REGNUM News Agency
December 15, 2006
2006 marks a kind of anniversary: 15 years of a fraud with counterfeited
advice notes, one of the major frauds in the history of world banking.
It was about faked credit notes. As a result, in 1991-92, 400 billion
rubles were embezzled from the Russian Central Bank. The results were
really catastrophic for Russia.
The unprecedented in world banking theft was ceased by joint effort of
the Central Bank staff and Russian Ancort Company that in a very short
time managed to elaborate and install a system of cryptographic
protection of notes. As a result, despite the continuing attempts made
by the crime, no fake credit note let take money illegally from the
Russian Central Bank. A REGNUM correspondent spoke about those events
with President of Ancort Co Anatoly Klepov.
REGNUM: Mr. Klepov, the tragic death of Russias Central Bank First
Deputy Head Andrei Kozlov makes us speak again on the bygone events of
early 90s when the Central Bank became object of an unprecedented
criminal attack known as the fake advice notes fraud. But only few know
that you and your company were directly involved in cutting short that
Yes, it is true that our work with the Central Bank started in 1992, at
the very difficult moment, and has continued until now. Usually,
cryptographic companies that provide for protection of information do
not speak to the media commenting on their work with their clients in
order to observe confidentiality. But now in connection with murder of
Andrei Kozlov the indignation is very high. Many high-ranking officials
gave their comments assessing such actions as lawlessness. The State
Duma has established a special committee to investigate criminalization
of banking systems, particularly in investigating this murder. MP
Nikolai Leonov, speaking on TV, directly stated that Kozlovs death was
directly connected with fake advice notes, Head of the Russian Audit
Chamber Sergey Stepashin said the same. I think they are right. Andrei
Kozlov was really occupied with investigation of causes of those events.
The thing is, the war started then is not over yet. And the problem I so
important that I believe it is my duty to speak even contradictory to
the official position of the Central Bank leadership that opposes my
statements to the press. I will not be talking about certain details of
the Central Bank protection, but I will try to analyze causes of the
biggest fraud in the history of world banking in order to prevent from
such events being repeated in banking as well as in other fields,
state-run and commercial. Some typical mistakes committed in
organization of the Central Bank information security can be seen in
other institutions in Russia as well.
There is no comprehensive understanding on the country today on what
happened in Russia then. It is very important to prevent from such fraud
taking place again and establish a solid protection against possible
attacks of cyber criminals.
The reality is, in 1991-92 a cyber war broke up in Russia. Management of
national strategic financial resources was partially taken under control
by criminal subjects, but we are still unable to define it clearly,
whether it was crime or, maybe, some external forces stood behind them
and tried to destabilize the situation in Russia. For some time, they
had managed to take under control vast financial flows of Russias
What is information war? Dictionary War and Peace in Concepts and
Definitions edited by Dmitry Rogozin gives general attributes of it:
1. Damaging information systems, processes and critically important
2. Undermining of political and social systems.
3. Massive psychological pressure upon population aimed at
destabilization of society.
All those attributes were present in the case with fake advice notes.
Functioning of the National Bank information system was seriously
damaged practically right up to suspension of financial payments in the
country. Awful inflation connected with massive embezzlement undermined
peoples trust in the democratic Russia, aggravated the social
atmosphere. And the psychological campaign of intimidating the people
with the help of the term Chechen advice note was necessary for them to
instigate inter-ethnic discord inside Russia and for its division in the
From the technical point of view, all elements of information war were
present. For instance, imposing false reports, listening-in and
distortion of information, establishment of false points for information
transmission and many other things, which now consists the gist of
current high-tech information wars.
REGNUM: Were information systems of the Central Bank then modern enough?
How did it happen that they were so vulnerable?
Problems of the Central Bank were typical enough for the whole former
USSR. Information systems of the former Soviet Union were very good
protected strategically at the level government, Central Committee of
the Communist Party of the Soviet Union and others. However, on the
tactical level, say, our troops in Afghanistan had great problems in
information safety in Afghanistan.
For instance, encoding of information in handwritten documents, by which
our troops were equipped, took comparatively long time, which is
critical in operation. It brought about the situation when army units
exchanged information by so-called talking tables, where words like
shells were replaced by water-melons and cartridges were called
cucumbers. Under current rules, the words taken from the talking tables
were to be coded by handwritten encoding documents in order not to let
the enemy determine correct meaning of the words. But it is hard to
imagine how this can be done during operation, so, the
fruit-and-vegetables exchanged of information was broadcasted. Of
course, in some time the enemy knew the correspondence between words and
phrases and laid an ambush where wanted to. Nobody knows for sure how
many our troops and officers died of it.
The situation reiterated in Nagorno Karabakh and Chechen wars. Numerous
stern decrees were issued to ban use of talking tables without encoding,
but, alas, if technical equipment does not correspond with demand of
reality, the human factor plays its tragic role. This fruit coding
played its role in the case with fake advice notes.
