Over the years, Moscow has faced numerous allegations of cyberattacks that resulted in multiple sanctions and the expulsion of its diplomats. The term “hacker” has almost become synonymous with Russia.
From “troll factories” to hackers allegedly controlled by the country’s security services, here is an overview of the world of Russian cybercrimes:
– Skills –
Russia has for decades been a breeding ground for computer experts. During Soviet times, the government pushed for advances in science and technology, and — with the appearance of the first computers — in programming.
With the fall of the USSR in 1991, some of the talented but underpaid programmers turned to cybercrime, soon making Russians notorious for credit card thefts around the world.
“In the 90s, the environment fermented, with a culture of resourcefulness and a tendency to circumvent the rules,” said Kevin Limonier, of the French Institute of Geopolitics.
– Army and security services –
Experts say that in its persisting stand-off with the West, Russia heavily relies on its cyber and information warfare capabilities.
Several notorious hacking groups are suspected of working for the country’s security services, and the Russian defence ministry established its own “cyber units” in 2012.
The first large-scale attack attributed to Russia goes back to 2007, when the Baltic state of Estonia faced a wave of cyberattacks on its newspapers, banks and government ministries.
The United States says that hackers of Russia’s military intelligence (GRU) sought to manipulate the 2016 presidential election by hacking into the Democratic National Committee and the Hillary Clinton campaign.
The most famous cyberespionage group involved in dozens of cases is known as Fancy Bear or APT28. It is believed to be sponsored by the Russian government.
According to Washington, the attack targeting US software developer SolarWinds was carried out by the SVR, Russia’s foreign intelligence service, and compromised government agencies and hundreds of private companies.
– Information and sabotage –
“Cyberattacks carried out by Russian secret services are part of multi-year international operations that are aimed at obtaining strategic information,” German intelligence said in 2016, referring to espionage and sabotage operations.
The list of alleged Russian attacks is long: a hacking attack on the German parliament in 2015; targeting Ukrainian artillery units between 2014 and 2016; hacking of a French television network in 2015; meddling in US elections in 2016 and 2020, and targeting coronavirus vaccine research institutes in the West in 2020.
Experts say that attacks are becoming ever more sophisticated.
“The level of Russian cyberattacks is growing compared to three or four years ago,” said intelligence expert Andrei Soldatov.
“We know about the operations that have been uncovered but a lot still remains effective.”
– Disinformation –
Russia has also been accused of carrying out large-scale disinformation campaigns in order to sway democratic processes in the West and fuel social discord online.
The country is believed to be operating online “troll factories” that concoct fake viral information in an attempt to influence internet users.
The accusations have been directed against both state media including RT (former Russia Today) and Kremlin allies such as Yevgeny Prigozhin, a businessman suspected of being at the origins of “troll factories” in Russia and Africa.
Washington has accused the ally of President Vladimir Putin of financing the Internet Research Agency, a Saint Petersburg-based company that sought to influence the US electorate in 2016.
– Denial –
Aware that the nature of cyberattacks makes their origins difficult to trace, the Kremlin has always denied any involvement and accused the West of waging a disinformation war on Russia.
Russia has also repeatedly pledged its desire to cooperate in the cyber sphere.
In the run-up to the 2020 US presidential elections, Putin proposed a pact of electoral non-interference and a global agreement against the misuse of communication technologies.
The proposal was left without response.
Soldatov said that Russia might be using hacking attacks to force the West to cooperate.
He did not rule out that, faced with the Russian threat and for want of a better alternative, “police in Europe and the United States might like to return to cooperating with Russia on cybersecurity”.