Moscow reportedly hires hackers who breached city’s school system

Moscow authorities have hired several hackers who previously launched a cyberattack against the capital’s digital education platform, a city official told state-run media.

According to Moscow Deputy Mayor Anastasia Rakova, “three or four young people” who had earlier “successfully managed” to hack the Moscow Electronic School (MES) are now working on the educational platform and other city services. She did not disclose their names or provide details of the cyberattack.

The platform is used by Moscow’s students, teachers and parents and has faced repeated cyber incidents in recent years.

In September 2022, the system’s servers came under a major attack that left features unavailable to users. While city officials blamed technical work, cybersecurity experts said MES was hit by a wave of ransomware and distributed denial-of-service (DDoS) attacks that encrypted two servers.

Later that year, several Telegram channels reported a data leak from MES that allegedly exposed 17 million rows of personal information, including names, phone numbers, birth dates and emails of teachers, pupils and parents. Moscow authorities denied the files contained real user data.

It remains unclear whether the hackers now employed by city authorities were involved in those breaches.

Recruiting hackers rather than prosecuting them is not unprecedented. In Russia, the Federal Security Service (FSB) more than a decade ago appointed a former hacker as deputy director of its main cyber unit, known as Center 18. U.S. officials later accused the unit of involvement in hacking American politicians’ emails during the 2016 presidential election. 

In China, companies are reportedly recruiting top hackers to uncover previously unknown flaws in software widely used in the U.S. to conduct cyberattacks.

Many governments and companies run “bug bounty” or white-hat hacking programs that offer cyber specialists legal work.

The U.S. Department of Government Efficiency hired Edward Coristine, a 19-year-old with alleged ties to cybercrime communities who had previously worked at a network-monitoring company known for employing former black-hat hackers.