Going back a few years, it is important to understand how the cyber war began and where the Russians are today. While many in the United States laugh about the Russians hacked the Super Bowl and other ridiculous comments, there is a real seriousness that must be considered. So, for those who consider the Russian hacking thing to be ‘fake-news’, consider what the experts in the UK published in 2011.
Primer: Norway accuses group linked to Russia of carrying out cyber-attack, Norwegian intelligence service PST among targets of malicious emails believed to have been sent by APT 29.
***
Not too sure any agency or those collaborative countries know the depth of Russian cyber/espionage activity, except to offer very educated guesses and estimates based on other confirmed facts.
In part:
The narrative of “information war” is developing within Russia, but mostly under
the influence of initiatives taken overseas. The approach to CNO by the USA and
to a lesser extent by its allies is followed closely. The most recent senior comment
on the subject at the time of writing came from influential long-term Duma deputy,
and former Secretary of the Security Council and Deputy Minister of Defence,
Andrey Kokoshin – a long-term proponent of the vital importance of information
superiority for Russian security [71], with, intriguingly, a first qualification in
radio-electronics from the then Bauman Higher Technical College [72].
Speaking at the launch of a report entitled “’Cyber Wars’ and International
Security” published in late January 2011 jointly by the Institute of International
Security Issues of the Russian Academy of Sciences and the Faculty of World
Politics of Moscow State University, Kokoshin said that “the development of
issues of information warfare and ‘cyber wars’ must take place on an
interdisciplinary level… the experience of many states shows that information
warfare is not just a function of the Armed Forces: other state institutions including
the secret services take part in it [73]”. This makes an interesting counterpoint to
the FSB statement cited earlier in this paper which appeared to be suggesting that it
was not the business of the Armed Forces at all. The “’Cyber Wars’ and
International Security” report, according to the Russian Ministry of Defence
newspaper Krasnaya Zvezda, “examines primarily US and Chinese policy in this
area… The study examines issues such as operations in cyberspace as an integral
part of information operations [74].” At the time of writing, the report itself
appeared to be unavailable in open sources.
Meanwhile, Russian security concerns will continue to be prompted by the fact that
“influencing the transfer and storage of data means that the physical destruction of
your opponent’s facilities is no longer required [75]” – potentially negating all the
benefits of Russia’s hard-won military reforms. Efforts will continue to be
“directed at introducing international legal mechanisms that would make it possible
to contain potential aggressors from uncontrolled and surreptitious use of
cyberweapons against the Russian Federation and its geopolitical allies [76].”
So, Russian statements and initiatives on cyber operations have to be placed in this
context of observing rapidly-developing capabilities overseas, and listening to
public announcements in the USA and elsewhere of ever-greater potential and
willingness to inflict damage on adversaries by means of cyber attack. At present,
the urgent arguments for the creation of “Information Troops” within the Armed
Forces have not yet given rise to any visible change in tasking or designation of
military structures, and visions of Russia’s potential organised cyber warriors
range from the heroic and omnipotent [77] to the realms of surreal parody [78]; but
there is no doubt that the preoccupation with a perceived lack of capacity to
prosecute or defend against CNO within the military will continue to provoke calls
for action. Read the full summary here.
**** This is important due to the declarations made by U.S. domestic intelligence agencies, as they cannot be dismissed. This site recently published some items on three Russians arrested and are moved to treason cases.
Related reading: Russian Hacking, We knew Because we had an Inside Operative(s)
Related reading: $500 million for new Russian cyber army, 2014
Related reading: Russian cyber group seen preparing to attack banks, 2015
Some of these operatives were aiding the United States for as long as 7 years.
****
Russian officers ‘passed secrets to US for 7 years’
TheTimesUK: Two senior officers from Russia’s FSB spy agency passed state secrets to the United States for at least seven years in an espionage coup for Washington, it was alleged yesterday.
Sergei Mikhailov and Dmitri Dokuchayev have been charged with treason alongside Ruslan Stoyanov, a manager from the cybersecurity and anti-virus company Kaspersky Lab, who is accused of being an intermediary.
They are said to have helped the US pinpoint Russian hacking during the presidential election. The news of the arrests in December emerged late last month and details of the charges have not been officially released.
Yesterday a source familiar with the investigation said that the two FSB officers received payments to pass secret data to Mr Stoyanov and a representative of another cybersecurity company. The information was then transferred to “acquaintances abroad who worked closely with foreign special services”.
“This is not a one-off story, this activity was carried out for a minimum of seven years and caused substantial harm to the interests of the Russian Federation,” the source told the Rosbalt news agency.
Mr Mikhailov, a department head at the FSB’s Centre for Information Security, was arrested dramatically during a conference in Moscow. A sack was pulled over his head and he was marched out of the room. Mr Dokuchayev, one of Mr Mikhailov’s subordinates, is said to be a former hacker known as “Forb” who was recruited to the FSB under threat of prosecution.
Security and law-enforcement sources have told Russian media that the men passed information indirectly to the CIA or an organisation close to it.
Ivan Pavlov, a lawyer, is acting for one of the three accused men although he has refused to say which one. He said all three had been charged with state treason, which carries a potential 20-year prison sentence. The case files “refer to America but not the CIA”, he claimed.
Novaya Gazeta, the independent newspaper, said that Mr Mikhailov was suspected of handing the US information on Vladimir Fomenko, the owner of King Servers. Hackers used servers provided by the company to breach election databases in Illinois and Arizona last summer, according to ThreatConnect, a US cybersecurity company.
Mr Pavlov said yesterday that Mr Mikhailov had retracted an initial confession to the treason charge.
There has been a flurry of leaks about the highly secret treason investigation in Russian media, suggesting a clash of interests inside the FSB.
Two sources told the RBK news agency that the centre where the two accused officers worked was in conflict with the Centre for Information Defence and Special Communications, a rival FSB body with overlapping responsibilities. Andrei Ivashko, the head of that rival centre, is said to be friends with Konstantin Malofeev, founder of Tsargrad, a small television channel that first revealed the FSB arrests.
The scandal has been spiced further by reports that it may be linked to the arrest of three men from the Shaltai-Boltai (Humpty Dumpty) hacking group. Vladimir Anikeyev, known as “Lewis”, and two associates nicknamed March Hare and The Hatter were taken into custody in November but the arrests only emerged recently. They are charged with gaining “illegal access to computer information”.
Some media claimed that Mr Mikhailov had infiltrated the group and was using it for his own purposes, but a lawyer acting for Mr Anikeyev said yesterday that the treason case and the arrest of his client were not connected.