Kimberly Zenz

Last updated
Kimberly Zenz
Born
Kimberly Zenz

Kimberly Zenz is a cybersecurity research with an emphasis on the RuNet. Her work experience includes RuNet researcher at Verisign iDefense and Head of Threat Intelligence at the Deutsche Cyber-Sicherheitsorganisation (German Cyber Security Organization). [1] In 2019, a Moscow court reportedly accused her of passing along information of interest to the Russian government to U.S. intelligence officials. [2] Zenz refuted these accusations and repeatedly requested to testify. The court ignored her request and did not permit her to testify. [3] [4]

Contents

Education

Zenz went to Episcopal High School (Alexandria, Virginia), College of William & Mary, and Georgetown's School of Foreign Service. [5]

Career in the RuNet

Zenz previously worked as senior analyst for Verisign's iDefense threat intelligence based in Reston, Virginia, with an emphasis on Russian-speaking cybercriminals. [6] She also worked as Head of Threat Intelligence at the Deutsche Cyber-Sicherheitsorganisation (German Cyber Security Organization) in Berlin, where she created the international research program. She was also a nonresident senior fellow with the Cyber Statecraft Initiative at the Atlantic Council's Scowcroft Center for Strategy and Security in Washington DC. [7]

Her work has been featured in multiple books and media publications, including Spam Nation by Brian Krebs, Fatal System Error by Joseph Menn. [8] She is the co-author of Cyberfraud: Tactics, Techniques and Procedures" and the Oxford University Publication titled "Cyber Security in the Russian Federation."

U.S. intelligence allegations

In 2010, ChronoPay CEO Pavel Vrublevsky alleged that Zenz had been passing along information about his company to U.S. intelligence officials. [9] [10] [11] [12] [13] Mr. Vrublevsky is a convicted cybercriminal who served time in Russian prison. [14] [15] The men accused in the treason case all participated in his investigation and conviction. [16]

In 2019, a Moscow court reportedly accused Zenz of passing information about Mr. Vrublevksy's criminal operations to U.S. intelligence officials. [17] [18] They accused renowned Russian cybercriminal investigator Ruslan Stoyanov of giving her the materials.

Zenz has denied these claims. [19] [20] She was in Moscow the week before the accused men were arrested, but was never questioned. She also requested to testify for the defense, but all of her requests were ignored by the Russian court. [21] In 2019, Zenz spoke at BlackHat USA about the case, her experiences being accused, and the infighting among Russian security services that she believes played a role in the Russian treason case. [22]

In their book, "The Red Web: The Struggle Between Russia’s Digital Dictators and the New Online Revolutionaries," Russian investigative journalists Andrei Soldatov and Irina Borogan report that the case was also motivated by a desire by Russian security services to stop international cooperation between Russian investigators and researchers and those in the West. [23]

Related Research Articles

<span class="mw-page-title-main">Cybercrime</span> Type of crime based in computer networks

Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.

<span class="mw-page-title-main">Federal Security Service</span> Principal security agency of Russia

The Federal Security Service of the Russian Federation is the principal security agency of Russia and the main successor agency to the Soviet Union's KGB; its immediate predecessor was the Federal Counterintelligence Service (FSK) which was reorganized into the FSB in 1995. The three major structural successor components of the former KGB that remain administratively independent of the FSB are the Foreign Intelligence Service (SVR), the Federal Protective Service (FSO), and the Main Directorate of Special Programs of the President of the Russian Federation (GUSP).

Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet by means of tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, and programming scripts can all be forms of internet terrorism. Cyberterrorism is a controversial term. Some authors opt for a very narrow definition, relating to deployment by known terrorist organizations of disruption attacks against information systems for the primary purpose of creating alarm, panic, or physical disruption. Other authors prefer a broader definition, which includes cybercrime. Participating in a cyberattack affects the terror threat perception, even if it isn't done with a violent approach. By some definitions, it might be difficult to distinguish which instances of online activities are cyberterrorism or cybercrime.

Brian Krebs is an American journalist and investigative reporter. He is best known for his coverage of profit-seeking cybercriminals. Krebs is the author of a daily blog, KrebsOnSecurity.com, covering computer security and cybercrime. From 1995 to 2009, Krebs was a reporter for The Washington Post and covered tech policy, privacy and computer security as well as authoring the Security Fix blog.

