Tag Archives: hacking by Russia Foreign Intelligence Service

The Role of Telegram in the Russia-Ukraine War

Leave a reply

Russian authorities have reacted with unusual fury to the arrest of Telegram founder Pavel Durov by French authorities on August 2024. Telegram is more than a mere social-media app to Moscow. Russian soldiers and spies depend on it for battlefield communications, including the guidance of artillery, the coordination of movements and intelligence gathering. “Many are joking that the arrest of Pavel Durov is essentially the arrest of the chief signals officer of the Russian armed forces,” said Aleksey Rogozin, a Russian parliament adviser and former senior military industry executive.

“As wild as it sounds, the transmission of intelligence, the targeting of artillery, the broadcasting of drone feeds and many other things are currently very frequently done via Telegram,” Rogozin said on Telegram… 

Both the Russian and the Ukrainian militaries started relying on commercial platforms. While the Ukrainians prefer Western providers such as Signal or Discord, the Russians chose Telegram because it is based in the United Arab Emirates, which maintains good relations with Moscow. They think the app is more impervious to Western signals intelligence.

Russian volunteers who supply drones, night-vision scopes, vehicles and other aid to military units operate almost exclusively through Telegram. The service also has offered a lucrative social-media platform to Russian war propagandists, with millions of subscribers, who work in close cooperation with the Russian Ministry of Defense.

“The detention of Durov, by itself, wouldn’t have necessarily caused such a resonance in Russia, except for one circumstance. De facto, it is the main messenger of this war, an alternative to the classified military network,” Andrey Medvedev, a correspondent for Russian state TV and a deputy chair of the Moscow city council, wrote on Telegram…

The Russian government has reacted to Durov’s detention in France with far more outrage and fury than would be expected given the circumstances of the entrepreneur’s departure from Russia in 2014…The director of Russia’s SVR external intelligence service, Sergey Naryshkin, said recently that he expects Durov not to share with French and other Western governments any information that would harm the Russian state. “I very much count on him not to allow it,” the Russian spymaster said in an interview with TASS news agency.

Excerpt from Yaroslav Trofimov, Telegram Arrest Sows Russian War Worries, WSJ, Aug. 31, 2024

How Russia Invaded Microsoft

Leave a reply

Microsoft  said in March 2024 a Russian state-sponsored hacking group that stole information from its senior leadership team is still using that information to gain unauthorized access to its internal systems. The technology company disclosed in January  2024 that the group, which it has identified as Midnight Blizzard, had extracted information from a small percentage of employee email accounts, including members of its senior leadership team and employees in its cybersecurity and legal teams. Since that disclosure, the group has used that information to gain access to Microsoft’s source code repositories and internal systems. The volume of some aspects of the attack, including password sprays, jumped 10-fold in February compared with the already large volume Microsoft encountered in January, it said.

“Midnight Blizzard’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus,” Microsoft said. The company said that its investigations of Midnight Blizzard activities are continuing and that it is coordinating efforts with federal law enforcement. In a blog post last August 2023, Microsoft said it had detected Midnight Blizzard, previously known as Nobelium, launching targeted social-engineering attacks that used Microsoft Teams chats to phish for credentials. The former Nobelium group has been linked by U.S. authorities to the Foreign Intelligence Service of the Russian Federation and is known for its involvement in the massive SolarWinds hack of 2020.

Excerpts from Dean Seal, Microsoft Says Russian-Sponsored Hackers Still Using Stolen Information, WSJ, Mar. 9, 2024