Actions in response to malicious Russian cyberactivist and hostile acts

The white house
Press service
For immediate release

HELP: Actions in response to malicious Russian cyberactivist and hostile acts

Today President Obama has approved a series of measures in response to the aggressive persecution by the Russian government by us officials on cyber operations, the purpose of which was elections in the US in 2016. Russian cyberactivist was intended to affect elections, to weaken the faith in the democratic institutions of the United States, to sow doubt in the integrity of our electoral process and undermine the credibility of the public authorities. Such actions are unacceptable and intolerable.

Sanctions for malicious Russian cyberactivist

In response to threats to U.S. national security arising from Russia’s intervention in our elections, the President approved amendments to its Executive order 13964. This Executive order, issued in April 2015, gave the American government a new specific powers for a more effective response to the most significant cyber threats, especially in situations where malevolent forces in cyberspace out of reach for the current government. Initially, the Executive order was aimed primarily against the malicious activities that:

— damages or seriously interferes with the provision of services by the organizations in the critical infrastructure sector;

— materially disrupts the operation of computers or computer networks (e.g., through DDoS attacks);

it causes the misappropriation of funds or economic resources, trade secrets, personal identifiers and financial information for the purpose of receiving commercial or competitive advantage and personal financial gain (e.g., by stealing a large amount of information from credit cards, trade secrets or proprietary data).

Increased use cybersect to undermine democratic processes at home and abroad, by the activities of Russia in recent times have clearly demonstrated the justification of the use of tools that help to thwart attempts to interfere in the elections. In this regard, the President approved amendments to the Executive order 13964 and imposed sanctions against those who:

— manipulates, makes changes or contributes to the misappropriation of information in order to influence, interfere with or undermine the electoral process and the work of the authorities.

These new amendments, the President imposed sanctions against nine legal entities and physical persons: two Russian secret services (GRU and FSB), four officers of the GRU and the three companies that provided material support GRU in cyber operations.

— Main intelligence Directorate (GRU) involved in the collection of information by operational staff of the human intelligence through a variety of means. It is subject to sanctions for something that is manipulated, changed and contributed to the misappropriation of information in order to influence, interfere with or undermine the electoral process in the United States in 2016.

— The Federal security service (FSB) helped GRU in carrying out the above activities.

Three other organizations that the Center “Special technologies”, Saint-Petersburg, who assisted the GRU operations of electronic intelligence, company Zorsecurity (“Digital information security”, she Esage Lab), which helped GRU technical research and development, as well as the Autonomous nonprofit organization “Professional Association of designers of data processing systems” (ANO PO KSI), which provided specialized training for the GRU.

— In the list included the head of the GRU Igor V. Korobov, Deputy head of the GRU Sergey Lizunov, first Deputy head of the GRU Igor Kostyukov O. and the first Deputy head of the GRU Vladimir S. Alekseev.

In addition, the Ministry of Finance made the list of Evgeny Bogachev and Alexei Belan in accordance with the previously approved part of the Executive order for the use of cyber means for the purpose of misappropriation of funds and personal data.

— Evgeniy Mikhailovich Bogachev included in the list for involvement in malicious misappropriation with cybersect large volumes of financial information for personal gain. Bogachev and his accomplices on cybercrime are responsible for stealing more than a hundred million dollars from American financial institutions, firms, Fortune 500, universities and government departments.

— Aleksey Alekseyevich Belan involved in malicious misappropriation with cybersect personal identifiers of information with a view of personal enrichment. Belan hacked into computer networks of at least three major American companies of electronic Commerce.

A response to the aggressive pursuit of American employees

Over the past two years Russia has significantly intensified the persecution and hostile actions against the employees of our diplomatic institutions from the security services and the police that go far beyond international diplomatic norms. Other Western embassies are expressing similar concerns. In response to these actions the President ordered to take the following measures:

— Today the state Department announced “persona non grata” 35 employees of the Russian Embassy in Washington and the Russian Consulate in San Francisco. They did not act in accordance with his diplomatic status. These individuals and their families ordered to leave the U.S. within 72 hours.

— In addition, the state Department has notified that from Friday afternoon on December 30 Russians denied entry in two of the residential complex belonging to the Russian state, one in Maryland and one in new York.

Informing about malicious Russian cyberactivist

The Department of homeland security and the Federal Bureau of investigation publish a joint analytical report, containing unclassified technical information on malicious cyber activities of the Russian civilian and military intelligence services. This is done in order to help organizations to protect computer networks in the U.S. and abroad to identify, detect and disrupt malicious cyber actions of Russia in the framework of its global campaign.

— The report contains information about the computers in the different countries of the world that Russian secret services used without the knowledge of their owners, carrying out their malicious activities so that the impact did not lead to Russia. In some cases, the cyber security community knew about this infrastructure; in other respects this new information declassified by the us government.

— The report also includes information that allows the firms cyber security and other defenders of computer networks to detect certain malware, which are used by the Russian intelligence services. Advocates can use this information to identify and block the Russian malware, forcing Russian special services establish new such programs. This new information declassified just.

— Finally, the report includes information on how Russian intelligence agencies usually carry out their operations. This information will help the defenders more effective networking to identify new tactics and methods of work of malevolent forces, as well as to detect and thwart intrusion attempts.

This information will help defenders of networks to take concrete steps, often helping block new actions and frustrate ongoing hacking attempts of the Russian special services. The Department of homeland security and the FBI are calling the security company, their owners and operators from the private sector to use information from a joint analytical report on the characteristics of attacks to implement pre-emptive action to protect networks and blocking malicious cyberwoman even before they start. DHS has included these characteristics in your service automated mailing.

Cyber threats are one of the most serious challenges to the economy and national security of the United States. The past eight years, the current administration is implementing a comprehensive strategy to counter these threats. Their current actions we are demonstrating a firm intention to continue to use the full range of powers and tools, including diplomatic contacts, to protect US national security and to counter threats from malevolent forces in cyberspace, regardless of their country of origin.