<span class="mw-page-title-main">Jart Armin</span> Cybercrime and computer security investigator and analyst

Jart Armin is an investigator, analyst and writer on cybercrime and computer security, and researcher of cybercrime mechanisms and assessment.

Pavel Olegovich Vrublevsky is a Russian, owner and general manager of the processing company ChronoPay. He is also the founder of investment company RNP and a Russian Forbes contributor on matters relating to blockchain, cryptocurrencies, and cybersecurity. He was also implicated in a range of criminal cases related to hacking.

<span class="mw-page-title-main">Roman Seleznev</span> Russian computer hacker

Roman Valerevich Seleznev, also known by his hacker name Track2, is a Russian computer hacker. Seleznev was indicted in the United States in 2011, and was convicted of hacking into servers to steal credit-card data. His activities are estimated to have caused more than $169 million in damages to businesses and financial institutions. Seleznev was arrested on July 5, 2014, and was sentenced to 27 years in prison for wire fraud, intentional damage to a protected computer, and identity theft.

<span class="mw-page-title-main">Dark0de</span> Online black marketplace and cybercrime forum

dark0de, also known as Darkode, is a cybercrime forum and black marketplace described by Europol as "the most prolific English-speaking cybercriminal forum to date". The site, which was launched in 2007, serves as a venue for the sale and trade of hacking services, botnets, malware, stolen personally identifiable information, credit card information, hacked server credentials, and other illicit goods and services.

<span class="mw-page-title-main">Carding (fraud)</span> Crime involving the trafficking of credit card data

Carding is a term of the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.

<span class="mw-page-title-main">Peter Levashov</span> Russian spammer and virus creator (born 1980)

Peter Levashov is a Russian spammer and virus creator. He was described by The Spamhaus Project as one of the longest functioning criminal spam operators on the internet. In July 2021, a US federal judge overruled government recommendations for a 12 to 14.5 year prison sentence, giving a sentence instead of time served, with three years of supervision. Levashov remains in the US, having started a business called SeveraDAO.

The Mikhailov Case refers to an espionage scandal surrounding the activities of the Center of Information Security (CIS) of FSB, whose employees were implicated in high treason after participating in a number of high-profile criminal cases. January 31, 2017 was arrested that the head of the 2nd department of the CIS Sergei Mikhailov (FSB) and his deputy Dmitry Dokuchaev In the same case, the head of the department of investigation of computer incidents of Kaspersky Lab Ruslan Stoyanov and Georgy Fomchenkov were arrested. The men were convicted of giving information to American private sector researcher Kimberly Zenz, but Zenz herself was never charged, and her requests to testify for the defense were ignored.

Ghana has one of the highest rates of cybercrime in the world, ranking 7th in a 2008 Internet Crime Survey. The most popular form of cybercrime in Ghana is cyberfraud and is typically achieved via credit card fraud. However, recent decreases in universal credit card usage has seen the expansion of other cybercrimes such as blackmail and hacking. This growth in crime has warranted a government response, with policies specifically addressing the cyberspace being developed. This has necessitated various studies including a cyber security maturity study which was inaugurated by the Ministry of Communications and conducted by the Global Cyber Security Capacity Center (GCSCC) of the University of Oxford in collaboration with the World Bank.

<span class="mw-page-title-main">Yevgeniy Nikulin</span> Russian computer hacker (born 1987)

Yevgeniy Alexandrovich Nikulin is a Russian computer hacker. He was arrested in Prague in October 2016, and was charged with the hacking and data theft of several U.S. technology companies. In September 2020, he was sentenced to 88 months in prison.

Sergei Mikhailov was deputy head of the FSB security agency’s Center for Information Security. In February 2019, he was sentenced to 22 years in prison for treason.

<span class="mw-page-title-main">Dmitry Dokuchaev</span>

Dmitry Aleksandrovich Dokuchaev is a Russian convicted cyber criminal and a former intelligence officer of the Federal Security Service (FSB), the principal security agency of Russia. In April 2019, he was sentenced to six years in prison for treason.

Ruslan Stoyanov is a Russian computer scientist. In December 2016, he was arrested on charges of treason as part of the Mikhailov case. In 2019, he was sentenced to 14 years in prison.