It can be said conditionally that protection of financial advice notes
exchange between cash calculation centers was a tactical task for the
Central Bank is practically the same as in the army. The whole political
system generates one and the same errors, particularly, technical ones.
For the chief executive a whisper in the phone hanger is encoded, and
for the ranks there are inconvenient coding tables. In the USSR it
became apparent in everything not only in the military. The legacy of
the Soviet times disrespectful attitudes to the people, who are
fulfilling governmental tasks, be it military service or banking, which
resulted in tremendous theft. In cyber war the concept of a tactical
unit is completely different from the one in a usual war; often setbacks
in its protection can result in losing control over strategic
information resources, which happened at the Central Bank. We
encountered new concepts in the sphere of information wars and the main
one of them is that any information unit of our protection should be
secured. Otherwise, a skilled cyber attack will give the enemy a
brilliant opportunity to penetrate unnoticed our information systems and
then destroy them.
As Interior Minister Rashid Nurgaliyev said recently, trillions of
rubles were stolen then. Evidently, from the technical point of view it
was done very professionally.
What was trillions of rubles for Russia in 1991-92? Those were budget
money. State-financed enterprises, first of all, defense enterprises
received no money and started closing. In that period major companies
ceased or suspended their functioning. Dozens of thousands of bright
technologists, engineers were ousted from work. Fist of all, the
military industrial complex was damaged, not only production, but
scientific intelligentsia of Russia, who traditionally used to work in
the defense industry.
Healthcare financing and payment of pensions drastically decreased, a
crisis happened to the financial system; all savings of the population
burned in inflation. Life span decreased. Thus, if we sum up, the theft
of the Central Bank in its economic consequences was comparable to a
nuclear aggression against our country. It was a real cyber war, not
just and act of cyber terrorism.
The embezzled money was taken abroad, plants and factories were bought
for it this was the way how financial basis for cyber terrorism was
laid. Criminals understood they can have incredible money with the help
special technical means and started developing them.
What the power of cyber terrorism is, we felt it to the full extent in
Chechnya, where special equipment was applied against our troops both in
the first and the second wars in Chechnya. We contributed as much as we
could in fighting cyber terrorism presented thousands of encoding units
to police troops and Air Forces. Cyber terrorism is not only technical
means; it often affects the administrative resource as well. We did not
have a right to sell our encoding equipment officially in the quality
our troops needed it and we could give it to them as present only. Some
our governmental officials were indifferent to death of troops and
officers, the main thing was not to breach the instructions that they
had prepared deriving from the principle of preserving their wealth in
Naturally, cyber terrorism is not only a Russian phenomenon. For
instance, al-Qaedas cyber terrorism ended up with September 11. There is
nothing strange in it. In Afghanistan, dushmans were with great
attention examining US systems of interception of our aircrafts and
helicopters communication, information monitoring of military air bases
including remote control of airplanes. Then, a vast interest was shown
in numerous exhibitions of special equipment for interception and
listening-in held in Russia in 1991-93. Combining US and Soviet
technologies in the filed of conducting information wars and receiving
practical experience in Chechnya, al-Qaedas terrorism entered the
international arena. I believe that no serious terror attack has been
carried out nowadays without participation of cyber terrorists. As they
carry out their actions at the highest technological level, so they need
to conduct preliminary research: they listen in to something, receive
and process information and make general analysis to determine the weak
points. It is a mistake to believe that cyber terrorism attacks only
computer networks or internet. Its technical potential is much more
extensive, which was shown by the recent war in Lebanon.
It was not without reason, when President Putin announced at a meeting
with prosecutors that cyber terrorism is the main threat for the 21st
century. There are weighty grounds for it.
REGNUM: Let us get back to the events of 1992. At some moment it became
clear what was going on and the Central Bank leadership comprehended how
it should secure its safety?
As then-chair of the Central Bank Viktor Gerashchenko said in his speech
at the seventh congress of peoples deputies, the financial system of the
Central Bank was in collapse, practically it was stopped. As one could
have predicted, chaos expected us, government reshuffle and so on. It
became clear that we should protect ourselves immediately. But how? They
were supposed to build a new well-protected system of 1,800 new branches
of cash calculation centers and restore the Russian financial system
soon. The Central Bank turned to us with this task.
REGNUM: Why was it you?
Because protection was to be done professionally, fast and for sure. And
the most important thing: the equipment needed to be mass and not
expensive. Like Kalashnikov machine gun during the war. We could provide
it, as we have a production plant in Zelenograd (not far from Moscow).
We elaborated a unique cryptographic protection system. Some elements of
the system have no analogs in the world. Each payment under an advice
note was protected by a mini electronic digital signature. The notes
could be sent via telex between the cash calculation centers. It is
impossible to counterfeit such payment.
