MOSCOW (AFP) – Over the years, Moscow has faced numerous allegations of cyber attacks that resulted in multiple sanctions and the expulsion of its diplomats. The term “hacker” has almost become synonymous with Russia.
From “troll factories” to hackers allegedly controlled by the country’s security services, here is an overview of the world of Russian cybercrimes.
Russia has for decades been a breeding ground for computer experts.
During Soviet times, the government pushed for advances in science and technology, and – with the appearance of the first computers – in programming.
With the fall of the Union of Soviet Socialist Republics, (USSR) in 1991, some of the talented but underpaid programmers turned to cybercrime, soon making Russians notorious for credit card thefts around the world.
“In the 1990s, the environment fermented with a culture of resourcefulness and a tendency to circumvent the rules,” said Associate Professor Kevin Limonier of the French Institute of Geopolitics.
Army and security services
Experts say that in its persisting stand-off with the West, Russia heavily relies on its cyber and information warfare capabilities.
Several notorious hacking groups are suspected of working for the country’s security services and the Russian defence ministry set up its own “cyber units” in 2012.
The first large-scale attack attributed to Russia goes back to 2007, when the Baltic state of Estonia faced a wave of cyber attacks on its newspapers, banks and government ministries.
The United States says that hackers of Russia’s military intelligence (GRU) sought to manipulate the 2016 presidential election by hacking into the Democratic National Committee and the Hillary Clinton campaign.
The most famous cyber espionage group involved in dozens of cases is known as Fancy Bear, or APT28. It is believed to be sponsored by the Russian government.
According to Washington, the attack targeting US software developer SolarWinds was carried out by the SVR, Russia’s foreign intelligence service, and compromised government agencies and hundreds of private companies.
Information and sabotage
“Cyber attacks carried out by Russian secret services are part of multi-year international operations that are aimed at obtaining strategic information,” German intelligence said in 2016, referring to espionage and sabotage operations.
The list of alleged Russian attacks is long: a hacking attack on the German Parliament in 2015; targeting Ukrainian artillery units between 2014 and 2016; hacking of a French television network in 2015; meddling in the US elections in 2016 and 2020, and targeting coronavirus vaccine research institutes in the West last year.
Experts say that attacks are becoming ever more sophisticated.
“The level of Russian cyber attacks is growing, compared with three or four years ago,” said intelligence expert Andrei Soldatov.
“We know about the operations that have been uncovered but a lot still remains effective.”
Russia has also been accused of carrying out large-scale disinformation campaigns in order to sway democratic processes in the West and fuel social discord online.
The country is believed to be operating online “troll factories” that concoct fake viral information in an attempt to influence Internet users.
The accusations have been directed against both state media including RT (former Russia Today) and Kremlin allies such as Mr Yevgeny Prigozhin, a businessman suspected of being at the origins of “troll factories” in Russia and Africa.
Washington has accused the ally of President Vladimir Putin of financing the Internet Research Agency, a St Petersburg-based company that sought to influence the US electorate in 2016.
Aware that the nature of cyber attacks makes their origins difficult to trace, the Kremlin has always denied any involvement and accused the West of waging a disinformation war on Russia.
Russia has also repeatedly pledged its desire to cooperate in the cybersphere.
In the run-up to the 2020 US presidential election, Mr Putin proposed a pact of electoral non-interference and a global agreement against the misuse of communication technologies.
The proposal was left without response.
Mr Soldatov said that Russia might be using hacking attacks to force the West to cooperate.
He did not rule out that, faced with the Russian threat and for want of a better alternative, “police in Europe and the US might like to return to cooperating with Russia on cyber security”.