The plans of the
Russian intelligence agency
in cyberwar have been exposed in the last few hours from a large leak that is becoming known as the
"Vulkan Files"
in the international media.
Reports point to a
major Moscow - based defense contractor
reporting to
Vladimir Putin
with the ability to launch
cyberattacks
,
sow disinformation
and ram
targeted targets
in the US and Europe through an
army of hackers
.
The documents detail
a set of software and databases
that would allow Russian intelligence agencies and hacker groups to better find vulnerabilities, coordinate attacks, and monitor online activity, the documents The Washington
Post
published Thursday .
The reports even give details that the companies involved supported operations that included both disinformation from social networks and training to
remotely disrupt real-world targets
, such as maritime, air and rail control systems.
Putin seeks to control the speech that circulates on the internet in the wake of the war in Ukraine.
(Photo: EFE)
A source reportedly provided the documents of the contractor,
NTC Vulkan
, to a German journalist after expressing outrage over
Russia's attack on Ukraine
, as a consequence of decisions made by the Kremlin.
So far, officials from five Western intelligence agencies and several independent cybersecurity companies
say the documents are authentic
, according to
The Washington Post
.
On the other hand, these officials and experts were unable to find definitive proof that the systems were deployed by Russia or used in specific cyberattacks, but the documents describe
testing and payments for work done by Vulkan
for Russian security services. and various associated research institutes.
What is NTC Vulkan?
The disputed Russian company NTC Vulkan involved in the recent leak, which is also known as the
"Vulkan" Scientific and Research Center
, is mainly engaged in the
development of advanced technologies
for the
aerospace, military and defense industries
.
NTC Vulkan's areas of expertise include the design of systems and components for rockets, jet engines, drones, navigation equipment, and control systems.
The company is also engaged in research and development in areas such as nanotechnology, materials science, and laser technology.
NTC Vulkan has extensive experience in research and development of advanced technologies, and has been involved in
numerous projects for the Russian government and other national and international clients
.
The company also has a significant presence in the export of Russian defense technology.
The cyberwar plot directly involving Russia has several protagonists: the secret corporate dealings of Russia's military and spy agencies, including the work of the government hacking group
Sandworm
.
US authorities accused Russian cybercriminals of causing two blackouts in Ukraine, disrupting the opening ceremonies of the 2018 Winter Olympics, and launching
NotPetya
, the most financially destructive malware in history.
One of the leaked documents mentions Sandworm's military intelligence unit number designation 74455, suggesting that Vulkan was preparing software for the elite hacking squad to use.
The unsigned 11-page document, dated 2019, exposed a company official in approving the data transfer protocol for one of the platforms.
“
The company is doing bad things
, and the Russian government is cowardly and wrong,” said the person who handed over the documents to the German journalist shortly after the invasion of Ukraine.
This anonymous source, who spoke with the journalist through an encrypted chat application, refused to identify himself before ending contact, stating the need to
disappear "like a ghost"
for security reasons.
“
I am angry about the invasion of Ukraine and the terrible things that are happening there
,” the source admitted.
"I hope they can use this information to show what happens behind closed doors."
Vulkan Files: what the report says
(Photo: Pexels)
According to the publication, the document dated between 2016 and 2021 has
more than 5,000 pages
.
Its contents include manuals, technical specification sheets, and other details of the software that Vulkan designed for the Russian military and intelligence establishment.
It also reveals
internal company emails
, financial records and contracts that expose part of Russia's cyber operations.
This includes programs to create
fake social media pages
and software that can identify and store lists of vulnerabilities in computer systems around the world for potential future targets.
Also, various UI prototypes for a
project known as Amezit
that represent examples of potential hacking targets, including the Swiss Ministry of Foreign Affairs and a Swiss nuclear power plant.
Another file shows a map of the United States with circles indicating
groups of Internet servers
.
An illustration of a Vulkan platform called
Skan
references a point location in the US, labeled "Fairfield", as a place to find network vulnerabilities to use in an attack.
Meanwhile, another document directly describes a "user scenario" in which hacking teams will identify insecure routers in North Korea, ostensibly for potential use in a cyberattack.
However, the files in question
do not include verified target lists
, malware code, or evidence linking the projects to known cyberattacks.
SL
look too
Russia-Ukraine cyberwar: on whose side are the gangs that hack from websites to service stations?
The Russia-Ukraine war increased cyberattacks worldwide: 17% more in Latin America