Kimberly Zenz is a cybersecurity research with an emphasis on the RuNet. Her work experience includes RuNet researcher at Verisign iDefense and Head of Threat Intelligence at the Deutsche Cyber-Sicherheitsorganisation (German Cyber Security Organization).[1] In 2019, a Moscow court reportedly accused her of passing along information of interest to the Russian government to U.S. intelligence officials.[2] Zenz refuted these accusations and repeatedly requested to testify. The court ignored her request and did not permit her to testify.[3][4]
Kimberly Zenz | |
---|---|
Born | Kimberly Zenz |
Education
editZenz went to Episcopal High School (Alexandria, Virginia), College of William & Mary, and Georgetown's School of Foreign Service.[5]
Career in the RuNet
editZenz previously worked as senior analyst for Verisign's iDefense threat intelligence based in Reston, Virginia, with an emphasis on Russian-speaking cybercriminals.[6] She also worked as Head of Threat Intelligence at the Deutsche Cyber-Sicherheitsorganisation (German Cyber Security Organization) in Berlin, where she created the international research program. She was also a nonresident senior fellow with the Cyber Statecraft Initiative at the Atlantic Council's Scowcroft Center for Strategy and Security in Washington DC.[7]
Her work has been featured in multiple books and media publications, including Spam Nation by Brian Krebs, Fatal System Error by Joseph Menn.[8] She is the co-author of Cyberfraud: Tactics, Techniques and Procedures" and the Oxford University Publication titled "Cyber Security in the Russian Federation."
U.S. intelligence allegations
editIn 2010, ChronoPay CEO Pavel Vrublevsky alleged that Zenz had been passing along information about his company to U.S. intelligence officials.[9][10][11][12][13] Mr. Vrublevsky is a convicted cybercriminal who served time in Russian prison.[14][15] The men accused in the treason case all participated in his investigation and conviction.[16]
In 2019, a Moscow court reportedly accused Zenz of passing information about Mr. Vrublevksy's criminal operations to U.S. intelligence officials.[17][18] They accused renowned Russian cybercriminal investigator Ruslan Stoyanov of giving her the materials.
Zenz has denied these claims.[19][20] She was in Moscow the week before the accused men were arrested, but was never questioned. She also requested to testify for the defense, but all of her requests were ignored by the Russian court.[21] In 2019, Zenz spoke at BlackHat USA about the case, her experiences being accused, and the infighting among Russian security services that she believes played a role in the Russian treason case.[22]
In their book, "The Red Web: The Struggle Between Russia’s Digital Dictators and the New Online Revolutionaries," Russian investigative journalists Andrei Soldatov and Irina Borogan report that the case was also motivated by a desire by Russian security services to stop international cooperation between Russian investigators and researchers and those in the West.[23]
References
edit- ^ "Black Hat USA 2019". www.blackhat.com. Retrieved 2021-08-16.
- ^ "A Shakeup in Russia's Top Cybercrime Unit – Krebs on Security". 2 February 2017. Retrieved 2021-08-16.
- ^ News, Bloomberg (2019-02-22). "Russia Seeks 20 Years for Cyber-Cops in U.S.-Linked Treason Case - BNN Bloomberg". BNN. Retrieved 2021-08-16.
{{cite web}}
:|last=
has generic name (help) - ^ Poulsen, Kevin (2019-02-23). "Kremlin Accused Her of Being a U.S. Spy. She Offered to Go to Moscow". The Daily Beast. Retrieved 2021-08-16.
- ^ "About the Team". Archived from the original on August 20, 2008. Retrieved June 30, 2020.
Despite her frequent travels (41 countries and counting), Kimberly is very much a product of Washington, having attended Episcopal High School in Alexandria, William & Mary in Williamsburg and Georgetown's School of Foreign Service in the city itself.
- ^ "Black Hat USA 2019". www.blackhat.com. Retrieved 2021-08-16.
- ^ "Black Hat USA 2019". www.blackhat.com. Retrieved 2021-08-16.
- ^ Menn, Joseph (2010). Fatal system error : the hunt for the new crime lords who are bringing down the Internet (1st ed.). New York, NY: PublicAffairs. ISBN 978-0-7867-4629-3. OCLC 656957973.
- ^ Krebs, Brian (January 28, 2017). "A Shakeup in Russia's Top Cybercrime Unit". Archived from the original on April 26, 2019. Retrieved June 30, 2020.
As it happens, an email that Vrublevsky wrote to a ChronoPay employee in 2010 eerily presages the arrests of Mikhaylov and Stoyanov, voicing Vrublevsky's suspicion that the two men were closely involved in leaking ChronoPay emails and documents that were seized by Mikhaylov's own division — the Information Security Center (CDC) of the Russian Federal Security Service (FSB)..
- ^ "ChronoPay email translated" (PDF). KrebslonSecurity. January 28, 2017.
Stoyanov has an employee that we know almost nothing about so far - Dmitry Levashov. Levashov was living together for a long time with someone named Kimberly Zenz. She, in turn, is the main official Russia specialist in iDefense.
