Nikolai Murashov, deputy director of Russia's National Cyberthreat Response Centre, has charged the United States, the United Kingdom, and the European Union with hampering efforts to introduce an international ban on the creation of malicious software. At the same time, he said, statistics on the geographical distribution of cyberattacks between 2016 and 2017 show that locations in the US and the EU are global cyberattack source hotspots.
Speaking at a cybersecurity briefing in Moscow on Tuesday, Murashov pointed out that the Russian criminal code already has an article categorising the creation of computer viruses as a crime.
"But not many states have followed suit. Almost everywhere [else], there is no ban on the development of similar software. Moreover, officials in the US, UK, and the EU do everything to hamper the approval of any recommendations on the criminalisation of such activities at forums where global information security is discussed", the official said, clarifying that such resistance has included footdragging at the UN.
According to the cybersecurity official, Washington has in fact "unilaterally blocked" the functioning of mechanisms on cooperation with Russia to ensure security in the fields of information and communication technologies, despite a 2013 agreement on the joint tackling of threats in this sphere. Nevertheless, Russia remains ready to "resume constructive dialogue" in this area, pending that it is based on "open and equal cooperation".
Russia Ready to Publish Correspondence on Alleged Russian 'Meddling' in US Elections
The Russian side is ready to publish correspondence on the subject of alleged Russian meddling in the 2016 US elections via the hack of the Democratic Party servers, pending agreement from the American side, Murashov said.
"The first message was received only on 31 October 2016, as far as I can recall. After that there were a number of additional messages containing certain technical information about the hacking [of the DNC servers] that had taken place. We analysed all of this information, and even before [Donald] Trump's inauguration as president, sent the American side what we judged to be an exhaustive response".
The Russian side cannot share this information with the public without approval from the US side, in accordance with intergovernmental agreements, the official noted. "Accordingly, we are prepared to publish all available correspondence if the American side gives its agreement", Murashov added.
Foreign Intelligence Behind Cyberattacks on Russian Internet on Election Day
Foreign intelligence agencies stood behind the cyberattacks which affected Russian cyber-infrastructure on the day of the "Direct Line With Vladimir Putin" programme in 2017, as well as voting day in presidential elections in March, Murashov said.
"Since June 2017, we recorded an attack against the entire [Russian] national segment of the internet. The first peak of this attack came on the day of the 'Direct Line' programme with the Russian president", i.e. 15 June 2017, the official said. The attack used a new modification of the "Russkill" group of viruses, he noted.
"After evaluating the capabilities embedded in this modification, we came to the conclusion that we are dealing with a special service of a foreign state, which has perfect knowledge of the algorithms of root DNS servers", Murashov said. "We realised that in the near future, we should be prepared for more powerful attacks. And this is what ended up happening. The peak of a new wave of the attack fell on the day of the presidential elections in Russia in March of this year", he added.
Software Manufacturers Share Blame for Software Vulnerabilities
Murashov noted that one of the major problems in the field of cybersecurity today lies in the fact that software makers are rarely held accountable for the security of their products, with software vulnerabilities resulting from products being rushed to markets prematurely leaving the door open for the creation of new viruses designed for mass hacking attacks. The official stressed that an explicit global ban on the creation of malicious software could go a long way in ensuring user security.
Having studied research compiled by Symantec and Webroot in the US, Japan's NTT Security, and China's CNCERT/CC cybersecurity centres between 2016 and 2017, Murashov pointed out that the US, France, and the Netherlands ranked first, second and third, respectively, in the geographic distribution of cyberattacks. "This data makes it clear that according to these companies the United States and the European Union are the main sources of malicious activity", he said.
According to Russian National Cyberthreat Response Centre figures, large scale cyberattacks involving the viruses WannaCry, NotPetya, and BadRabbit affected users in nearly 100 countries in 2017, infecting over 500,000 computers, more than 60 percent of them in Russia. These viruses, using advanced encryption methods, affected not only ordinary users, but components of Russia's information infrastructure as well, Murashov said.