A massive leak of secret documents called the Vulkan Files, numbering more than 5,000 documents, revealed the activities of a Russian company that develops electronic weapons for the Kremlin called NTC Vulkan. Russian intelligence and military agencies.
The documents were leaked by an anonymous person who said that he published the documents motivated by his dissatisfaction with the Russian war against Ukraine. This person had leaked the documents since February of last year, a few days after the start of the war, and handed them over to a group of international newspapers that spent months analyzing them and verifying their authenticity. The results of these leaks were published today in a number of media outlets, including the Guardian and the Washington Post , the newspaper (Süddeutsche) and the German channel (ZDF).
The Vulcan files, which cover the period between 2016 and 2021, revealed minute details of how cyberattacks were planned, targeted and executed. It also revealed a collection of malware developed by the company for the Russian government. One of the most notable was Scan-V, a reconnaissance system that scans the Internet for vulnerabilities and stores them for use in future cyberattacks. The system is linked to Sandworm, a notorious hacking group that is accused of causing blackouts in Ukraine, disrupting the Olympic Games in South Korea and releasing NotPetya, which is one of the most destructive malware.
The files also revealed the Amezit system, which allows Russia to monitor and control the Internet in areas under its influence, such as Crimea and eastern Ukraine. This software also enables Russia to spread disinformation and political propaganda by automating the creation of fake profiles in social networks.
One of the most dangerous revelations is the Crystal-2V training program that teaches agents how to destroy critical infrastructure such as rail, air and sea networks. The program simulates realistic scenarios and targets, such as airports, power stations, and bridges.
The Vulkan files also show how the company worked closely with various Russian government agencies, such as the FSB (domestic spy agency), GOU, GRU (operational and intelligence departments of the armed forces), and SVR (foreign intelligence service). The company received contracts and orders from these agencies, as well as granted access to confidential information and resources.
The leaked documents included emails, internal documents, project blueprints, budgets, contracts, and maps. The documents also included evidence of Russia's involvement in planning attacks or disinformation campaigns in a number of Western countries, including the United States, Canada, Britain, the European Union, Australia and New Zealand.
The Vulkan files leak is a rare and unprecedented glimpse into Russia's electronic warfare strategy and capabilities.