When the work started, the Central Bank did not trust anyone. It was an
unprecedented thing for a governmental agency, but, probably, there were
grounds for it. The leadership of the bank felt that someone inside the
Bank was working for criminals, so they decided to produce keys on the
first stage at our office. At next stages the Central Bank made the keys
So, overall, the technical part of the assignment was done only by
Ancort company. We were supposed to deliver 6,000 encoders, work out
unique cryptographic solutions for 1,800 clients of the network, rules
of functioning of the network and many other things to secure needed
level of information protection of the Central Bank network. Our company
fulfilled its duty and since December 1, 1992 protection system of the
Central Bank started functioning. For more than 14 years nobody managed
to counterfeit a Central Bank advice note technically.
Naturally, it was very and very insecure. We had no arms, but had to
wear flak jackets. We encountered face to face with our enemies.
Criminals came with guns, blockaded production of encoders, so we had to
take them to a safe place; they brought plenty of money to graft us,
threatened and urged to give them the keys. But they were late and we
told them: Whatever you do, gentlemen, it will be in vain: the system is
launched, and you will never succeed in changing it.
On the other hand, governmental agencies suddenly recollected: how
without their knowledge protection of a state bank is being secured, if
something happens, they can be dismissed They started criminal
proceedings against the companys leadership on the charge of
unsanctioned supply of equipment to the Central Bank. We turned for help
to be protected from the crime, but we were told that of we hand over
money to a very respectable governmental official, we shall have full
protection. We rejected such proposals that were in conflict with our
position, which is clear-cut: we do not sell and do not denounce.
Those years of 1991-92 were the most controversial years of formation of
the country, when the most important question was being decided whether
Russia will exist or shall we enter a civil war with unpredictable
The whole burden of protection of the Central Bank finances was put on
shoulders of Russian women then. The Central Bank financial system
consisted of 1,800 calculation centers all over Russia. Each center was
to communicate with the others. So, each center was supposed to be
equipped with a certain number of encoders and train operators how to
work with them. When we asked how many they were, we were told about
5,000 people. We were to teach them how to work with encoders within two
months to make the system operate. It was 5,000 female cryptographers,
as mostly women were engaged in such activity at the bank. The history
of the USSR and Russia has never seen this before. It is unbelievable,
but the system was launched within two months, and it the major
achievement of our women. Those women won the cyber war with criminals,
and there were over 10,000 of them, according to the Interior Ministry
REGNUM: The fact that the galloping inflation by the end of 1992 slowed
down should be evidently considered as a sign that they managed to fill
up a gap in the Central Bank protection, shouldnt it?
Yes, it should. But now Andrei Kozlov started investigating why those
events became possible from organizational point of view. He was very
intent to the problem of leak of insider information. Do you remember
his statement this year on colossal downfall of Gazprom shares because
Cyber war has to do not only with technical issues, but with who and why
permitted to do actions like this. When we investigate this, we usually
come to a conclusion that people behind it were not ordinary criminals.
It was very well equipped crime led y very competent persons.
REGNUM: Do you have any ideas of who can it be?
We do not know it. But what we know is that they were very professional.
A cyber war cannot be considered accomplished until a thorough analysis
is made on how such a system could be created that could be so easily
destroyed. When we started the job to protect financial operations of
the Central Bank, we saw a system that had so many gaps that it could
REGNUM: And what about the current system? Can we be sure it was created
without envisaging theft?
Any system should be modernized and improved constantly. And at present
time, the Central Bank spares no effort on it.
As for general issues of protection of Russian information resources, as
before the most attention is paid to protection of strategic information
networks, while attacks of cyber terrorism cover the most updated and
first of all mass communication networks. It is in constant search for
gaps in protection shield.
For example, nowadays, one of the most popular ways of cyber crime is
collection of personal information. How do hackers penetrate data bases?
Under information of Kaspersky Laboratory, it is done through tapping
phones. It is very easy: say, a system administrator returns home from
work, and suddenly he receives a call from office saying: Our server is
buzzed, tell us the password. He answers, but his phone is tapped. Do
not think that hackers are super genies. They stake mostly on human
factor: someone wrote down the password somewhere, left the paper
visible for everyone they make money mostly on such things. Of course,
they have accomplices inside. As a result, annual losses from cyber
attacks total about $100 bln.
Plenty of statements were made by media on the case of the Kozlov murder
saying that it is necessary to do away with crime. Deputy chair of the
Russian State Duma Vladimir Zhirinovsky in an interview to Ekho Moskvy
Radio proposed to increase phone tapping. But none of our governmental
officials ever asked themselves a question: do we have reliable personal
information protection for each member of the State Duma or for Interior
Ministry officers, who investigate high-profile crimes?
