“One might think this would be a good time for Russian cyber intelligence officials, credited as they are with hacking and leaking Democratic emails that may have altered the course of the U.S. presidential election. One would be wrong.” Emily Tamkin — Foreign Policy

Both Deputy Directors of the Federal Security Service Information Security Center have been sacked while the Director is rumoured to have resigned. The reasons behind this on-going crisis are still unclear. Follow us on Twitter: @Intel_Today

The Federal Security Service of the Russian Federation [FSB — Russian: Федеральная служба безопасности Российской Федерации (ФСБ)] is the principal security agency of Russia and the main successor agency to the USSR’s Committee of State Security (KGB).

Its main responsibilities are within the country and include counter-intelligence, internal and border security, counter-terrorism, and surveillance as well as investigating some other types of grave crimes and federal law violations.

It is headquartered in Lubyanka Square, Moscow’s centre, in the main building of the former KGB. The Director of the FSB since 2008 is army general Aleksandr Bortnikov.

Inside the FSB, the Information Security Center is the Division responsible for cyber-security. Andrei Gerasimov is head of the FSB Information Security Center.

Although no “organizational chart” is available in the public domain, it is usually accepted that this Division has — at least — two departments. The “Operation department” was headed by Colonel Sergey Mikhailov while the “Technical Department” was headed by Dmitry Pravikov.

Andrei Gerasimov

Andrei Gerasimov has been head of the FSB Information Security Center since 2009. According to Russian media, Gerasimov may be dismissed soon. There are some reports that he may have already resigned.

Colonel Sergey Mikhailov

Colonel Sergey Mikhailov was Deputy Director of the FSB and Chief of its Operational department.

According to Interfax News Agency,

“Sergei Mikhailov, a top cybersecurity specialist in the FSB, and his subordinate Dmitry Dokuchaev are being accused of breaking their oath and working with the CIA.”

In December 2016, Mikhailov was detained at a board meeting — escorted out of the room with a bag thrown over his head. (The exact date may be December 5 2016.)

Sergey Mikhailov has been charged under Art. 275 of the Criminal Code (High treason).

Dmitry Pravikov

The deputy Director of the FSB Information Security Center — Department of Information Technology (DIT) — Dmitry Pravikov is currently under investigation.

Dmitry Pravikov is suspected of bribe-taking. He was Deputy Director and Head of the DIT since 2005.

Kommersant notes that Dmitry Pravikov is dubbed “an icon in information security”. He has Ph.D. in Engineering Science and is an associate professor of Information Security department in Bauman Moscow State Technical University. Pravikov has also written dozens of research papers, books and articles in the field of information security.

Major Reshuffle

Zhahongir Yuldashev was appointed as temporarily chief in charge of operations instead of Mikhailov.

Alexey Grachev was appointed as the Interim Head of the DIT to replace Dmitry Praviko.

What is ‘the’ Story behind the Crisis?

There is obviously a major crisis but the reasons remain unknown.

There is no lack of ‘good stories’ to explain the arrests and charges of treason. Popular explanations include a link to the ‘Russian DNC hack’, the leak of the ‘Trump Dossier’, Espionage for US Intel Agencies (FBI, and /or CIA), a connection to the Shaltay Boltay hacker group (with multiple sub-stories such as the “Surkov-Leaks” scandal , the leaked documents from the chief of the Defense Ministry’s construction department) , and so on…

But truth being told, none of these appears convincing so far. Some experts believe that the situation in the ISC is linked to internal conflicts.

An Internal Power Fight?

The investigation against Dmitry Pravikov may be the result of his recent conflict with the management following a planned reorganization of the FSB departments.

After the reorganization the ISC would be placed under the control of the ‘Vosmyorka’ – which is allegedly the FSB Information Protection and Special Communications Center.

We know that Russia just passed a set of new laws that may prepare the ground for a major paradigm shift and place the entire Russian cyber world under State control.

Meanwhile, the Kremlin is also preparing to implement the notorious “Yarovaya Package” of laws (scheduled to go into effect in 2018), which will give Moscow greater control over the personal online information of Russian citizens as well as empower the authorities to label and prosecute critical online speech as “extremist” (see EDM, July 15, 2016). Taken together, it appears the Kremlin is preparing to undertake a great “cyber purge” that may change the entire architecture of relations between Russian IT companies and the state, leading to the establishment of full government control over this sector. [Eurasia Daily Monitor]

Cyber-criminality and Russian contacts

According to Western cyber-security experts, cooperation with their Russian counterparts has come to a sudden halt since the arrest of Sergey Mikhailov, Dmitry Dokuchaev and Ruslan Stoyanov, head of the computer incidents investigation team at Russian cyber security firm Kaspersky Lab.

“Everybody has clammed up,” said John Bambenek, a manager of threat research at Fidelis Cybersecurity. The arrests send a message that “even an informal information-sharing relationship with trusted Russian intelligence and law enforcement officers might be considered treason,” said Vitali Kremez, director of research at American security firm Flashpoint. “This sends a shiver down everybody’s spine,” said a senior U.S. law enforcement official. “We were getting some headway over there…”

Stay tuned.

REFERENCES

Security services sweeping purge underway: another FSB officer targeted — Crime Russia

Head of FSB Cyber Unit May Soon Be Dismissed — FP

Cyber expert’s arrest silences Russian contacts of some Western crime fighters — REUTERS

Making Sense of Russia’s Cyber Treason Scandal — STRATFOR

Russia on the Verge of a ‘Cyber Purge?’