Russian Information Troops, Others Helping the West

Going back a few years, it is important to understand how the cyber war began and where the Russians are today. While many in the United States laugh about the Russians hacked the Super Bowl and other ridiculous comments, there is a real seriousness that must be considered. So, for those who consider the Russian hacking thing to be ‘fake-news’, consider what the experts in the UK published in 2011.

Primer: Norway accuses group linked to Russia of carrying out cyber-attack, Norwegian intelligence service PST among targets of malicious emails believed to have been sent by APT 29.

***

Not too sure any agency or those collaborative countries know the depth of Russian cyber/espionage activity, except to offer very educated guesses and estimates based on other confirmed facts.

In part:

The narrative of “information war” is developing within Russia, but mostly under

the influence of initiatives taken overseas. The approach to CNO by the USA and

to a lesser extent by its allies is followed closely. The most recent senior comment

on the subject at the time of writing came from influential long-term Duma deputy,

and former Secretary of the Security Council and Deputy Minister of Defence,

Andrey Kokoshin – a long-term proponent of the vital importance of information

superiority for Russian security [71], with, intriguingly, a first qualification in

radio-electronics from the then Bauman Higher Technical College [72].

Speaking at the launch of a report entitled “’Cyber Wars’ and International

Security” published in late January 2011 jointly by the Institute of International

Security Issues of the Russian Academy of Sciences and the Faculty of World

Politics of Moscow State University, Kokoshin said that “the development of

issues of information warfare and ‘cyber wars’ must take place on an

interdisciplinary level… the experience of many states shows that information

warfare is not just a function of the Armed Forces: other state institutions including

the secret services take part in it [73]”. This makes an interesting counterpoint to

the FSB statement cited earlier in this paper which appeared to be suggesting that it

was not the business of the Armed Forces at all. The “’Cyber Wars’ and

International Security” report, according to the Russian Ministry of Defence

newspaper Krasnaya Zvezda, “examines primarily US and Chinese policy in this

area… The study examines issues such as operations in cyberspace as an integral

part of information operations [74].” At the time of writing, the report itself

appeared to be unavailable in open sources.

Meanwhile, Russian security concerns will continue to be prompted by the fact that

“influencing the transfer and storage of data means that the physical destruction of

your opponent’s facilities is no longer required [75]” – potentially negating all the

benefits of Russia’s hard-won military reforms. Efforts will continue to be

“directed at introducing international legal mechanisms that would make it possible

to contain potential aggressors from uncontrolled and surreptitious use of

cyberweapons against the Russian Federation and its geopolitical allies [76].”

So, Russian statements and initiatives on cyber operations have to be placed in this

context of observing rapidly-developing capabilities overseas, and listening to

public announcements in the USA and elsewhere of ever-greater potential and

willingness to inflict damage on adversaries by means of cyber attack. At present,

the urgent arguments for the creation of “Information Troops” within the Armed

Forces have not yet given rise to any visible change in tasking or designation of

military structures, and visions of Russia’s potential organised cyber warriors

range from the heroic and omnipotent [77] to the realms of surreal parody [78]; but

there is no doubt that the preoccupation with a perceived lack of capacity to

prosecute or defend against CNO within the military will continue to provoke calls

for action. Read the full summary here.

**** This is important due to the declarations made by U.S. domestic intelligence agencies, as they cannot be dismissed. This site recently published some items on three Russians arrested and are moved to treason cases.

Related reading: Russian Hacking, We knew Because we had an Inside Operative(s)

Related reading: $500 million for new Russian cyber army, 2014

Related reading: Russian cyber group seen preparing to attack banks, 2015

Some of these operatives were aiding the United States for as long as 7 years.

****

Russian officers ‘passed secrets to US for 7 years’

TheTimesUK: Two senior officers from Russia’s FSB spy agency passed state secrets to the United States for at least seven years in an espionage coup for Washington, it was alleged yesterday.

Ruslan Stoyanov is accused of handing over data supplied by two FSB officers

Sergei Mikhailov and Dmitri Dokuchayev have been charged with treason alongside Ruslan Stoyanov, a manager from the cybersecurity and anti-virus company Kaspersky Lab, who is accused of being an intermediary.

They are said to have helped the US pinpoint Russian hacking during the presidential election. The news of the arrests in December emerged late last month and details of the charges have not been officially released.

Yesterday a source familiar with the investigation said that the two FSB officers received payments to pass secret data to Mr Stoyanov and a representative of another cybersecurity company. The information was then transferred to “acquaintances abroad who worked closely with foreign special services”.

“This is not a one-off story, this activity was carried out for a minimum of seven years and caused substantial harm to the interests of the Russian Federation,” the source told the Rosbalt news agency.

 

Mr Mikhailov, a department head at the FSB’s Centre for Information Security, was arrested dramatically during a conference in Moscow. A sack was pulled over his head and he was marched out of the room. Mr Dokuchayev, one of Mr Mikhailov’s subordinates, is said to be a former hacker known as “Forb” who was recruited to the FSB under threat of prosecution.

Security and law-enforcement sources have told Russian media that the men passed information indirectly to the CIA or an organisation close to it.

Ivan Pavlov, a lawyer, is acting for one of the three accused men although he has refused to say which one. He said all three had been charged with state treason, which carries a potential 20-year prison sentence. The case files “refer to America but not the CIA”, he claimed.

Novaya Gazeta, the independent newspaper, said that Mr Mikhailov was suspected of handing the US information on Vladimir Fomenko, the owner of King Servers. Hackers used servers provided by the company to breach election databases in Illinois and Arizona last summer, according to ThreatConnect, a US cybersecurity company.

Mr Pavlov said yesterday that Mr Mikhailov had retracted an initial confession to the treason charge.

There has been a flurry of leaks about the highly secret treason investigation in Russian media, suggesting a clash of interests inside the FSB.

Two sources told the RBK news agency that the centre where the two accused officers worked was in conflict with the Centre for Information Defence and Special Communications, a rival FSB body with overlapping responsibilities. Andrei Ivashko, the head of that rival centre, is said to be friends with Konstantin Malofeev, founder of Tsargrad, a small television channel that first revealed the FSB arrests.

The scandal has been spiced further by reports that it may be linked to the arrest of three men from the Shaltai-Boltai (Humpty Dumpty) hacking group. Vladimir Anikeyev, known as “Lewis”, and two associates nicknamed March Hare and The Hatter were taken into custody in November but the arrests only emerged recently. They are charged with gaining “illegal access to computer information”.

Some media claimed that Mr Mikhailov had infiltrated the group and was using it for his own purposes, but a lawyer acting for Mr Anikeyev said yesterday that the treason case and the arrest of his client were not connected.

 

Posted in Citizens Duty, Cyber War, DOJ, DC and inside the Beltway, FBI, Military, Russia, The Denise Simon Experience, Trump Administration, Whistleblower.

Denise Simon