- ^ Murtazin, Irek (January 31, 2017). "FSB colonel detained in the Humpty Dumpty case could be a foreign intelligence agent". Novaya Gazeta. Archived from the original on June 26, 2020. Retrieved June 30, 2020.
And here is what Brian Krebs did not write about. It would be like Stoyanov's partner in Indrik and his close friend Dmitry Levashov, who was the common-law husband of Kimberly Zenz. It was through Levashov and Stoyanov that Zenz allegedly received information first from Mikhailov, and then from Dokuchaev, with whom Stoyanov introduced her.
- ^ Svetlana (December 5, 2017). "How America Learned About Russian Hackers". The Bell. Reuters. Archived from the original on January 23, 2018. Retrieved June 30, 2020.
Scheme of information leakage from Mikhailov's group to American intelligence agencies (version of former CBP employee Dmitry Burykh): Sergey Mikhailov, TsIB FSB → Ruslan Stoyanov, former employee of Kaspersky Lab → Dmitry Levashov, former employee of one of Stoyanov's companies → Kimberly Zenz, analyst at iDefense Intelligence (categorically refutes that she transmitted any information along this chain) → Rick Howard, former Director of iDefense Intelligence → William Lynn, former Under Secretary of Defense
- ^ "Sources tell Russian newspaper that FSB agents leaked secret data to the FBI for 10 million dollars". Meduza. October 5, 2018. Archived from the original on June 29, 2020. Retrieved June 30, 2020.
As early as 2010, Vrublevsky started accusing Mikhailov and Stoyanov of leaking emails and documents seized from his company by the FSB, saying the latter was "feeding privileged information about important Russian hackers" to Zenz, who was dating one of Stoyanov's colleagues.
- ^ "Pavel Vrublevsky Sentenced to 2.5 Years – Krebs on Security". 2 August 2013. Retrieved 2021-08-16.
- ^ Krebs, Brian (2014). Spam nation : the inside story of organized cybercrime--from global epidemic to your front door. Naperville, Illinois. ISBN 978-1-4022-9561-4. OCLC 883207087.
{{cite book}}
: CS1 maint: location missing publisher (link) - ^ "Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison – Krebs on Security". 26 February 2019. Retrieved 2021-08-16.
- ^ Demchenko, Natalya (April 1, 2019). "The court sentenced to seven years in a colony of the defendant in the case of high treason in the FSB". RBC. Archived from the original on June 30, 2020. Retrieved June 30, 2020.
According to the prosecution, Colonel Mikhailov recorded the information constituting state secrets on two discs, and then through Dokuchaev transferred them to Stoyanov and Fomchenkov, who exported these discs abroad. After this, Stoyanov at the international conference on cybersecurity in Canada handed over the disc to Kimberly Zenz, an employee of the American company I-Defense, and Fomchenkov delivered another disc to the United States.
- ^ Eddy, Max (August 9, 2019). "Russian Intel Agencies Are a Toxic Stew of Competition and Sabotage". PC Mag. Archived from the original on June 29, 2020. Retrieved June 30, 2020.
Zenz should know. She was accused by a Moscow military court of being a US agent in 2010 ("depending on reporting, the FBI or the CIA"). This was all part of a large and confusing case that swept up (among other people) a Russian cybercriminal, Russian intelligence officials, and Kaspersky researcher Ruslan Stoyanov.
- ^ "The Internet has a new curator in the FSB". RBC. July 28, 2017. Archived from the original on June 29, 2020. Retrieved June 30, 2020.
Kimberly Zenz in a conversation with RBC said that she was contacted by Alexander Gusak, the lawyer of one of the detainees, Ruslan Stoyanov. "He was interested in the details of my life, our communication with Ruslan Stoyanov and asked if I had paid him or anyone else for information from Russian government agencies," Zenz said. "I never did that." I do not work for the CIA, I never transmitted information to them and was not a government agent of any state. "I also declared my readiness to testify to the Russian law enforcement agencies, and they know how to contact me, but did not." Ruslan Stoyanov's lawyer, Alexander Gusak, confirmed to RBC that Kimberly Zenz had given him written testimony and that they had been transferred to the investigation.
- ^ Kravchenko, Stepan (February 22, 2019). "Russia Seeks 20 Years for Cyber-Cops in U.S.-Linked Treason Case". Bloomberg Law. Archived from the original on June 29, 2020. Retrieved June 30, 2020.
"I'm not a government agent and never have been," Zenz said Feb. 21 in a Facebook message, adding that "there's no evidence some sort of compact disc was handed over because it never happened." While she's known Stoyanov for more than 10 years as an "internationally respected cybercrime investigator who loves his country," she's never had contact with the other accused, Zenz said.
- ^ Poulsen, Kevin (2019-02-23). "Kremlin Accused Her of Being a U.S. Spy. She Offered to Go to Moscow". The Daily Beast. Retrieved 2021-08-16.
- ^ Infighting Among Russian Security Services in the Cyber Sphere, retrieved 2021-08-16
- ^ Soldatov, Andreĭ (2015). The red web : the struggle between Russia's digital dictators and the new online revolutionaries. I. Borogan (First ed.). New York. ISBN 978-1-61039-573-1. OCLC 914136614.
{{cite book}}
: CS1 maint: location missing publisher (link)