Mediaboss Marketing

There is no evidence that Profexer worked, at least knowingly, for Russias intelligence services, but his malware apparently did.

That a hacking operation that Washington is convinced was orchestrated by Moscow would obtain malware from a source in Ukraine perhaps the Kremlins most bitter enemy sheds considerable light on the Russian security services modus operandi in what Western intelligence agencies say is their clandestine cyberwar against the United States and Europe.

It does not suggest a compact team of government employees who write all their own code and carry out attacks during office hours in Moscow or St. Petersburg, but rather a far looser enterprise that draws on talent and hacking tools wherever they can be found.

Also emerging from Ukraine is a sharper picture of what the United States believes is a Russian government hacking group known as Advanced Persistent Threat 28 or Fancy Bear. It is this group, which American intelligence agencies believe is operated by Russian military intelligence, that has been blamed, along with a second Russian outfit known as Cozy Bear, for the D.N.C. intrusion.

Rather than training, arming and deploying hackers to carry out a specific mission like just another military unit, Fancy Bear and its twin Cozy Bear have operated more as centers for organization and financing; much of the hard work like coding is outsourced to private and often crime-tainted vendors.

In more than a decade of tracking suspected Russian-directed cyberattacks against a host of targets in the West and in former Soviet territories NATO, electrical grids, research groups, journalists critical of Russia and political parties, to name a few security services around the world have identified only a handful of people who are directly involved in either carrying out such attacks or providing the cyberweapons that were used.

This absence of reliable witnesses has left ample room for President Trump and others to raise doubts about whether Russia really was involved in the D.N.C. hack.

There is not now and never has been a single piece of technical evidence produced that connects the malware used in the D.N.C. attack to the G.R.U., F.S.B. or any agency of the Russian government, said Jeffrey Carr, the author of a book on cyberwarfare. The G.R.U. is Russias military intelligence agency, and the F.S.B. its federal security service.

United States intelligence agencies, however, have been unequivocal in pointing a finger at Russia.

Seeking a path out of this fog, cybersecurity researchers and Western law enforcement officers have turned to Ukraine, a country that Russia has used for years as a laboratory for a range of politicized operations that later cropped up elsewhere, including electoral hacking in the United States.

In several instances, certain types of computer intrusions, like the use of malware to knock out crucial infrastructure or to pilfer email messages later released to tilt public opinion, occurred in Ukraine first. Only later were the same techniques used in Western Europe and the United States.

So, not surprisingly, those studying cyberwar in Ukraine are now turning up clues in the investigation of the D.N.C. hack, including the discovery of a rare witness.

Security experts were initially left scratching their heads when the Department of Homeland Security on Dec. 29 released technical evidence of Russian hacking that seemed to point not to Russia, but rather to Ukraine.

In this initial report, the department released only one sample of malware said to be an indicator of Russian state-sponsored hacking, though outside experts said a variety of malicious programs were used in Russian electoral hacking.

The sample pointed to a malware program, called the P.A.S. web shell, a hacking tool advertised on Russian-language Dark Web forums and used by cybercriminals throughout the former Soviet Union. The author, Profexer, is a well-regarded technical expert among hackers, spoken about with awe and respect in Kiev.

He had made it available to download, free, from a website that asked only for donations, ranging from $3 to $250. The real money was made by selling customized versions and by guiding his hacker clients in its effective use. It remains unclear how extensively he interacted with the Russian hacking team.

After the Department of Homeland Security identified his creation, he quickly shut down his website and posted on a closed forum for hackers, called Exploit, that Im not interested in excessive attention to me personally.

Soon, a hint of panic appeared, and he posted a note saying that, six days on, he was still alive.

Another hacker, with the nickname Zloi Santa, or Bad Santa, suggested the Americans would certainly find him, and place him under arrest, perhaps during a layover at an airport.

It could be, or it could not be, it depends only on politics, Profexer responded. If U.S. law enforcement wants to take me down, they will not wait for me in some countrys airport. Relations between our countries are so tight I would be arrested in my kitchen, at the first request.

