Hackers have subscribed to frequencies – Business – Kommersant
[ad_1]
The Main Radio Frequency Center (GRCHC), subordinate to Roskomnadzor, was attacked by Belarusian hackers, as they announced in their Telegram channel, the fact of the attack was confirmed by the GRCHTS. In the network, in particular, there were screenshots of the organization’s internal correspondence. Kommersant’s sources suggest that attackers could penetrate the infrastructure through the remote workplace of one of the employees. The GRFC stressed that the situation was under control.
The hacker group “Cyberpartisans” on Friday evening announced on its Telegram channel that the systems of the Main Radio Frequency Center of Roskomnadzor had been hacked. The hackers said they hacked into the internal network of the GRCHTS, uploaded documents, as well as internal correspondence of employees. In addition, according to hackers, they managed to encrypt (make it impossible for an authorized user to access) employees’ workstations and damage the organization’s infrastructure.
The main radio frequency center was established under Roskomnadzor in 2000 to control the use of radio frequencies by telecom operators. Later, the GRCHTS also began to search the Internet for information prohibited by Russian law. GRCHTS allocated 57.7 million rubles at the end of summer. for the development of the Oculus system, which, based on neural networks, should analyze photos, videos and texts on websites, social networks and instant messengers for prohibited information (see Kommersant dated August 17). In May, the GRCHTS signed a contract for the provision of services for the “creation of an information security system” of its data processing center worth 9.3 million rubles, follows from the data on the State Procurement portal.
At the time of publication of the material, ten screenshots were found on the network, with which the attackers confirmed the fact of data leakage from the GRCHTS system. In particular, they posted fragments of communication between employees in their internal messenger, screenshots from the mailbox of the head of one of the internal groups of the GRFC, as well as images of the console of the organization’s internal DLP system (Data Loss Prevention, a system for protecting the company from information leakage).
“Cyber partisans”, according to open data, an opposition Belarusian group of hackers, took responsibility for hacking the internal systems of the power structures of Belarus. At the beginning of this year, the group hacked and blocked access to the servers of the Belarusian Railway, putting forward demands for the release of 50 political prisoners. They also circulated online the personal data of law enforcement and government officials whom they considered guilty of human rights violations during the protests in 2020 (see Kommersant dated March 27).
In GRCHTS “Kommersant” reported that the workstations of employees are not encrypted and access to them remains. The cyberattack countermeasures service has recorded the use by offenders of a previously unused vulnerability.
“The situation was manageable, in the course of it an analysis was made of the actions of the offenders who were in an open circuit. The criminals did not get access to either classified information or critical infrastructure, ”the GRCHTs told Kommersant.
Kommersant’s interlocutors in the information security market confirm the incident. According to them, the attack on the GRCHTS infrastructure could be organized through the account of an employee of the organization, that is, the attackers could gain access to the workplace, mail and other resources. “Judging by the published screenshots, the attackers gained access to the workstation of an information security specialist,” says a cybersecurity specialist from one of the specialized companies in the Russian market. “Most likely, they somehow obtained account data and remotely logged into his workstation, and, judging by the screenshots of the DLP console, they gained access precisely to the internal contour of the organization.
[ad_2]
Source link
