Russian Information Security Training for 2010 and Beyond: What you need to know

Last Updated on Thursday, 11 February 2010 08:25 Written by Jeffreycarr Thursday, 11 February 2010 02:53

Information Security standards are published by the Russian Federation Ministry of Science and Education based on curriculum developed by a scientific advisory board chaired by the Federal Security Service (FSB) that includes government and academic members. This report identifies the following key areas:

• Scientific Advisory Board Information Security Training (specialty 090103)
• Additional Members based on Specialty (090303)
• History of Russian IT Security Training (Post World War II)
• Specialty 090103 Training Requirements
• Original Scientific Advisory Board Information Security Training
• Information Security Specialties
• Sub-specialties 090303 Information Security of Telecommunications

This report (.pdf) is a unique study in current Russian Information Security requirements for 2010. It consists of 7 pages with a word count of 1630 plus two tables, and has been prepared by a career Russian intelligence analyst (retired). Contact me with any questions or after you have made the purchase to arrange for a delivery email address.

Cost: $175.00

Social Web OPSEC Training for DoD/IC Employees and Contractors just became more critical

Last Updated on Monday, 5 October 2009 07:06 Written by Jeffreycarr Monday, 5 October 2009 07:06

Last week’s news that Russian Security Services can demand user info from foreign-owned Internet Service Providers when matters of RF national security are involved has changed the game for U.S. government employees who use Social Software services (Facebook, MySpace, Twitter, etc.).

As if to underscore the risks and the value of the Social Web to governments, President Medvedev admits to worrying about foreign ownership of Russia’s very profitable Internet companies.

Foreign investment in search engines and social networks is “inevitable,” Mr. Medvedev told leaders of the ruling United Russia party at a meeting Wednesday. “But on the other hand — don’t let my words be seen as too conservative — we need to watch this, because these are questions of security,” he said.

The Communications Ministry is working up “security criteria” to determine where foreign ownership might be restricted, a spokeswoman said Thursday. Russian law already requires government permission for significant foreign investment in publications with daily circulation over one million. Several major Russian sites have larger audiences, she said.

In the meantime, Yuri Milner’s Digital Sky Technologies has just acquired another $100 million dollars of ex-Facebook employees stock bringing DST ownership of Facebook up to 5%.

Today’s issue of IntelFusion FLASH Traffic has an indepth analysis of this emerging threat for U.S. DoD and IC employees on the Social Web. OPSEC training in the safe use of Facebook and other sites is more important than ever, particularly for those individuals whose employment makes them high value targets for adversary intelligence gathering, recruitment, and influence operations. I’m concerned that the agencies who contract out the development of these courses will look for a quick fix or a one-size-fits-all approach, and that is NOT what’s needed here.

The FSB’s Cyberwarriors (the RBN) attack Georgia

Last Updated on Sunday, 21 December 2008 01:51 Written by admin Saturday, 9 August 2008 08:14

UPDATE (11 August 2008): 2 news media outlets in Azerbaijan report being attacked by hackers under the direction of Russia’s Federal Security Services (FSB): ANS Press and the Azerbaijani Day.AZ news agency.

AP reports that the Georgian President’s Web site along with a Georgian television station’s site have been moved to a U.S. web hosting service in Atlanta, Georgia – Tulip Systems, Inc., however attacks (traced to Moscow and St. Petersburg) are continuing on the U.S. server.

—————-

The RBNExploit blog is in the forefront of reporting on the full scale cyberwar being conducted by Russia against Georgia. RBNExploit has been referenced by the McAfee Avert Labs blog as an authoritative source on this subject, along with the ShadowServer Foundation, Dancho Danchev, Brian Krebs, and David Bizeul. The following excerpts have been posted just a few hours ago:

Sat – 2008 08 09 5:00 EST: RBN (Russian Business Network) now nationalized, invades Georgia Cyber Space. As requested by community relay, the following is a report on the cyber war underway in parallel with conventional warfare. Many of Georgia’s internet servers were under external control from late Thursday, Russia’s invasion of Georgia commenced on Friday. It is further requested of any blog reader the information below is further relayed to the International Press and Community to ensure awareness of this situation. Also as much of Georgia’s cyberspace is now under unauthorized external control the following official press statement is circulated without modification. Report on the cyberwar is here.

Sat – 2008 08 09 16:00 EST: RBN Georgia Cyberwarfare 2. To explain to everyone else this is a full cyber siege of Georgia’s cyber space. As an update; within the community, our friends in Germany had managed to pierce the siege and gain a direct routing to Georgia via AS3320 DTAG Deutsche Telekom for a few hours. this afternoon. For the time being AS8359 COMSTAR Direct Moscow region network CJSC COMSTAR Direct Smolenskaya Sennaya Sq, 27 block 2 119121 Moscow, Russia, have intercepted this and are redirecting this route of cyber traffic via their servers. The good news is other German servers are now also attempting to access Georgia servers directly.  

For those of a technical nature we show the latest server routing map (see diagram below) which clearly shows the Russian based servers AS12389 ROSTELECOM, AS8342 RTCOMM, and AS8359 COMSTAR, controlling all traffic to Georgia’s key servers. For example here AS28751 CAUCASUS NET AS Caucasus Network Tbilisi, Georgia & AS20771 DeltaNet Autonomous System DeltaNet ltd 0179 Tbilisi Georgia

Even the Turkish (often RBN controlled) server AS9121 TTNet is now being blocked via COMSTAR, we understand via colleagues in Istanbul, the Turkish authorities are trying to regain control of these servers and provide direct routing to Georgia.

At this time all Georgia government web sites are unobtainable from US, UK, FR, and DE cyber space, as examples. All blog colleagues elsewhere please contact us if you are able to gain direct web access inbound.

We also relay, as requested, the warning not to depend on any web sites that ‘appear’ of a Georgia official source, but are without any recent statements i.e. Friday / Saturday Aug 8/9, as these are likely to be fraudulent.(my emphasis added)

For detailed background on this topic, read Russia’s cyberwarfare doctrine and Is the Russian Business Network protected by the Federal’naya Sluzhba Bezopasnosti?.

For additional background on the RBN:

The ShadowServer Foundation Report AS40989

The ShadowServer Foundation Report RBN Rizing

David Bizeul’s The Russian Business Network Study