Russian server head: Hacks on U.S. weren’t even worthy of Bond movie
The investigation of the controversial hacking into state voting systems in two U.S. states have led American experts to Biysk, a small industrial town in the south of Siberia (2,300 miles east of Moscow). This is where 26-year-old Vladimir Fomenko, whose company King Servers rents out server space in the United States, the Netherlands and Russia, lives and works.
In June this year, according to the FBI, Russian hackers staged "significant" cyber-attacks from servers rented from King Servers, penetrating the voter registration systems in Arizona and Illinois.
They had earlier broken into the computers of the Democratic National Committee, exposing emails and correspondence whose publication seriously compromised the position of Democratic presidential candidate Hillary Clinton, as well as Democratic research on Republican candidate Donald Trump.
After the FBI revealed that Russians were highly likely to be behind the attacks, the U.S. media was quick to report the “Russian trace.” And while the Kremlin denied any involvement in the incident, the company from Biysk wondered why no one had contacted it, since everything written in the Western press was connected with it.
The American cybersecurity company ThreatConnect even described Fomenko as the manager of an information nexus used by hackers who targeted Germany, Turkey and Ukraine, among other countries, according to an article by The New York Times.
"I really did not cooperate and am not cooperating with Russian or any other special services," Fomenko said in an interview with RBTH. "We were not contacted even by the FBI to obtain data that would allow the criminals to be caught."
Vladimir Fomenko, whose company King Servers rents out server space in the United States, the Netherlands and Russia, lives and works in Biysk, a small industrial town in the south of Siberia. Source: Vladimir Fomenko/Personal archive
Drawing conclusions ‘naïve’
Fomenko insists that he learned that Democratic Party databases were attacked from servers owned by King Servers only from the press.
"After that, we, firstly, immediately cut them [the hackers] off from our equipment, and then conducted an investigation while the trail was still hot," said Fomenko.
He claims that the trail led to Scandinavia and Europe, but was at pains to stress that to draw conclusions about the perpetrators belonging to a particular country only on the basis of the location of the servers from which they operated, or the language in which they wrote, is "to put it mildly, naïve.”
It is difficult to say how many people are behind the crime. The hacker communicated with Fomenko under two nicknames, but it is not clear whether this was one person or several individuals. According to Fomenko, customers typically write to the company themselves to ask questions and discuss conditions of service.
"In our business, there are procedures to verify clients' law abidance," he explained, before embarking on some odd comparisons. "Like our colleagues from the U.S. and Europe, we assess only solvency. Is nobody thinking of suing Google because criminals can use Gmail for correspondence? Or – if a Tesla knocks down someone on the road, no one sues Elon Musk."
‘Why did the criminals choose us’?
During the eight years that King Servers has been in business, this is the first time this has happened to the company. But any other similar firm could have been in its place, said Fomenko.
"Why did the criminals choose us?" he asked. "We are known in the market. We have some of the most advanced servers, not only in Russia but also in the world. Plus, the cost of services is lower. Although the criminals still owe us money."
Following the attacks, the hackers continued to use the services of King Servers, and they were billed $290 for the next period before being cut off when the investigation was launched.
Fomenko is also not discounting conspiracy theories. King Servers was first set up in Russia and its technical support is still in Russia, and if the original task was to tie the incident to Russia, then the choice of the company was obvious, he suggested.
"If we consider the situation from the other side, it is unclear why the FBI and related experts are talking only about our company," said Fomenko.
"After all, the U.S. intelligence report says that the hacking was staged from eight IP addresses, six of them belonging to our company (the criminals used our equipment), and two other companies being not connected with us in any way. One of them is located in the Netherlands, I don’t know about the other. But it's all just about us. What is this? Prejudice?"
He added, however, that this was "just a theory."
Amateurish errors or red herrings?
As for the "Russian trace," it turns out to be have been all too obvious, said Fomenko. The hackers left several messages for King Servers' support service written in broken English, though he claimed this “would be very strange for the Russian special services, when applying for assistance to a Russian company.”
Additionally, the e-mail addresses used for registration contain the following name, literally – "Robin Good" (with G, rather than H – typical of Russian transliteration).
"I don’t think that the security services work so unprofessionally," said Fomenko. "Of course, I can only judge from movies, but even the James Bond movies show Russians as more inventive."