Skip to content

Leaked Documents Detail Russia’s Cyberwarfare Tools, Including for OT Attacks “5 Tips for Making a Successful Career Change” “How to Effectively Navigate Your Career Transition”

The Russian IT contractor NTC Vulkan is under investigation for their possible involvement in the development of offensive hacking tools, including for the advanced persistent threat (APT) actor known as Sandworm. Documents from 2016 to 2020 suggest that the company has been contracted by the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU) for a variety of tool and training programs, as well as an intrusion platform.

Leaked documents, referred to as The Vulkan Files, were obtained by a whistleblower and analyzed by Mandiant. These documents suggest that NTC Vulkan is involved in projects to enable Russia’s cyber and information operations (IO), potentially targeting operational technology (OT) systems.

The analysis of the documents reveals three projects: Scan, Amesit, and Krystal-2B. Scan is a comprehensive tool for gathering large-scale data, while Amesit is focused on forming and manipulating public opinion. Lastly, Krystal-2B is a training platform for attacks targeting OT environments in coordination with IO components.

The documentation associated with the projects provides requirements on data collection and processing, describes capabilities available for operators, and outlines attack paths and methods to avoid identification. This suggests that Russian intelligence is specifically targeting critical infrastructure targets, such as energy, oil and gas, and water utilities and transportation systems.

The investigation into NTC Vulkan and their involvement in potentially malicious activities reveals the sophisticated tools and methods that Russia is utilizing in their cyber operations. As such, it is important for organizations to remain vigilant and knowledgeable of the latest threats and attacks in order to protect their systems and data.

Key Points:

  • NTC Vulkan is under investigation for involvement in the development of offensive hacking tools.
  • Leaked documents from 2016 to 2020 suggest that NTC Vulkan is contracted by Russian intelligence in a variety of projects.
  • Scan, Amesit, and Krystal-2B are the three projects analyzed in the documents.
  • The documentation associated with the projects reveals the targeting of critical infrastructure systems.
  • Organizations should remain vigilant and knowledgeable of the latest threats and attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *