Wednesday, February 1, 2017

Russia: A Suspicious Death and Three Cyber Arrests Point to a New Twist in the US Election Hack

From Defense One:
Some wonder why the Kremlin wanted this news out. Others called it 'too big not to leak.’ 
In the eerie world of international espionage, nothing of late has topped the official US accusation that Russian president Vladimir Putin plotted to put US president Donald Trump in power. Now, the tale has become even more salacious with the reported arrest of three Russian cyber experts, one of whom was perp-walked out of a meeting with a bag over his head, and the suspicious death of a former KGB general.

Russia experts say the episode suggests a possible purge related to the US election hack. In a twist of Kremlinology, others say Putin may only be pretending to have arrested and killed cyber operatives. Or, say still others, neither observation may be true. “Can we really trust Russian news?” asks Dave Aitel, a former analyst with the US National Security Agency, and now CEO of Immunity, a cyber intrusion protection firm.

The story of the arrests appears to have broken at the Russian newspaper Kommersant on Jan. 25. The paper reported (link in Russian) the arrests of Sergei Mikhailov, who heads the Center for Information Security, an arm of the Russian intelligence agency known by the acronym FSB; and Ruslan Stoyanov, a senior researcher with Kaspersky Lab, the computer security company.

Both men were last seen the first week of December. The independent newspaper Novaya Gazeta reported that (Russian), in a Stalin-style touch, a bag was suddenly thrown over Mikhailov’s head during a meeting of fellow intelligence officers, and he was led out. Mikhailov has not been seen since. The third arrest was of Dmitry Dokuchayev, a hacker known by the name “Forb.”

In all three cases, the charge is treason, according to Russian news accounts.

From here, the story gets hazy. One way or another, the arrests—according to the Russian media accounts—are linked to the country’s hacking of the US election. One suggestion is that those arrested are among the sources that led US intelligence agencies to conclude categorically that Russia hacked the election, that Putin ordered the hack, and that the objective was to help Trump....MORE 
"Mystery death of ex-KGB chief linked to MI6 spy's dossier on Donald Trump"

See also the Financial Times:

Top FSB cyber agents linked to suspected CIA spy ring
Reports of treason charges shed light on murky world of Russian hacking

Soon after two top Russian cyber crime officers vanished late last year, the rumours began to spread.
One newspaper reported that Sergei Mikhailov, head of cyber security at the FSB, the KGB’s successor agency, was abruptly escorted from a meeting with a dark bag over his head. A far-right website suggested that Mr Mikhailov had been plotting to overthrow Russian president Vladimir Putin.

In the past few days, a flurry of news reports has suggested Mr Mikhailov and Dmitry Dokuchaev, his deputy, have been arrested and face charges of treason for passing information to the CIA. If found guilty, they could face jail sentences of up to 20 years. Two other men from outside the agency, including a senior official at Kaspersky Lab, the cyber company, have been arrested.

Trials for treason are held in secret and the FSB rarely comments on them. This makes details of the case difficult to confirm. But detailed clandestine security briefings to the press have shed light on Russia’s murky hacking underworld, including the shadowy Shaltai-Boltai outfit, named after the Humpty Dumpty character in the Russian translation of Alice in Wonderland.

“The issue here is that people from a very responsible agency — the FSB — were playing games with information, ” said Gleb Pavlovsky, a former Kremlin spin doctor. “From what’s been published, it seems believable.”
The charges follow US accusations that Russian intelligence hacked Democratic party servers last year. While there is no direct link between those accusations and the latest arrests, Russian media say the FSB investigation into the two men began after ThreatConnect, a US cyber security company, alleged that hackers used King Servers, an internet hosting company, to attack US state election rolls. The business partner of the owner of King Servers has long accused Mr Mikhailov of working for the FBI.

This is believed to have prompted the investigation into Mr Mikhailov and Mr Dokuchaev, a former hacker known as “Forb” who joined the secret services to avoid prison, according to the Interfax news agency. The men were arrested as part of a wider-reaching investigation into a group that, according to the Interfax report, conducted cyber attacks, stole private information from people close to the Kremlin, and worked as sources for US intelligence....MUCH MORE