Two Cybersecurity Companies with Links to Israel Placed on U.S. Blacklist

The U.S. Treasury is accusing a number of companies of aiding the Kremlin to develop advanced offensive cyber technology

Asaf Shalev 17:0313.06.18

The U.S. Treasury placed sanctions Monday on a number of individuals and companies, including two with links to Israel, that are accused of providing Russia’s intelligence agency, the FSB, with offensive cyber technology.


For daily updates, subscribe to our newsletter by clicking here.


The Israeli-linked companies, Embedi and ERPScan B.V., deny having worked for Moscow and neither is licensed by Israel’s Defense Export Control Agency, the Israeli Ministry of Defense told Calcalist.


U.S. Treasury Secretary Steven Mnuchin. Photo: Reuters U.S. Treasury Secretary Steven Mnuchin. Photo: Reuters



The U.S. Treasury blacklisted Digital Security, a Russia-based company offering information security expertise, and said it controls or previously controlled the two firms.


The move is part of an “ongoing effort to counter malicious actors working at the behest of the Russian Federation and its military and intelligence units,” Treasury Secretary Steven Mnuchin said in a statement.


“The entities designated today have directly contributed to improving Russia’s cyber and underwater capabilities through their work with the FSB and therefore jeopardize the safety and security of the United States and our allies,” he said.


The sanctions mean that the U.S. has placed a freeze on all assets of the companies and prohibits American citizens from conducting business with them.


The Treasury’s Office of Foreign Assets Control named Embedi, which has offices in Israel and California, saying the company was owned or controlled by Digital Security as of May 2017. Another company, ERPScan B.V., which also lists an office in Israel, was identified by the Treasury as a subsidiary of the Russian company as of August 2016.


The founder of the three entities is Ilia Medvedowski. He is a Russian national with more than 20 years of experience researching vulnerabilities in network protocols, according to Latvian-based news website Meduza. Online posts on Linkedin and other sites indicate that some former employees of Digital Security now work at the two companies that have links to Israel.


Mr. Medvedowski dismissed the accusations in a tweet posted hours after the U.S. sanctions were announced. He wrote in Russian that he has “made lots of enemies” by detecting vulnerabilities in enterprise software.


“It was just a matter of time until someone lobbied for something like this,” he said, and vowed to keep working to “make the world a cleaner place.”


In an interview with Israeli news outlet i24, an executive at Embedi denied the company has any links to Russia, calling the matter a “misunderstanding.” The executive said the company has its headquarters and a research and development office in Herzliya, a suburb of Tel Aviv.


According to its website, the other company, ERPScan B.V., maintains an Israeli office referred to as a “Machine Learning Lab,” also in Herzliya. The company lists additional addresses in Prague, Amsterdam, and Palo Alto, California.


In a statement posted to Twitter, ERPScan denied having done any work for Russian or other government agencies.


“We always tried to avoid any political issues and were outside of political events,” the company statement said. “Now, we regret such an unjust move towards us.”


The statement suggests that ERPScan may have been targeted because it employs Russian nationals. “Yes, some of our researchers were born in Russia,” the company said. “We are sorry, we can’t change it as well as we can’t change the political situation.”


Earlier this year, the U.S. took the unusual move of directly accusing the Kremlin and its intelligence arms of hacking U.S. energy facilities and internet infrastructure in preparation for carrying out potentially debilitating attacks. The U.S. also said hackers backed by the Russian government were responsible for the 2017 NotPetya attack which used ransomware to paralyze computers first in Ukraine and then around the world.


In its new announcement, the U.S. Treasury said that Russia has also been building up its capacity to attack undersea communication cables, through which passes much of the world’s digital traffic.
Cancel Send
    To all comments