The recent leak of thousands of secret documents by an anonymous whistleblower confirms much of what Horizon Helix and the cybersecurity sector suspected:
Nation-states like Russia are accelerating cyberwarfare plans, finding weaknesses, disrupting infrastructure and stockpiling internet vulnerabilities for future widespread and targeted attacks. The leaked documents include (what appear to be) proposed physical targets across the US as well as digital infrastructure that (if initiated and the hackers’ objectives achieved) would bring the supply chain to a screeching halt.
The leak of what is now dubbed “The Vulkan Files” details Russia’s sweeping cyberwarfare plan. The coordinated effort involves not only the country’s domestic spy agency, operational and intelligence divisions of the armed forces, and its foreign intelligence organization, but also Moscow-based cybersecurity firm NTC Vulkan.
The Vulkan Files appear to be authentic, according to five Western intelligence agencies.
Powerfully Disruptive NTS Vulkan Cyber-Attack Tools
“One document links a Vulkan cyber-attack tool with the notorious hacking group Sandworm, which the US government said twice caused blackouts in Ukraine, disrupted the Olympics in South Korea, and launched NotPetya, the most economically destructive malware in history,” according to The Guardian. “Codenamed Scan-V, it scours the internet for vulnerabilities, which are then stored for use in future cyber-attacks.”
Another Vulkan-built system is a blueprint for controlling and surveilling the internet, and furthers disinformation via fake social media profiles, in areas under Russian control.
Crystal-2V, yet another “Top Secret” Vulkan-created system, provides training for cyber-operatives in the methods needed to bring down rail, air, and sea infrastructure.
“Analysts say Russia is also engaged in a continual conflict with what it perceives as its enemy, the west, including the US, UK, EU, Canada, Australia and New Zealand,” all of which are also engaged in the digital arms race, according to the article.
Certain documents in the leak “contain what appear to be illustrative examples of potential targets.” These include a map showing dots across the US and the details of a nuclear power station in Switzerland.
Whistleblower Compelled by Invasion of Ukraine
Such leaks out of Moscow are incredibly rare. The whistleblower cited anger at the invasion of Ukraine as the prompt to approach two news agencies: German newspaper Süddeutsche Zeitung and the Munich-based investigative startup Paper Trail Media. Eleven media outlets formed a consortium and investigated the files for several months.
“People should know the dangers of this,” the whistleblower said, according to The Guardian. “Because of the events in Ukraine, I decided to make this information public. The company [NTC Vulkan] is doing bad things and the Russian government is cowardly and wrong. I am angry about the invasion of Ukraine and the terrible things that are happening there. I hope you can use this information to show what is happening behind closed doors.”