In fact, Serhiy Demediuk, chief of the Ukrainian Cyber Police, said in an interview that Profexer went to the authorities himself. As the cooperation began, Profexer went dark on hacker forums. He last posted online on Jan. 9. Mr. Demediuk said he had made the witness available to the F.B.I., which has posted a full-time cybersecurity expert in Kiev as one of four bureau agents stationed at the United States Embassy there. The F.B.I. declined to comment.

Profexer was not arrested because his activities fell in a legal gray zone, as an author but not a user of malware, the Ukrainian police say. But he did know the users, at least by their online handles. He told us he didnt create it to be used in the way it was, Mr. Demediuk said.

A member of Ukraines Parliament with close ties to the security services, Anton Gerashchenko, said that the interaction was online or by phone and that the Ukrainian programmer had been paid to write customized malware without knowing its purpose, only later learning it was used in the D.N.C. hack.

Mr. Gerashchenko described the author only in broad strokes, to protect his safety, as a young man from a provincial Ukrainian city. He confirmed that the author turned himself in to the police and was cooperating as a witness in the D.N.C. investigation. He was a freelancer and now he is a valuable witness, Mr. Gerashchenko said.

While it is not known what Profexer has told Ukrainian investigators and the F.B.I. about Russias hacking efforts, evidence emanating from Ukraine has again provided some of the clearest pictures yet about Fancy Bear, or Advanced Persistent Threat 28, which is run by the G.R.U.

Fancy Bear has been identified mostly by what it does, not by who does it. One of its recurring features has been the theft of emails and its close collaboration with the Russian state news media.

Tracking the bear to its lair, however, has so far proved impossible, not least because many experts believe that no such single place exists.

Even for a sophisticated tech company like Microsoft, singling out individuals in the digital miasma has proved just about impossible. To curtail the damage to clients operating systems, the company filed a complaint against Fancy Bear last year with the United States District Court for the Eastern District of Virginia but found itself boxing with shadows.

As Microsoft lawyers reported to the court, because defendants used fake contact information, anonymous Bitcoin and prepaid credit cards and false identities, and sophisticated technical means to conceal their identities, when setting up and using the relevant internet domains, defendants true identities remain unknown.

Nevertheless, Ukrainian officials, though wary of upsetting the Trump administration, have been quietly cooperating with American investigators to try to figure out who stands behind all the disguises.

Included in this sharing of information were copies of the server hard drives of Ukraines Central Election Commission, which were targeted during a presidential election in May 2014. That the F.B.I. had obtained evidence of this earlier, Russian-linked electoral hack has not been previously reported.

Traces of the same malicious code, this time a program called Sofacy, were seen in the 2014 attack in Ukraine and later in the D.N.C. intrusion in the United States.

Intriguingly, in the cyberattack during the Ukrainian election, what appears to have been a bungle by Channel 1, a Russian state television station, inadvertently implicated the government authorities in Moscow.

Hackers had loaded onto a Ukrainian election commission server a graphic mimicking the page for displaying results. This phony page showed a shocker of an outcome: an election win for a fiercely anti-Russian, ultraright candidate, Dmytro Yarosh. Mr. Yarosh in reality received less than 1 percent of the vote.

The false result would have played into a Russian propaganda narrative that Ukraine today is ruled by hard-right, even fascist, figures.

The fake image was programmed to display when polls closed, at 8 p.m., but a Ukrainian cybersecurity company, InfoSafe, discovered it just minutes earlier and unplugged the server.

State television in Russia nevertheless reported that Mr. Yarosh had won and broadcast the fake graphic, citing the election commissions website, even though the image had never appeared there. The hacker had clearly provided Channel 1 with the same image in advance, but the reporters had failed to check that the hack actually worked.

For me, this is an obvious link between the hackers and Russian officials, said Victor Zhora, director of InfoSafe, the cybersecurity company that first found the fake graphic.