<span class="mw-page-title-main">Ilya Sachkov</span> Russian entrepreneur

Ilya Sachkov is a Russian cybersecurity expert and founder and CEO of Group-IB, a cybersecurity company specialising in the detection and prevention of cyberattacks. He received an award from Russian President Vladimir Putin for his work in 2019. In September 2021, he was detained by the Russian government's Federal Security Service on treason charges.

Michael B. Faulkner, known as by his pseudonym CygonX is an American business executive, author, and convicted cybercriminal. He is the founder of Crydon Capital.

Jabber Zeus was a cybercriminal syndicate and associated Trojan horse created and run by hackers and money launderers based in Russia, the United Kingdom, and Ukraine. It was the second main iteration of the Zeus malware and racketeering enterprise, succeeding Zeus and preceding Gameover Zeus.

Intel 471 is a cybersecurity company that specializes in providing actionable threat intelligence to organizations worldwide. It was founded in 2014 by Jason Passwaters and Mark Arena. Intel 471 Inc. is incorporated in Wilmington, Delaware, US.

References

  1. "Black Hat USA 2019". www.blackhat.com. Retrieved 2021-08-16.
  2. "A Shakeup in Russia's Top Cybercrime Unit – Krebs on Security". 2 February 2017. Retrieved 2021-08-16.
  3. News, Bloomberg (2019-02-22). "Russia Seeks 20 Years for Cyber-Cops in U.S.-Linked Treason Case - BNN Bloomberg". BNN. Retrieved 2021-08-16.{{cite web}}: |last= has generic name (help)
  4. Poulsen, Kevin (2019-02-23). "Kremlin Accused Her of Being a U.S. Spy. She Offered to Go to Moscow". The Daily Beast. Retrieved 2021-08-16.
  5. "About the Team". Archived from the original on August 20, 2008. Retrieved June 30, 2020. Despite her frequent travels (41 countries and counting), Kimberly is very much a product of Washington, having attended Episcopal High School in Alexandria, William & Mary in Williamsburg and Georgetown's School of Foreign Service in the city itself.
  6. "Black Hat USA 2019". www.blackhat.com. Retrieved 2021-08-16.
  7. "Black Hat USA 2019". www.blackhat.com. Retrieved 2021-08-16.
  8. Menn, Joseph (2010). Fatal system error : the hunt for the new crime lords who are bringing down the Internet (1st ed.). New York, NY: PublicAffairs. ISBN   978-0-7867-4629-3. OCLC   656957973.
  9. Krebs, Brian (January 28, 2017). "A Shakeup in Russia's Top Cybercrime Unit". Archived from the original on April 26, 2019. Retrieved June 30, 2020. As it happens, an email that Vrublevsky wrote to a ChronoPay employee in 2010 eerily presages the arrests of Mikhaylov and Stoyanov, voicing Vrublevsky's suspicion that the two men were closely involved in leaking ChronoPay emails and documents that were seized by Mikhaylov's own division — the Information Security Center (CDC) of the Russian Federal Security Service (FSB)..
  10. "ChronoPay email translated" (PDF). KrebslonSecurity. January 28, 2017. Stoyanov has an employee that we know almost nothing about so far - Dmitry Levashov. Levashov was living together for a long time with someone named Kimberly Zenz. She, in turn, is the main official Russia specialist in iDefense.
  11. Murtazin, Irek (January 31, 2017). "FSB colonel detained in the Humpty Dumpty case could be a foreign intelligence agent". Novaya Gazeta. Archived from the original on June 26, 2020. Retrieved June 30, 2020. And here is what Brian Krebs did not write about. It would be like Stoyanov's partner in Indrik and his close friend Dmitry Levashov, who was the common-law husband of Kimberly Zenz. It was through Levashov and Stoyanov that Zenz allegedly received information first from Mikhailov, and then from Dokuchaev, with whom Stoyanov introduced her.
  12. Svetlana (December 5, 2017). "How America Learned About Russian Hackers". The Bell. Reuters. Archived from the original on January 23, 2018. Retrieved June 30, 2020. Scheme of information leakage from Mikhailov's group to American intelligence agencies (version of former CBP employee Dmitry Burykh): Sergey Mikhailov, TsIB FSB → Ruslan Stoyanov, former employee of Kaspersky Lab → Dmitry Levashov, former employee of one of Stoyanov's companies → Kimberly Zenz, analyst at iDefense Intelligence (categorically refutes that she transmitted any information along this chain) → Rick Howard, former Director of iDefense Intelligence → William Lynn, former Under Secretary of Defense
