BERN, Switzerland (AN) — A data leak from an international consortium of news organizations offers insight into Russia’s intelligence agencies and hacking groups, and names two potential hacking targets in Switzerland.
Russian intelligence and defense contractor NTC Vulkan sought ways to launch cyberattacks and spread disinformation, according to the Vulkan Files published Thursday by the international news consortium.
Switzerland's Federal Department of Foreign Affairs and Mühleberg Nuclear Power Plant appear as examples of possible hacking targets among the 1,000 secret documents containing more than 5,000 pages from 2016 to 2021.
Led by Germany's Paper Trail Media and Der Spiegel, the news outlets revealed highly technical, corporate documents that suggest the defense contractor had roles in social media disinformation and cyber training to disrupt other nations' airports, power plants and other critical infrastructure.
The #VulkanFiles: @derspiegel @ZDFfrontal @derStandardat @tagesanzeiger @SZ @lemondefr @istories_media @DRNyheder @washingtonpost @guardian @paper_trail_m investigated Russia's cyberwarfare-plans and the role of a mysterious company called NTC Vulkan https://t.co/RYEppbZ6ON pic.twitter.com/52Kb1ttRvj
— Frederik Obermaier (@f_obermaier) March 30, 2023
Wide-ranging plans for cyber warfare
A German reporter for Süddeutsche Zeitung first obtained the documents, all in Russian, from an anonymous person who expressed outrage about Russia’s full-scale invasion of Ukraine on Feb. 24, 2022. Later the source shared the documents with Der Spiegel, and the news consortium expanded to more countries.
Vulkan and the Kremlin were given several opportunities to comment, but they declined to respond, Der Spiegel reported, adding there were "no obvious reasons to doubt the conclusions reached by the investigative team" and five Western intelligence agencies confirmed the authenticity of the documents.
"Vulkan appears to be part of the opaque military-industrial complex in which Russian intelligence agencies work closely together with more than 40 private IT companies," it reported. "One of their goals is that of developing highly effective cyberweapons that can be used against all those that the Kremlin has identified as Russia’s enemies. Especially, of course, in the West."
The documents include emails, financial records and contracts along with manuals, technical specifications and software details that Vulkan designed for Russia's military and intelligence agencies, The Washington Post reported.
They included programs to create fake social media pages and software to identify and list computer vulnerabilities around the world for possible hacking targets. One project, called "Amezit," showed examples of the two apparent targets in Switzerland, while another had a map of internet servers in the United States.
In 2018, Dutch authorities arrested and expelled two suspected Russian spies for allegedly trying to hack the Spiez Laboratory, one of the world's top facilities for researching highly infectious pathogens and toxins. It analyzed the nerve agent used to poison former Russian spy Sergei Skripal and his daughter in Britain.