A Ukrainian government researcher who studied the hack, Nikolai Koval, published his findings in a 2015 book, Cyberwar in Perspective, and identified the Sofacy malware on the server.

The mirror of the hard drive went to the F.B.I., which had this forensic sample when the cybersecurity company CrowdStrike identified the same malware two years later, on the D.N.C. servers.

It was the first strike, Mr. Zhora said of the earlier hack of Ukraines electoral computers. Ukraines Cyber Police have also provided the F.B.I. with copies of server hard drives showing the possible origins of some phishing emails targeting the Democratic Party during the election.

In 2016, two years after the election hack in Ukraine, hackers using some of the same techniques plundered the email system of the World Anti-Doping Agency, or WADA, which had accused Russian athletes of systematic drug use.

That raid, too, seems to have been closely coordinated with Russian state television, which began airing well-prepared reports about WADAs hacked emails just minutes after they were made public. The emails appeared on a website that announced that WADA had been hacked by a group calling itself the Fancy Bears Hack Team.

It was the first time Fancy Bear had broken cover.

Fancy Bear remains extraordinarily elusive, however. To throw investigators off its scent, the group has undergone various makeovers, restocking its arsenal of malware and sometimes hiding under different guises. One of its alter egos, cyberexperts believe, is Cyber Berkut, an outfit supposedly set up in Ukraine by supporters of the countrys pro-Russian president, Viktor F. Yanukovych, who was ousted in 2014.

After lying dormant for many months, Cyber Berkut jumped back into action this summer just as multiple investigations in Washington into whether the Trump campaign colluded with Moscow shifted into high gear. Cyber Berkut released stolen emails that it and Russian state news media said had exposed the real story: Hillary Clinton had colluded with Ukraine.

Continued here:
In Ukraine, a Malware Expert Who Could Blow the Whistle on Russian Hacking - New York Times

The United States is not the only country caught up in an emotional debate over health care. The Ukrainian Rada (parliament) has been struggling with the issue for months. And like their counterparts in the U.S. Senate, Ukrainian lawmakers scuttled plans to pass health-care reform just before breaking for summer recess on July 19.

In Ukraine, however, the stakes for reform are higher. For starters, more than 90 percent of Ukrainians have no medical insurance. But the problems go far deeper than that.

The countrys current health-care system is a legacy of the Soviet eraand a most sorry one. Government funding and resources for hospitals are allocated according to the number of medical workers, buildings and beds, rather than the number of patients treated. Physicians and administrators, saddled with a mind-set stuck in the Soviet way of doing things, shun more advanced Western practices and equipment.

The carry-over egalitarianism of the Soviet era leaves doctors earning a paltry $200 a month. Naturally, this breeds corruption. For example, bribery is a commonplace precondition for receiving medical treatment. The situation is dire.

So dire, in fact, that International Monetary Fund (IMF) has insisted that Ukraine reform its health system. The IMFs program to keep the Ukrainian economy afloat is contingent on significant economic reforms, including fixing the corrupt and inefficient health system.

The big stumbling blocks have been the entrenched corruption and Soviet mind-set of Ukraines older generation of political leaders.

But leading the charge for reform is a relative newcomer, Dr. Ulana Suprun, Ukraines Acting Minister of Health.

Born, raised and educated in the United States, Dr. Suprun had a successful radiology practice in New York City. When the Maidan revolution erupted in early 2014, the Ukrainian-American physician traveled to Ukraine to treat those wounded by the security forces of former President Viktor Yanukovych.

Then, when Russian proxies in Eastern Ukraine, backed up by regular Russian troops and equipment, started an insurrection against the central government, Dr. Suprun moved to the frontlines of the conflict, providing lifesaving care and NATO standard Combat Lifesaver training to soldiers.

In 2015, a thankful Ukrainian president, Petro Poroshenko, conferred upon her Ukrainian citizenship, saying during the ceremony: Your efforts saved thousands of lives. In August 2016, she was asked to become the acting Minister of Health.

