Right we reported some vulnerabilities found to Intel, Nvidia, Marvell, Moxa, NCR, Wincor, IBHsoftec GmbH, Lantronix and others. We are not completely sure what should we do next."

The sanctions mean that all property owned by these individuals and companies within US jurisdiction is blocked. Additionally, American citizens cannot have dealings with them.

Mnuchin claimed that examples of Russia's "malign and destabilising cyber activities include the destructive NotPetya cyber attack; cyber intrusions against the US energy grid to potentially enable future offensive operations; and global compromises of network infrastructure devices, including routers and switches, also to potentially enable disruptive cyber-attacks".

This is the third round of sanctions against Russian entities and individuals. In December 2016, the Obama administration sanctioned the FSB, claiming the Russian Government had harassed American officials and also undertaken offensive operations against the 2016 presidential elections.

In March, additional sanctions were imposed against 19 individuals and five entities allied to Russian intelligence services.

A special counsel, Robert Mueller, is investigating whether the campaign of President Donald Trump colluded with Russia during the elections.


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.


Popular News




Sponsored News