Against the backdrop of the growing confrontation between Russia and the United States with their Western European satellites at the international level, spy scandals in the field of information security flare up one by one. It got to the point that in December last year, Reuters sources leaked information - the United States, as part of its response to the "aggressive actions of Russia", is considering scenarios from tightening financial sanctions to cyber attacks on Russian infrastructure. The question arises of how to protect government institutions that are critical for the Russian economy and key for state security of production.
December 5, 2016, by the President of the Russian Federation V.V. Putin approved the doctrine of information security of the Russian Federation, which formulated a strategy for the development of information security and substantiated the need to take information security measures at enterprises in the state bodies of the Russian Federation.
The priority use on the territory of the country of products of the IT industry of domestic production, involved in ensuring information security, is due to the possibility of using these products by foreign intelligence services in order to collect critical confidential information.
There are not many security software developers on the Russian market, and before they are allowed to work with large Russian companies, it is necessary to check for reliability. Nevertheless, the example of SerchInform LLC showed an imperfection in the application of the 2016 law. However, first things first….
SerchInform LLC, established in 2015, is a major provider of information security services for companies such as VKO ALMAZ-ANTEY, Russian Corporation of Rocket and Space Instrumentation and Information Systems, VTB, Sukhoi and even Rosfinmonitoring ... All this information is available on the State Procurement website.
Based on certificate RU 2015615812, SerchInform is the copyright holder of the so-called information security circuit (CIB SearchInform), which is used by a number of strategically important defense and critical infrastructure enterprises in Russia. The whole secret lies in this product.
CIB "SearchInform" was created in 1997 by the Belarusian company SoftInform LLC, the director and co-founder of the company was L.L. Matveev. 14 years later, the licensor and general distributor of KIB SearchInform, created by L.L. Matveev, becomes. English company "Searchinform Limited" (reg. No. 072072261, Suite B29 Yarley Street, W1G9GR, London, England). From that moment on, strange metamorphoses took place with the CIB license.
In 2016, the English "Searchinform Limited" is closed, and before that, information appears on the site searchinform.ru that the CIB "Searchinform" was developed by the "InfoSecSolution LTD" company, which is registered in the Seychelles. At this moment, interesting information appears on the site searchinform.ru: "All copyright and other rights to this program belong to InfoSecSolution Ltd, and the New Search Technologies (NPT) group of companies is the authorized representative in Russia and the CIS countries."
However, just at this time, the President of Russia signs an "inconvenient law" on information security and the leadership for business preservation decides to legalize, removing as an inconvenient inscription about the copyright ownership of InfoSecSolution Ltd, and consign the Seychelles campaign to oblivion by blotting out any reminders about it on his website. However, the Internet is such a bottomless barrel, from which the shadows of the forgotten past will crawl out at the most inconvenient moment.
Searchinform Trojan horse
Today on the website of SerchInform LLC it is indicated that all rights to the CIB Searchinform belong to this “domestic” company. But even a CIB check with a standard antivirus program shows that the distribution of their product contained files signed by a certificate from a foreign company InfoSecSolution Ltd. According to the site https://www.reasoncoresecurity.com/signer-infosecsolution-ltd-11218a55def61c6274d5b5e4067da0dcafc0.aspx, the KIB SearchInform software currently contains 112 digitally signed files (.dll,. Exe, .sys) InfoSecSolution Ltd. All this proves once again that one and the same product has been registered twice - once by InfoSecSolution Ltd and the second - by KIB Serchinform software.
It turns out that the Russian defense industry uses software and is simultaneously certified in Russia, Great Britain and the Seychelles. Now the US threats to launch cyberattacks on Russian infrastructure no longer seem to be the fantasies of out-of-mind overseas politicians.
To be continued