Under her leadership, the government has rooted out a significant amount of corruption from the health-care sector. For example, by changing the way the Ministry of Health procures pharmaceuticals, the department cut those costs by 40 percent. But more needs to be done.

The reform Suprun was pushing this year aimed to raise the level of Ukrainian health care to international standards. It would, for example, require medical licenses for individual doctors. Currently, only medical practices are licensed and they can hire doctors straight out of medical school, with no clinical training or experience.

The reform bill currently up for a vote in parliament would also change the way hospitals are funded, linking the money more closely to actual delivery of patient services. And it would close down or consolidate hospitals that arent treating enough patients to remain cost effective and provide quality services.

As if that werent enough, the proposal would have: reformed palliative, emergency and primary care simultaneously; freed doctors to earn more money in an open, transparent manner so they would not have to resort to bribe-taking to generate additional income; and provided universal health care coverage for all Ukrainians.

The ultimate goal of the reform package was to empower patients, giving them new rights and protectionsa noble ambition. No wonder the G7 Ambassadors to Ukraine endorsed the proposal, calling it a sign that Ukraine is ready and committed to moving forward with its vital reforms, in health care and anti-corruption, for the benefit of its citizens.

In many ways, the health-care debate is emblematic of the larger societal struggle in Ukraine. Its the younger generation of technocrats fighting against the old guard. Its the new Western way of thinking against the old Soviet way of doing business.

The old guard in the Rada was able to block Supruns reform bill from coming up to a final vote just before the summer recess. But thats not necessarily the end of this fight. The Rada will have another chance to vote on it when lawmakers reconvene in September.

The outcome of the health care vote will likely chart the future policy direction of Ukraine: whether it will remain stuck in its failed Soviet past or move toward a brighter future in the Euro-Atlantic community.

Luke Coffey is director of The Heritage Foundations Allison Center for Foreign Policy Studies.

View post:
If Ukraine's Economy Is to Reform, Then Its Inefficient Health System Has to Go - The National Interest Online (blog)

Mikheil Saakashvili, the former Georgian president and ex-governor of Ukraine's Odesa region who was stripped of his Ukrainian citizenship in July, says he plans to return to Kyiv next month.

"I am returning to Ukraine. I will arrive on September 10 travelling from Poland through the Krakovets checkpoint [in the Lviv region]," he said in a live broadcast on Facebook on August 16.

President Petro Poroshenko stripped Saakashvili of his Ukrainian citizenship on July 26, a move the former Georgian president condemned as an "illegal way to move me from the political scene in Ukraine."

Ukrainian authorities have said that if he tries to enter the country they will bar him and confiscate his passport.

The 49-year-old Saakashvili, who served two terms as president from 2004 to 2013, is an adamantly pro-Western reformist who came to power in Georgia as a result of the peaceful Rose Revolution protests of 2003.

But his popularity declined in his later years in office, in part because of the 2008 five-day war with Russia during which Moscow's forces drove deep into the South Caucasus country.

Saakashvili was stripped of his Georgian citizenship in 2015 after he took Ukrainian citizenship in order to become governor of the Odesa region.

Georgia is seeking Saakashvili's extradition to face charges related to the violent dispersal of protesters and a raid on a private television station.

He says those charges are politically motivated.

Saakashvili resigned as Odesa's governor in November 2016 -- complaining of official obstruction of anticorruption efforts, accusing Poroshenko of dishonesty, and charging that the central government was sabotaging crucial reforms.

Now, without Ukrainian citizenship, Saakashvili cannot seek political office in Ukraine, where his party is calling for early parliamentary elections. However, he said in the Facebook broadcast that he has been travelling on his Ukrainian passport.

Ukraine is scheduled to conduct its next presidential election in March 2019.

Go here to see the original:
Saakashvili Says He Plans To Return To Ukraine Next Month - RadioFreeEurope/RadioLiberty

The reforms implemented by Ukraine in the field of alternative energy have improved the investment attractiveness of our country for German investors.