Now and then we hear formidable reports that criminal proceedings were
started on a case of an information leak from investigation of a
contract murder, but at the same time we see on TV how very important
persons talk by their cell phones from the site of the crime, but I
never saw any special cryptographic cell phone by them. Isnt it the main
way of information leak?
I think the Russian prosecution should be asked: Are our prosecutors and
the investigative bodies that ate on the forefront of the fight against
terrorism well protected from cyber terrorists? Are they ready for a
cyber war or not, like the Central Bank wasnt in its time?
State Duma members do go abroad and use their cell phones there.
Contents of their talks and their voices can be easily faked and forged
statements can be released on their behalf. Wont it hurt Russias
Is the presidential team ready for it? Well, he does not use ordinary
means of communication. But what about his personal doctor? And
reporters, who accompany him? Isnt a cyber terrorist able to compromise
some of them, forging someones voice or somehow else? We know from mass
media about permanent scandals involving unsanctioned tapping of cell
phones in some Western countries. For example, in Greece and Italy even
the countrys leadership was tapped. Do we have guarantees that cyber
terrorists will not choose for their attacks officials of the Russian
foreign ministry who work abroad? Recently the number of Russian
citizens detained abroad after tapping their phones increased and the
trend is alarming.
Over 140 mln cell phones are now used in Russia; they provide for
accessible and convenient connection. There is a special, very reliable
subsystem of confidential cellular connection on the basis of Megafon
operator. There is only one analogous system, in the United States. As
we know, now it is used mostly by top-ranking governmental officials,
although commercial companies can also join the subsystem.
What does put limits on the use of it? The answer is simple: absence of
a relatively low-cost crypto smart phone with confidentiality
protection. It will allow to settle the task of personal information
protection of dozens of thousands of police officers and civil servants,
including those from the foreign ministry. Why doesnt the State Duma
establish a special group to study question of information protection of
personal data for Russian civil servants because of the increasing
activity of cyber terrorism? The matter is not only technical or
economical, but an organizational one. We faced practically the same
problem many years ago while creating our coder for the Central Bank,
which was 20 times less expensive than analogous coders made by
Now, cyber terrorism has been searching for new methods and approaches.
Are we ready to withstand its attacks?
REGNUM: Can cite as examples some countries where information protection
system is build taking into consideration the threats you are talking
Russia is here on the forefront as well. We managed to survive the first
cyber war that had no analogs in international practice. The West has
not felt yet the grave consequences of cyber terrorists attacks. I
remember an interesting case. Once I told a high-ranking Arab police
officer that criminals were installing cameras on cash machines to steal
money and it is necessary to take measures to prevent from it. His
answer was that it is impossible in a Muslim country, where theft is
punished under the Sharia law. A year later cyber criminals stole $11
bln from cash machines with the help of cameras installed on cash
machines. Besides, many Western banks use a very weak bank-client system
in terms of protection. In some points it resembles the system of the
Central Bank that was successfully hacked by cyber terrorists.
Not long ago cyber terrorists started tapping phones of the UK military
in Iraq and then called their relatives in Britain. It is very dangerous
for families of troops, who are very concerned about their relatives.
Well, cyber terrorists can forge any information, which can result in
tragic consequences. The UK authorities can turn to the Russian Interior
Ministry and they will be officially noted on facts of racketeering or
fraud with the use of cell phones.
Generally, I would say that the West is not very highly concerned with
the threat of cyber terrorism. But soon they will feel this threat in
its full extent. Most probably, Europeans do not comprehend yet that the
situation started changing. Although, recently I read an interesting
article by Magnus Ranstorp, former Director of Centre for the Study of
Terrorism and Political Violence at the University of St Andrews,
Scotland, called Al Qaeda Wages Cyber War against US, where he says that
al-Qaeda pays much attention to studying the cyberspace and searching
for vulnerable spots in it, and the question is not whether it will wage
the war, but when it will do it.
REGNUM: In Russia the cyber war started as early as in 1992. Has it
We cannot state it is finished. It is not stable in Chechnya, where
signs of cyber war were clearly seen. Of course, cyber terrorists are
trying to apply profits earned in a criminal way in economic and
political tasks. A very thorough analysis of the situation usually
precedes physical conflicts.
I have always stressed that Russia should be ready to withstand any
attack of cyber attack. Today, in the days of information wars, it is
necessary for Russia to have effective mass technical means of
protection; the means ought to be made in Russia and to cost not much.
Unfortunately, I did not see comprehension of this in any statement by
REGNUM: What do you think, who should create mass systems of information
protection, state-run or commercial companies?
Now private companies are doing it under control of governmental
agencies who certify such activity. Private enterprises are trusted
already to protect state secrets, although often certification increases
the price of their product.
Subscribe to InfoSec News