Read on Twitter
In 2018 Digital Security (DSEC), a Russian tech company, was hit with sanctions by the US DOT.
Through online research we believe we have identified a network created by its leadership Ilya
Medvedovsky, Dmitriy Evdokimov and Yevgeniya Klimina to apparently evade these sanctions.
Through online research we believe we have identified a network created by its leadership Ilya
Medvedovsky, Dmitriy Evdokimov and Yevgeniya Klimina to apparently evade these sanctions.
Sanctions were imposded on DSEC because of work conducted on a project that would increase Russia's
offensive cyber capabilities for the Russian intelligence services, including the FSB. ERPScan and Embedi, subsidiaries of DSEC were also sanctioned.
offensive cyber capabilities for the Russian intelligence services, including the FSB. ERPScan and Embedi, subsidiaries of DSEC were also sanctioned.
In the face of these sanctions, DSEC has appeared to have developed a complex network of front companies around the world to continue to operate unimpeded, an obfuscation technique that many other sanctioned entities carry out.
Ilya Davidovich Medvedovsky is a cybersecurity professional, associated with these three companies. He was CEO of ERPScan and Embedi and was General Director of DSEC.
Medvedovsky, also the author of a series of hacker books written in Russian "Attack via the internet", claims the sanctions are retaliation for exposing hundreds of vulnerabilities in the products of companies such as Oracle, Microsoft, IBM and CISCO.
Dmitriy Evdokimov attended the Blackhat USA 2017 as a speaker, listed as CTO of Embedi, he was interested in reverse engineering, software verification and research and development of exploits.
In 2018 he was head researcher of DSEC. Described as an expert in computer security in the field of reverse engineering and malware attack analysis.
Evdokimov founded Limited Liability Company Klaudran in August 2021, listed as a
computer software development company with Evdokimov as General Director.
computer software development company with Evdokimov as General Director.
Medvedovsky co-founded ERPScan with Aleksandr Polyakov in 2010. Together they built a tool called the ERPScan Security Monitoring Suite. Capable of identifying 10,000 different vulnerabilities and misconfigurations in a variety of systems.
In an interview from 2013 Polyakov states that he was invited to work for DSEC by a university buddy, a place where the best hackers were working. He then formed a research center within the company, before creating a subdivision of the company called ERPScan.
Yevgeniya Aleksandrovna Klimina, an employee of DSEC, is listed as the former head of Digital Compliance. She is also listed as the head of Limited Liability Company Kiber Servis (Cyber Service).
Cyber Service and Digital Compliance were also founded by Elena and Olga Medvedovskaya. Elena and Olga are assumed to be relatives of Ilya.
Because of the sanctions-imposed Ilya cannot be named as owner for these companies to operate on the international market. However, there is no evidence to suggest that Elena and Olga are aware of the smokescreen being created.
Klimina is listed as the sole executive of Czech Republic company Machine Learning Lab s.r.o. Clicking on the link for MLL takes you directly to the website for Safe O'Clock, a cyber security platform covering all aspects of SAP systems.
These types of efforts undermine the "know your customer" model that international business relies on and can put unknowing clients and users at risk to intrusion and cyber-attacks.
With the sharp increase in sanctions against Russia in recent years, the INFOSEC community needs to continually seek to fully understand who they are doing business with to ensure the security of their clients from threats with connections to Russian
Intelligence Services.
Intelligence Services.
@threadreaderapp unroll
• • •
Missing some Tweet in this thread? You can try to
force a refresh
