The Vulkan files are a leaked set of emails, and other documents, implicating the Russian company NTC Vulkan (russian: НТЦ Вулкан) in acts of

cybercrime A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing the ...

, political interference in foreign affairs (such as in the

2016 United States presidential election The 2016 United States presidential election was the 58th quadrennial presidential election, held on Tuesday, November 8, 2016. The Republican ticket of businessman Donald Trump and Indiana governor Mike Pence defeated the Democratic ticket ...

) through

social media Social media are interactive media technologies that facilitate the creation and sharing of information, ideas, interests, and other forms of expression through virtual communities and networks. While challenges to the definition of ''social medi ...

, censorship of domestic social media, and

espionage Espionage, spying, or intelligence gathering is the act of obtaining secret or confidential information (intelligence) from non-disclosed sources or divulging of the same without the permission of the holder of the information for a tangibl ...

, in collusion with Russia's

Federal Security Service The Federal Security Service of the Russian Federation (FSB) RF; rus, Федеральная служба безопасности Российской Федерации (ФСБ России), Federal'naya sluzhba bezopasnosti Rossiyskoy Feder ...

(FSB), their armed forces (GOU and

GRU The Main Directorate of the General Staff of the Armed Forces of the Russian Federation, rus, Гла́вное управле́ние Генера́льного шта́ба Вооружённых сил Росси́йской Федера́ци ...

); and Foreign Intelligence Service (SVR). The files date from 2016 to 2021.

Background

The company NTC Vulkan was founded by Anton Markov and Alexander Irzhavsky in 2010. Both are graduates of St Petersburg military academy and have served in the Russian army, with Markov reaching the rank of captain and Irzhavsky reaching the rank of major. Vulkan received special licences to work on classified military and state projects from 2011. It has more than 120 staff, 60 of who are programmers, and describes its speciality as information security. It lists

Sberbank PJSC Sberbank (russian: Сбербанк, initially a contraction of russian: сберегательный банк, translit=sberegatelnyy bank, lit=savings bank, link=no) is a Russian majority state-owned banking and financial services compan ...

Aeroflot PJSC AeroflotRussian Airlines (russian: ПАО "Аэрофло́т — Росси́йские авиали́нии", ), commonly known as Aeroflot ( or ; russian: Аэрофлот, , ), is the flag carrier and the largest airline of Russia. The ...

and

Russian Railways Russian Railways (russian: link=no, ОАО «Российские железные дороги» (ОАО «РЖД»), OAO Rossiyskie zheleznye dorogi (OAO RZhD)) is a Russian fully state-owned vertically integrated railway company, both manag ...

as customers.

Leaks

The documents, numbering in their thousands, were leaked to the German newspaper ' within days of the 24 February 2022

Russian invasion of Ukraine On 24 February 2022, in a major escalation of the Russo-Ukrainian War, which began in 2014. The invasion has resulted in tens of thousands of deaths on both sides. It has caused Europe's largest refugee crisis since World War II. An ...

by a

whistleblower A whistleblower (also written as whistle-blower or whistle blower) is a person, often an employee, who reveals information about activity within a private or public organization that is deemed illegal, immoral, illicit, unsafe or fraudulent. Whi ...

who opposed that war, and were analysed by journalists from that publication and ''

The Guardian ''The Guardian'' is a British daily newspaper. It was founded in 1821 as ''The Manchester Guardian'', and changed its name in 1959. Along with its sister papers ''The Observer'' and ''The Guardian Weekly'', ''The Guardian'' is part of the Gu ...

'', ' and ''

Washington Post ''The Washington Post'' (also known as the ''Post'' and, informally, ''WaPo'') is an American daily newspaper published in Washington, D.C. It is the most widely circulated newspaper within the Washington metropolitan area and has a large nati ...

'', with several other media outlets, as part of a consortium led by Paper Trail Media and '. The consortium published the first details of its investigation on 30 March 2023. Five Western intelligence agencies and several independent cybersecurity experts authenticated the files.

Connections with other organisations

The documents link Vulkan to the

run hacker group Sandworm. Vulkan was contracted to write software called Scan-V to support searching for weak spots in systems to be targeted. Scan-V was commissioned in May 2018. The documents link Vulkan to the

Cozy Bear Cozy Bear, classified by the United States federal government as advanced persistent threat APT29, is a Russian hacker group believed to be associated with one or more intelligence agencies of Russia. The Dutch General Intelligence and Security ...

hacker group, according to

Google Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronics. ...

researchers. Vulkan won an initial contract to create a system called Amezit in 2016. Amezit is designed to allow control of and interception of internet, wireless and mobile communications. In 2018 some employees went in connection to Amezit to

Rostov-on-Don Rostov-on-Don ( rus, Ростов-на-Дону, r=Rostov-na-Donu, p=rɐˈstof nə dɐˈnu) is a port city and the administrative centre of Rostov Oblast and the Southern Federal District of Russia. It lies in the southeastern part of the East Eu ...

to visit the Radio Research Institute, which is linked to the

. It is not known if it has been used in parts of Ukraine occupied by the Russian Army.

References

External links

*{{cite web , title=Putins Krieg im Netz utin's Cyber-War, url=https://www.spiegel.de/thema/putins-krieg-im-netz-podcast/ , website=

Der Spiegel ''Der Spiegel'' (, lit. ''"The Mirror"'') is a German weekly news magazine published in Hamburg. With a weekly circulation of 695,100 copies, it was the largest such publication in Europe in 2011. It was founded in 1947 by John Seymour Chaloner ...

, location=Hamburg, Germany , language=de 2023 in international relations 21st-century military history of Russia Cybercrime Data journalism Investigative journalism Whistleblowing Propaganda in Russia Foreign relations of Russia Russia intelligence operations Russian interference in the 2016 United States elections Russian interference in British politics Russo-Ukrainian War Russia–NATO relations Federal Security Service GRU The Guardian Der Spiegel Süddeutsche Zeitung Vladimir Putin