The UK's Intelligence and Security Committee of Parliament rendered its long-anticipated report on Russian espionage and cyber operations at Westminster this morning. The redacted report concludes that Russia's aims are primarily negative ("paranoid," also "fundamentally nihilistic"), seeking to disrupt and damage rivals. Moscow's subsidiary positive ("substantive") goals include sustaining its prestige as a great power and preserving its rulers' privileged positions. The Committee outlines extensive Russian disinformation operations against the UK. These have pursued goals observed elsewhere, including the opportunistic exploitation of existing social fissures to erode trust in civil society and the institutions that serve it.
Russia is assessed, unsurprisingly, as "a highly capable cyber actor with a proven capability to carry out operations which can deliver a range of impacts across any sector." A striking feature of Russia's cyber capability is the close and "symbiotic" relationship its intelligence and security services enjoy with Russian organized crime.
The Committee's recommendations include closer cooperation with allies and new authorities for the Intelligence Community. For its part TASS is authorized to disclose that this is all hooey, that there are no Russian hackers.
Trend Micro reports on the underworld's cybercriminal economy. The principal offerings seen in fora catering to criminal customers are:
- Dedicated and virtual hosting providers.
- Service protection and anonymization providers.
- Additional infrastructure provision (in-browser botnet services, IoT hosting, and telecommunications).
- Legitimate services “used for malicious purposes:” cloud services, dynamic DNS hosting, SSL certificate provision, etc.
There's some overlap between criminal-to-criminal fora and those dedicated to gaming, online marketing, and search engine optimization.