Accessibility links

Kremlin Expanding Cyber Efforts in ‘Information War’

  • Daniel Schearf

In Russia’s so-called "information war" with the West, the pro-Kremlin youth group SET (Network) is a foot soldier fighting primarily on the internet.

At their roomy headquarters in an upscale office compound in Moscow, the group designs online videos criticizing the West and praising President Vladimir Putin - videos they hope will go viral.

Some, like a projection of tanks on the facade of the U.S. White House, are not so subtle.

“We actively work with social networks, we have our own YouTube channel and we produce political, social and historic video and this video is watched by hundreds of thousands, sometimes millions of people,” says SET press secretary Makar Vikhlyantsev.

State-sponsored?

Allegations of Russian government-sponsored hacking have become a major issue in the U.S. presidential election campaign, with American officials accusing Moscow of trying meddle in the vote.

SET refuses to say if their activities are state-sponsored. But there is no doubt that supporters of President Vladimir Putin are behind them.

Putin’s image is featured on practically every wall at SET while young artists put the president’s face on canvas, designer clothes, and even jewelry.

A mannequin soldier holding a rifle overlooks the office. It represents the “little green men” who took over Ukrainian military bases in Crimea. Putin fervently denied they were invading Russian troops only to admit some months later that Russian servicemen were there to back up local “self-defense forces.”

A mannequin soldier holding a rifle and representing the "little green men" whom Russia dispatched to help annex Ukraine's Crimea overlooks the office of pro-Kremlin youth group SET (Network). (VOA video screengrab)

A mannequin soldier holding a rifle and representing the "little green men" whom Russia dispatched to help annex Ukraine's Crimea overlooks the office of pro-Kremlin youth group SET (Network). (VOA video screengrab)



A mock ammunition crate nearby holds “weapons” Vikhlyantsev says represent how the U.S. “takes over countries.” Among other items, it includes a baseball bat with a dog tag, to show military strength, and a roulette wheel with various American global brand names.

“We believe this is an important part of our job to convey, including to a foreign audience, our position regarding what is going on in Syria, what is going on in Ukraine - about Putin,” Vikhlyantsev says.

Similar operations all over Russia

Russian reporter Ludmila Savchuk says she worked undercover in a Russian ‘troll factory’ in St. Petersburg, where staff were paid to post attacks online against Russian opposition leaders and the West, as well as to praise Putin. “This was certainly not the only ‘troll factory.’ Other journalists who were conducting research saw similar activities in different parts of our country.” Savchuk says it was clear that their orders were coming from the Kremlin and estimates there are perhaps a hundred or more such operations throughout Russia.

Since Russia annexed Crimea in 2014, sparking confrontation with the West, the Kremlin has expanded its cyber efforts from its use of informal actors posting online, like SET, to more aggressive tactics, Andrei Soldatov, co-author of The Red Web: The Struggle Between Russia’s Digital Dictators and the New Online Revolutionaries, told VOA via Skype.

“Because that was the moment when we see two things. We got these trolls and also we got the new level, much more sophisticated level, of hacking attacks. It looks like the idea is the same: to use informal actors, all kinds of informal actors, with state backing, to launch these kind of attacks.”

US institutions hacked

In July, the WikiLeaks website posted thousands of e-mails stolen from accounts of top officials of the Democratic National Committee. Earlier this month, the U.S. Department of Homeland Security and Office of the Director of National Intelligence said in a joint statement that the U.S. intelligence community “is confident that the Russian Government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations.”

A poster depicting Russian President Vladimir Putin and genetic links in the colors of the Russian and Ukrainian flags is seen at the office of pro-Kremlin youth group SET (Network). (VOA video screengrab)

A poster depicting Russian President Vladimir Putin and genetic links in the colors of the Russian and Ukrainian flags is seen at the office of pro-Kremlin youth group SET (Network). (VOA video screengrab)



Also in early October, WikiLeaks began posting thousands of e-mails from a private e-mail account belonging to John Podesta, campaign manager for Democratic presidential nominee Hillary Clinton. His Google e-mail account was apparently hacked earlier this year after he clicked on a phishing link. The New York Times reported last week that “private security researchers” have concluded that Russian intelligence hacked Podesta’s Gmail account.

Continued denials

The Kremlin denies any link to trolls or to the recent hacking attacks against political and election organizations in the United States and has condemned U.S. threats to retaliate.

Cybersecurity experts say attribution of malware, software designed to disrupt or damage, is a challenge. “Sometimes you see in the code in the malware that probably this code would be written by [an] English-speaking person or this exact code of the operation could be created by the Russian-speaking person, or Chinese-speaking person,” says senior security researcher at Kaspersky Lab Sergey Lozhkin. “But, there [is] no, never such a point that 100 percent that this was made by Russians or Chinese or [the] United States.”

But while the choice of target can indicate motive, it is not the only indication of a state actor.

“We see that it is not possible, for example, for one person, a simple hacker, to create such attacks,” says Lozhkin. “And, probably, if you see the level of sophistication, probably the government is responsible [for] creating such malware attacks.”

Hillary Clinton as target

The initial goal of the hacking of the U.S. Democratic Party apparently was to leak compromising material on presidential candidate Hillary Clinton. Unlike her opponent, Republican candidate Donald Trump, she is seen as someone who would continue a tough policy against Russia, says Soldatov.

An activist is seen talking on her phone at the office of pro-Kremlin youth group SET (Network). To her left is a portrait of Russian President Vladimir Putin. (VOA video screengrab)

An activist is seen talking on her phone at the office of pro-Kremlin youth group SET (Network). To her left is a portrait of Russian President Vladimir Putin. (VOA video screengrab)

“To me, they changed their objective. And, now it is more about how to make, how to project Russia into the center of the events and to make Russia a real superpower because, only a superpower might intervene in the elections in one of the, actually the most powerful country in the world.”

Lozhkin, a former federal cybercrime investigator, says the number of state-sponsored hacking attacks is doubling each year as technology shifts state efforts from people-to-people to malware-against-malware.

Little effect on US election

Despite the high-profile attacks on U.S. political groups, cybersecurity experts say there is little effect on the presidential election.

Nonetheless, Soldatov says, at some level, the Kremlin is still winning.

“The main difference in position between Russia and the United States is that the Russians having always insisted on talking in terms of information war, information security; and, the Americans have insisted talking only in terms of cybersecurity. Meaning that the Americans were ready to talk only about computers and cables and the Russians wanted to talk about content. And it now seems after the annexation of Crimea, after trolls, after RT (Russian government-funded news network) and all this propaganda, everybody including Americans accepted the Russian terminology. So, all of us now [are] talking about information warfare.”

XS
SM
MD
LG