US blacklists 6 Russian organizations over security concerns
Security of critical infrastructure, cyber warfare / nation state attacks, fraud management and cybercrime
Commerce Department Says Organizations Aligned With Russian Intelligence
Dan Gunderman (dangun127) •
July 17, 2021
The Commerce Department is restricting trade with four Russian information technology and cybersecurity companies, as well as two other entities, over concerns that these organizations pose a threat to U.S. national security, according to a document released on Friday.
See also: Live Panel | Zero Trusts Given – Harnessing the Value of Strategy
The six Russian organizations added to the department’s entity list on Friday are building on sanctions imposed by the Treasury Department in April, which said the companies and other entities are aligned with or assist Russian intelligence services.
Now that these organizations have been placed on the Entity List, the Commerce Department will require them to apply for a special license to do business with US companies or receive supplies or components from US companies.
Russian organizations now on the Entity List, which is maintained by the Commerce Department’s Bureau of Industry and Security, include:
- Aktsionernoe Obschchestvo Pasit: A computer company which would have carried out research and development activities for the country’s foreign intelligence service;
- Federal State Autonomous Institution Military Innovative Technopolis era: A research center and a technological park operated by the Russian Ministry of Defense;
- Autonomous scientific establishment of the Federal State Scientific research institute Specialized computer security devices and automation (VAS): A state institution supposed to support malicious cyber activities;
- Aktsionernoe Obshchaestvo AST;
- Aktsionernoe Obshchestvo Pozitiv Teknolodzhiz, or JSC Positive Technologies;
- Obshchestvo S Ogranichennoi Otvetstvennostyu Neobit;
IT companies AST, Positive Technologies and Neobit have also worked with the Russian government, according to the Commerce Department.
The Treasury Department’s April sanctions identified Russia-based technology, security, and research companies allegedly working with the Russian Foreign Intelligence Service, aka SVR, as well as other Russian agencies, including management Intelligence Officer, also known as GRU, on Cyber Campaigns (see: US Raises Curtain on Russian Cyber Operations).
By sanctioning Russia this year, the Biden administration tried to start curbing the country’s cyber operations while responding to increasingly frequent incidents – including a full-scale ransomware attack on the remote management software vendor. Kaseya this month – suspected of being led by Russia. REvil support group (see: Kaseya: Up to 1,500 organizations affected by ransomware attack).
Positive Technologies told Reuters on Friday that the company had never been involved in an attack on U.S. infrastructure.
In its assent this spring, the Treasury Department had harsh words for the Kremlin.
“The Treasury is based on …[its] the authority to impose costs on the Russian government for its unacceptable conduct, including limiting Russia’s ability to fund its activities and targeting malicious and disruptive Russian cyber capabilities, ”the secretary said at the time. Treasure Janet L. Yellen.
The department also noted, “Russian intelligence services have carried out some of the most dangerous and disruptive cyber attacks in recent history,” including the SolarWinds incident of 2020, a supply chain attack that ultimately affected several American agencies (see: 7 takeaways: supply chain attack hits SolarWinds customers).
The Treasury Department also criticized the Kremlin for election interference, poisoning Kremlin critic Aleksei Navalny and stealing “Red Team tools” – mimicking cyberattacks – from a US security firm, among other recent actions. The Kremlin has denied the allegations.
“Enabling Russian cyber activities”
The private and state-owned companies sanctioned in April “allow Russian intelligence services to cyber-activities” and “provide a range of services to [agencies] FSB, GRU and SVR, ranging from the provision of expertise to the development of tools and infrastructure, including the facilitation of malicious cyber activities, ”added the Treasury Department.
Other federal measures
The State Department also announced Thursday that it will now offer rewards of up to $ 10 million for intelligence on cyber threats to critical infrastructure in the country.
The Department of Homeland Security and the Department of Justice also unveiled a website called “StopRansomware,” which is described as a central hub for consolidating anti-ransomware resources from all federal government agencies (see: US Offers $ 10 Million Cyber Threat Intelligence Reward).
Following the Kaseya attack, Biden met with Russian President Vladimir Putin on July 9 and reiterated the demands he made at their June summit in Geneva: that the Russian government should crack down on cybercrime activities within its borders.
Biden added that the US government is prepared to take “whatever steps are necessary to defend its people and critical infrastructure from” the ongoing cyber attacks.