Status: 03/31/2023 10:21 am
According to media reports, several Russian cyber experts work for European companies, including Siemens. The explosive thing: You are said to have previously worked for a Russian company that apparently prepared hacker attacks for the secret services.
Several media are reporting on potential security gaps in large European corporations. According to “Spiegel”, cyber experts are said to be employed at Siemens or Amazon Web Services, who are said to have previously worked at the Russian IT company NTC Vulkan.
Ex-company with connections to secret services
The company is said to have close ties to the three major Russian secret services FSB, GRU and SWR. As the media reports in the so-called “Vulcan Files”, the company produced offensive cyber programs for the services, among other things, which aim to attack critical infrastructure facilities.
Specifically, an ex-chief developer from NTC Vulkan apparently works as a “Senior Software Development Engineer” at Amazon Web Services (AWS) in Dublin. AWS is one of the world’s largest providers of cloud computing, whose customers include NASA, the US Navy and many DAX companies. A former employee of Vulkan works at Siemens in Munich.
Former Vulkan people also hired at the travel portals Booking.com and Trivago. Siemens responded to a request from “Spiegel” that it took the issue seriously, but could not say anything about individual employees for data protection reasons.
Attacks on critical infrastructure
Leaked documents from the Russian security apparatus were leaked to an international team of journalists. Accordingly, NTC Vulkan is developing software for all three major Russian services FSB, GRU and SWR, which is intended to be used for sabotage. Project plans, software descriptions, instructions, internal e-mails and bank transfer documents from the company show how Russian secret services plan and carry out worldwide hacking operations with the help of private companies. Several Western intelligence services have confirmed to the international research team that the documents are authentic.
For example, the offensive cyber program is described under the code name “Amezit”, which is also intended to enable attacks on critical infrastructure facilities, according to the “Spiegel”. According to the documents, one of the goals of the program is to use special software to derail trains or paralyze airport computers. However, it is not clear whether the program is currently being used against Ukraine, for example.
As the “Spiegel” writes, analysts from Google are said to have discovered a connection between NTC Vulkan and the hacker group “Cozy Bear” years ago. “Cozy Bear” has penetrated US Department of Defense systems in the past.