Ukraine conflict spilling over into cyber-crime, warns former spy boss

Russian spooks are arming crooks, says Canadian ex-agent


Infiltrate Russian intelligence has begun sharing advanced malware developed for cyber-espionage with cyber-criminals, a former Canadian spy boss warns.

Ray Boisvert, former assistant director and head of intelligence for the Canadian Security Intelligence Service (CSIS), told El Reg that Russian security agencies are sharing advanced hacking tools and malware with organised crime gangs.

Worsening relations between the West and Russia over Ukraine have provoked the change.

"Russian nationalism and organised crime are being assisted by Russian state security," Boisvert told El Reg. "The red lines have gone because of Ukraine. Organised crime is being told they can disrupt Western interests."

Boisvert is due to deliver the opening keynote, entitled Abyss or Turning Point: Strategy, Skills and Tradecraft in the Age of 21st Century Warfare at the Infiltrate security conference in Miami Beach on Thursday April 16.

The former spy boss (who describes himself as an expert in threat, rather than technology) told El Reg that the trust model of the internet is broken. Part of the reason is that "IT security is sub-divided, outsourced or ignored", while at the same time more and more countries are getting involved in cyber-espionage. In addition, the sophistication of other threat actors, such as “hacktivists and terrorist entities, is growing”, he added.

"Hijacks were a manageable cost for the airline industry – until about the late 1980s where they began destroy aircraft after the highjacking – and certainly prior to 9/11 but not after," according to Boisvert, who argues that cyber-security may be on the brink of a comparable abyss.

Boisvert agrees with estimates from Eric Rosenbach, US assistant secretary of defence for Homeland Defense and Global Security, that up to 60 nations are engaged in cyber-espionage associated with the development of so-called APT (advanced persistent threat) style attacks. "Even Hezbollah has an intel capability," Boisvert noted.

"Cyber is a weapon of war," Boisvert said. "The Nasdaq and Home Depot hacks are examples of this."

Cyber-attacks are a "soft, scalable tool" during conflicts, according to Boisvert, who added that "difficulties in attribution mean that cyber-attacks can be done in stealth".

The former spy (profile here) recently founded I-Sec Integrated Strategies (ISECIS), which advises clients in a variety of industries, including insurance to transportation, on security and intelligence matters.

Bootnote

CSIS is Canada's lead agency on national security. Its officers operate nationally and internationally. The organisation works alongside Canada's Communications Security Establishment (a member of the Five Eyes alliance, alongside GCHQ and the NSA).


Other stories you might like

  • SpaceX Starlink sat streaks now present in nearly a fifth of all astronomical images snapped by Caltech telescope

    Annoying, maybe – but totally ruining this science, maybe not

    SpaceX’s Starlink satellites appear in about a fifth of all images snapped by the Zwicky Transient Facility (ZTF), a camera attached to the Samuel Oschin Telescope in California, which is used by astronomers to study supernovae, gamma ray bursts, asteroids, and suchlike.

    A study led by Przemek Mróz, a former postdoctoral scholar at the California Institute of Technology (Caltech) and now a researcher at the University of Warsaw in Poland, analysed the current and future effects of Starlink satellites on the ZTF. The telescope and camera are housed at the Palomar Observatory, which is operated by Caltech.

    The team of astronomers found 5,301 streaks leftover from the moving satellites in images taken by the instrument between November 2019 and September 2021, according to their paper on the subject, published in the Astrophysical Journal Letters this week.

    Continue reading
  • AI tool finds hundreds of genes related to human motor neuron disease

    Breakthrough could lead to development of drugs to target illness

    A machine-learning algorithm has helped scientists find 690 human genes associated with a higher risk of developing motor neuron disease, according to research published in Cell this week.

    Neuronal cells in the central nervous system and brain break down and die in people with motor neuron disease, like amyotrophic lateral sclerosis (ALS) more commonly known as Lou Gehrig's disease, named after the baseball player who developed it. They lose control over their bodies, and as the disease progresses patients become completely paralyzed. There is currently no verified cure for ALS.

    Motor neuron disease typically affects people in old age and its causes are unknown. Johnathan Cooper-Knock, a clinical lecturer at the University of Sheffield in England and leader of Project MinE, an ambitious effort to perform whole genome sequencing of ALS, believes that understanding how genes affect cellular function could help scientists develop new drugs to treat the disease.

    Continue reading
  • Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

    Exploit, vulnerability discussion online can offer useful signals

    Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.

    Better still is prioritizing the repair of vulnerabilities for which exploit code is available, if that information is known.

    CVSS is a framework for rating the severity of software vulnerabilities (identified using CVE, or Common Vulnerability Enumeration, numbers), on a scale from 1 (least severe) to 10 (most severe). It's overseen by First.org, a US-based, non-profit computer security organization.

    Continue reading

Biting the hand that feeds IT © 1998–2022