Filed under Vlad’s Glad…ah ha ha
Russian spies claim they can now collect crypto keys—but don’t say how
Putin gave KGB’s successor agency two weeks to deal with encrypted services.
ArsTechnica: Russia’s intelligence agency the FSB, successor to the KGB, has posted a notice on its website claiming that it now has the ability to collect crypto keys for Internet services that use encryption. This meets a two-week deadline given by Vladimir Putin to the FSB to develop such a capability. However, no details have been provided of how the FSB is able to do this.
The FSB’s announcement follows the passage of Russia’s wide-ranging surveillance law, which calls for metadata and content to be stored for six months, plus access to encrypted services, as Ars reported back in June.
The new capability seems to go even further, since the FSB notice (in Russian) speaks of obtaining the “information necessary for decoding the electronic messaging received, sent, delivered, and (or) processed by users of the ‘Internet’ network.”
Being able to decode Internet communications would seem to imply getting hold of any crypto keys that are used. However, as an article on The Daily Dot points out, it is still not clear what the new laws will require: “No one seems to know what this new law means in the slightest. Or, more accurately, the people who do know are keeping mum.”
Three of the services that are likely to be most affected by the new requirements are Facebook’s WhatsApp, Telegram, and Viber. Ars has asked all three for clarification on what the Russian authorities have asked for, and what information the companies are or will be providing, but has not yet received any reply. This post will be updated with responses when they are received.
Related reading: Is the U.S. Hacking Back? Uh Huh
The Daily Dot quotes Russian technologist Anton Nesterov as saying that it’s not even clear whether the new legislation applies to VPNs or basic SSL keys, nor whether mainstream electronic payment systems must hand over their keys as a matter of routine.
Nesterov also points out the dangers involved in providing this information, not least because leaks of such valuable data are always a risk.
*****
In part from CSO: Networks at some 20 organizations in Russia — including scientific and military institutions, defense contractors, and public authorities — were found to be infected with the malware, the Russian Federal Security Service (FSB) said Saturday. The range of infected sites suggests that the targets were deliberately selected as part of a cyber-espionage operation, the FSB said.
Analysis of the attack showed that filenames, parameters and infection methods used in the malware are similar to those involved in other high-profile cyber-espionage operations around the world.
The software was adapted to the characteristics of each PC targeted, and delivered in a malicious email attachment, the FSB said.
Once installed, it downloaded additional modules to perform tasks such as monitoring network traffic, capturing and transmitting screenshots and keystroke logs, or recording audio and video using the PC’s microphone and webcam.
The FSB is working with ministries and other government agencies to identify all the victims of the malware, and to limit its effects, it said.
Russia is said to be the source, not the target, of another government-related cyber-attack. Last week, evidence emerged suggesting Russian involvement in an attack on computers at the Democratic National Committee, where recent data leaks have tarnished the campaign of presidential candidate Hillary Clinton.
