Skip to main content

Washington sanctions Russian companies with alleged ties to underwater naval shenanigans and cyber-meddling. Here's what we know.

Источник: Meduza
Digital Security / Facebook

On Monday, the U.S. Treasury Department imposed sanctions on three more Russian citizens and five companies that American officials say have ties to Russia’s Federal Security Service (FSB). One of these companies, the St.-Petersburg-based “Divetechnoservices,” allegedly “has procured a variety of underwater equipment and diving systems for Russian government agencies,” including the FSB. Washington sanctioned the company’s supposed owner, Vladimir Kagansky, and its supposed general director and manager, Aleksandr Tribun and Oleg Chirikov.

What’s so important about “diving systems”?

According to the U.S. government: “Russia has been active in tracking undersea communication cables, which carry the bulk of the world’s telecommunications data.” Last December, U.S. Navy Rear Admiral Andrew Lennon, the commander of NATO’s submarine forces, told The Washington Post that “Russia is clearly taking an interest in NATO and NATO nations' undersea infrastructure,” saying the recent level of Russian underwater activity near undersea cables has been unprecedented. Britain's top military commander reportedly said Russia “could imperil” the cables that form the backbone of the modern global economy.

According to the newsletter The Bell, Divetechnoservices has won more than 100 military procurement contracts since 2014 worth 3 billion rubles ($47.8 million). Ninety-five percent of the company’s contracts with the Russian government are military deals. The company’s single biggest contract (1.2 billion rubles, or $19.1 million) was to provide mobile autonomous decompression systems to the Russian Navy’s special forces.

Funneling Canadian mini-subs

In 2012, Divetechnoservices says it supplied Canadian “DeepWorker” underwater vehicles to “a Russian state enterprise.” Russia’s “Yantar” naval ship, which reportedly received one of these mini-submersibles, has been spotted off the coast of various geopolitical hot spots. “The manned submersibles and ROVs are an ideal platform for locating undersea cables and splicing them to add a hardware tap,” the magazine Popular Mechanics wrote in September 2017.

Cyber friends

The Treasury also targeted the Kvant Scientific Research Institute(Meduza wrote about this organization in our deep dive into Russian cyber-defense) and the company Digital Security, which specializes in information security. “As of 2015, Digital Security worked on a project that would increase Russia’s offensive cyber capabilities for the Russian Intelligence Services,” including the FSB, according to the U.S. government. Washington also added the companies ERPScan and Embedi as subsidiaries of Digital Security.

Digital Security is one of Russia’s leading information security consulting companies, and its sole owner, Ilya Medvedovsky, is known as the author of several new ways of attacking network protocols and two books: “Attack on the Internet” and “Attacking Through the Internet.” In 1999, he defended what has been called “Russia’s first hacker dissertation.” Digital Security has some major clients, including Yandex, QIWI, Group, Tele2, and SAP. According to official records, reports The Bell, government contracts made up just five percent of the company’s business in 2017.

Headquartered in Palo Alto, ERPScan works on SAP security (“systems applications and products” — enterprise resource planning software from Germany). Medvedovsky created the company in 2010. Mikhail Baranov, Digital Security’s commercial director, refused to comment on the sanctions, telling The Bell: “It’s a strange story.”

Hours after the U.S. sanctions were announced, Medvedovsky tweeted that his companies have found vulnerabilities in IT software for years, “making lots of enemies.” “It was just a matter of time until someone lobbied for something like this,” he wrote, promising to continue his work “to make this world cleaner.” On June 12, in a statement shared on Facebook, Digital Security said it’s never participated in any political operations.