The Governmental portal reports this upon the meeting of Chairman of the State Agency on Energy Efficiency and Energy Saving of Ukraine Serhiy Savchuk with Executive Director of the Shanda Consult Ltd Stefan Nolte and representative of the EUMECON Europe Middle East Consultancy Association Jan Engelke.

As Mr. Nolte explained, the Shanda Consult Ltd company now examines the legal framework and investment attractiveness of renewable energy in Ukraine. German investors are interested in the results of the study and consider possibility of investing in green projects in Ukraine.

"We see that a number of successful reforms have been carried out since 2014. Therefore, we are interested in the incentives and guarantees introduced for investors, the regulatory mechanisms, stability of the economic situation, etc.," Nolte said. He also noted that the company earlier had investigated the profitability of installing biogas plants and now it studied the use of all renewable energy sources.

ol

Read the original post:
Germans interested in investing in alternative energy development in Ukraine - Ukrinform. Ukraine and world news

Three Ukrainian lawmakers have declared their bitcoin holdings as part of the countrys new electronics declaration system aimed at preventing corruption. The three hold altogether 11,644 bitcoins, worth approximately $47 million.

Also read:Arrests of Bitcoin Miners in Ukraine Spark Questions About Legality

Three members of the Verkhovna Rada of Ukraine which is the countrys unicameral parliament have declared their bitcoin holdings, according to Ria Novosti. Alexander Urbansky, Dmitry Belotserkovets and Dmitry Golubov are members of the political party Bloc Petro Poroshenko.The trios bitcoin holdings are shown in their electronic declarations, which Parliament members are required to submit.The publication detailed:

According to the declarations, Urbansky has 2,494 bitcoins (about 10 million dollars), Belotserkovets declared 398 bitcoins (1.6 million dollars), Golubov indicated in his declaration 8752 bitcoins (about 35 million dollars).

This e-declarations system, aimed to prevent corruption, mandates government officials and related persons to declare and describe all assets they possess inside and outside of Ukraine; the information is then made available to the public.

The first phase of this system was launched in September last year which affected 100,000 top and mid-level officials, explained the United Nations Development Programme (UNDP). The second phase started in January this year, affecting an additional 700,000-800,000 officials.

Meanwhile, some bitcoin mining farms in Ukraine have reportedly been closed down by the government. Recently, news.Bitcoin.com reported on bitcoin miners beingarrested in Kiev and 200 pieces of mining equipment seized. Around the same time, the Security Service of Ukraine (SBU) reportedly discovered another cryptocurrency mining farm in the town of Kropyvnytskyi in central Ukraine. In both cases, the mining farms were closed down and mining equipment seized.

Artem Afyan, co-founder and managing partner of thelaw firm Juscutum, saidthat over the past few months, we have seen a surge in law enforcement activity in the field of cryptocurrency. However, he asserted that the main motive of the raids is requisition. The mining equipment is seized.

Rostislav Kravets, Senior Partner of the law firm Kravets & Partners, explained that the current legislation does prohibit the issuance and circulation of other payment instruments and monetary units, and the use of monetary surrogates as means of payment, NV Business reported.

However, cryptocurrency is currently not banned, nor is its use prohibited. The central bank of Ukraine is aware of its use within the country. Last week, Deputy Governor of the National Bank of Ukraine Oleg Churiy said that the government is discussing the legal status of bitcoin and its regulation. The issue will be considered by the Financial Stability Board before the end of this month.

What do you think of Ukrainian politicians holding bitcoins while bitcoin mining farms are being closed down? Let us know in the comments section below.

Images courtesy of Shutterstock and Xinhua

Need to calculate your bitcoin holdings? Check ourtoolssection.

Read more from the original source:
Three Ukrainian Lawmakers Declare Bitcoin Holdings Worth $47 Million - Bitcoin News (press release)