'It is unclear if former Vulkan engineers now in the west pose a security risk, and whether they have come to the attention of western counter-intelligence agencies. Most, it would seem, have relatives back in Russia, a vulnerability known to have been used by the FSB to pressure Russian professionals abroad to collaborate.
Contacted by a reporter, one ex-staffer expressed regret at having helped Russia’s military and domestic spy agency. “To begin with it wasn’t clear what my work would be used for,” they said. “Over time I understood that I couldn’t carry on, and that I didn’t want to support the regime. I was afraid something would happen to me, or I would end up in jail.”
There were enormous risks, too, for the anonymous whistleblower behind the Vulkan files. The Russian regime is known for hunting down those it regards as traitors. In their brief exchange with a German journalist, the leaker said they were aware that giving sensitive information to foreign media was dangerous. But they had taken life-changing precautions. They had left their previous life behind, they said, and now existed “as a ghost”.''Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet.
..
The Vulkan files, which date from 2016 to 2021, were leaked by an anonymous whistleblower angered by Russia’s war in Ukraine. Such leaks from Moscow are extremely rare. Days after the invasion in February last year, the source approached the German newspaper Süddeutsche Zeitung and said the GRU and FSB “hide behind” Vulkan.
“People should know the dangers of this,” the whistleblower said. “Because of the events in Ukraine, I decided to make this information public. The company is doing bad things and the Russian government is cowardly and wrong. I am angry about the invasion of Ukraine and the terrible things that are happening there. I hope you can use this information to show what is happening behind closed doors.”
..
One of Vulkan’s most far-reaching projects was carried out with the blessing of the Kremlin’s most infamous unit of cyberwarriors, known as Sandworm. According to US prosecutors and western governments, over the past decade Sandworm has been responsible for hacking operations on an astonishing scale. It has carried out numerous malign acts: political manipulation, cyber-sabotage, election interference, dumping of emails and leaking.
Sandworm disabled Ukraine’s power grid in 2015. The following year it took part in Russia’s brazen operation to derail the US presidential election. Two of its operatives were indicted for distributing emails stolen from Hillary Clinton’s Democrats using a fake persona, Guccifer 2.0. Then in 2017 Sandworm purloined further data in an attempt to influence the outcome of the French presidential vote, the US says.
That same year the unit unleashed the most consequential cyber-attack in history. Operatives used a bespoke piece of malware called NotPetya. Beginning in Ukraine, NotPetya rapidly spread across the globe. It knocked offline shipping firms, hospitals, postal systems and pharmaceutical manufacturers – a digital onslaught that spilled over from the virtual into the physical world.
The Vulkan files shed light on a piece of digital machinery that could play a part in the next attack unleashed by Sandworm.
..
The development of these secret programs speaks to the paranoia at the heart of Russia’s leadership. It is terrified of street protests and revolution of the kind seen in Ukraine, Georgia, Kyrgyzstan and Kazakhstan. Moscow regards the internet as a crucial weapon in maintaining order. At home, Putin has eliminated his opponents. Dissidents have been locked up; critics such as Alexei Navalny poisoned and jailed.
..
This Amezit sub-system allows the Russian military to carry out large-scale covert disinformation operations on social media and across the internet, through the creation of accounts that resemble real people online, or avatars. The avatars have names and stolen personal photos, which are then cultivated over months to curate a realistic digital footprint.
..
Another Vulkan-developed project linked to Amezit is far more threatening. Codenamed Crystal-2V, it is a training platform for Russian cyber-operatives. Capable of allowing simultaneous use by up to 30 trainees, it appears to simulate attacks against a range of essential national infrastructure targets: railway lines, electricity stations, airports, waterways, ports and industrial control systems.
..
It is unclear if former Vulkan engineers now in the west pose a security risk, and whether they have come to the attention of western counter-intelligence agencies. Most, it would seem, have relatives back in Russia, a vulnerability known to have been used by the FSB to pressure Russian professionals abroad to collaborate.
Contacted by a reporter, one ex-staffer expressed regret at having helped Russia’s military and domestic spy agency. “To begin with it wasn’t clear what my work would be used for,” they said. “Over time I understood that I couldn’t carry on, and that I didn’t want to support the regime. I was afraid something would happen to me, or I would end up in jail.”
There were enormous risks, too, for the anonymous whistleblower behind the Vulkan files. The Russian regime is known for hunting down those it regards as traitors. In their brief exchange with a German journalist, the leaker said they were aware that giving sensitive information to foreign media was dangerous. But they had taken life-changing precautions. They had left their previous life behind, they said, and now existed “as a ghost”.'
-
‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics, March 30, 2023
Context'..Russian .. years-long foreign malign influence campaign that used various U.S. political groups to sow discord..'We Should Say It. Russia Is Fascist - 'The Russian Federation promotes the extreme right everywhere.' - 'Bankrupt Putin & his regime. Give Ukraine what it needs to win.'(Russia a state sponsor of terrorism) - China Aids Russia’s War in Ukraine, Trade Data Shows(The risk of escalation is overblown) - '..the West’s overarching goal must be ensuring that the Russian tyrant gains nothing by his aggression..''..Negotiations & agreements with Putin have proven meaningless since he always lies. He must lose..'