The Russian intelligence agency’s cyberwar plans were made public in recent hours as a result of a significant leak that is coming to be known as the “Vulkan Files” in foreign media.
According to reports, a significant defense contractor with headquarters in Moscow is obedient to President Putin and is capable of launching cyberattacks, sowing disinformation, and advancing against certain targets in the United States and Europe using a hacking army.
The documents, which were made public on Thursday by the American newspaper The Washington Post, describe a number of software applications and databases that Russian intelligence agencies and hacker groups might use to better identify weaknesses, plan assaults, and keep track of internet activities.
The accusations go so far as to say that the corporations engaged backed operations that involved spreading false material on social media and practicing how to remotely disrupt real-world targets like air traffic, rail, and maritime control systems.
It appears that a source outraged about the Russian war on Ukraine as a result of the Kremlin’s decisions revealed the contractor’s documents, NTC Vulcan, to a German journalist.
According to The Washington Post, officials from five Western intelligence organizations and a number of independent cybersecurity firms have so far verified the documents’ authenticity.
While the records mention testing and payment for work done by Vulkan for the Russian security services and several related research institutes, these authorities and experts were unable to locate concrete evidence that the systems were deployed by Russia or utilized in specific hacks.
Describe NTC Vulkan.
The controversial Russian corporation NTC Vulkan, also known as the Scientific and Research Center “Vulkan,” which was implicated in the current leak, is primarily focused on developing cutting-edge technologies for the aerospace, defense, and military industries.
The creation of systems and parts for rockets, jet engines, drones, navigational devices, and control systems is a specialty of NTC Vulkan. Additionally, the business does research and development in fields like laser technology, materials science, and nanotechnology.
Having worked on various projects for the Russian government as well as other domestic and international clients, NTC Vulkan has a wealth of experience in the research and development of cutting-edge technology. The business is also heavily involved in the export of Russian defense technology.
The secret corporate operations of Russia’s military and spy services, notably the activity of the government hacking firm Sandworm, are among the characters in the cyberwar scheme that directly involves that country.
US authorities said that Russian cybercriminals were responsible for two blackouts in Ukraine, the 2018 Winter Olympics’ opening ceremony, and the release of NotPetya, the most economically devastating malware ever.
Sandworm’s military intelligence unit number identification 74455 is mentioned in one of the exposed documents, which may indicate that Vulkan was developing software for the specialized hacking team to use. The 2019 document was unsigned and 11 pages long. It revealed a business official who had approved the platform’s data transfer protocol.
The person who gave the German journalist the documents immediately after the invasion of Ukraine claimed, “The firm is doing evil thingsand the Russian government is cowardly and wrong.”
An unnamed source, who communicated with the writer using an encrypted chat program, declined to give his name before the conversation was over, explaining that he needed to vanish “like a ghost” for security reasons.
Source: “I hope they can utilize this material to illustrate what happens behind closed doors. I am upset about the invasion of the Ukraine and the horrific things that are happening there.”
What is reported about the Vulkan Files
The document, which contains manuals, technical specification sheets, and other information about the software that Vulkan created for the Russian military and intelligence establishment, includes more than 5,000 pages and is dated between 2016 and 2021, according to the publication.
A portion of Russia’s cyber operations are also exposed, including programs to create phony social media pages and software that can find and store lists of vulnerabilities in computer systems around the world for potential future targets. It also exposes internal company emails, financial records, and contracts.
The Swiss Foreign Ministry and a nuclear power facility are only two examples of prospective hacking targets shown in several Amezit user interface concepts. Another file displays a map of the United States with circles denoting internet server groups.
A point location in the US called “Fairfield” is mentioned as a site to locate network vulnerabilities to employ in an attack in an illustration of the Vulkan platform referred to as Sounds.
Another document, meanwhile, outlines a “user scenario” in which hacking teams locate vulnerable routers in North Korea, purportedly for use in a prospective cyberattack.
However, the questioned files do not contain any proof connecting the projects to well-known cyberattacks, malicious software code, or lists of verified targets.