  13. "Sources tell Russian newspaper that FSB agents leaked secret data to the FBI for 10 million dollars". Meduza. October 5, 2018. Archived from the original on June 29, 2020. Retrieved June 30, 2020. As early as 2010, Vrublevsky started accusing Mikhailov and Stoyanov of leaking emails and documents seized from his company by the FSB, saying the latter was "feeding privileged information about important Russian hackers" to Zenz, who was dating one of Stoyanov's colleagues.
  14. "Pavel Vrublevsky Sentenced to 2.5 Years – Krebs on Security". 2 August 2013. Retrieved 2021-08-16.
  15. Krebs, Brian (2014). Spam nation : the inside story of organized cybercrime--from global epidemic to your front door. Naperville, Illinois. ISBN   978-1-4022-9561-4. OCLC   883207087.{{cite book}}: CS1 maint: location missing publisher (link)
  16. "Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison – Krebs on Security". 26 February 2019. Retrieved 2021-08-16.
  17. Demchenko, Natalya (April 1, 2019). "The court sentenced to seven years in a colony of the defendant in the case of high treason in the FSB". RBC. Archived from the original on June 30, 2020. Retrieved June 30, 2020. According to the prosecution, Colonel Mikhailov recorded the information constituting state secrets on two discs, and then through Dokuchaev transferred them to Stoyanov and Fomchenkov, who exported these discs abroad. After this, Stoyanov at the international conference on cybersecurity in Canada handed over the disc to Kimberly Zenz, an employee of the American company I-Defense, and Fomchenkov delivered another disc to the United States.
  18. Eddy, Max (August 9, 2019). "Russian Intel Agencies Are a Toxic Stew of Competition and Sabotage". PC Mag. Archived from the original on June 29, 2020. Retrieved June 30, 2020. Zenz should know. She was accused by a Moscow military court of being a US agent in 2010 ("depending on reporting, the FBI or the CIA"). This was all part of a large and confusing case that swept up (among other people) a Russian cybercriminal, Russian intelligence officials, and Kaspersky researcher Ruslan Stoyanov.
  19. "The Internet has a new curator in the FSB". RBC. July 28, 2017. Archived from the original on June 29, 2020. Retrieved June 30, 2020. Kimberly Zenz in a conversation with RBC said that she was contacted by Alexander Gusak, the lawyer of one of the detainees, Ruslan Stoyanov. "He was interested in the details of my life, our communication with Ruslan Stoyanov and asked if I had paid him or anyone else for information from Russian government agencies," Zenz said. "I never did that." I do not work for the CIA, I never transmitted information to them and was not a government agent of any state. "I also declared my readiness to testify to the Russian law enforcement agencies, and they know how to contact me, but did not." Ruslan Stoyanov's lawyer, Alexander Gusak, confirmed to RBC that Kimberly Zenz had given him written testimony and that they had been transferred to the investigation.
  20. Kravchenko, Stepan (February 22, 2019). "Russia Seeks 20 Years for Cyber-Cops in U.S.-Linked Treason Case". Bloomberg Law. Archived from the original on June 29, 2020. Retrieved June 30, 2020. "I'm not a government agent and never have been," Zenz said Feb. 21 in a Facebook message, adding that "there's no evidence some sort of compact disc was handed over because it never happened." While she's known Stoyanov for more than 10 years as an "internationally respected cybercrime investigator who loves his country," she's never had contact with the other accused, Zenz said.
  21. Poulsen, Kevin (2019-02-23). "Kremlin Accused Her of Being a U.S. Spy. She Offered to Go to Moscow". The Daily Beast. Retrieved 2021-08-16.
  22. Infighting Among Russian Security Services in the Cyber Sphere , retrieved 2021-08-16
  23. Soldatov, Andreĭ (2015). The red web : the struggle between Russia's digital dictators and the new online revolutionaries. I. Borogan (First ed.). New York. ISBN   978-1-61039-573-1. OCLC   914136614.{{cite book}}: CS1 maint: location missing publisher (link)