News / Science & Technology

    Russia Plays Big Role in Cyber Spying, Hacking

    A man types on a computer keyboard in Warsaw in this Feb. 28, 2013 illustration file picture.
    A man types on a computer keyboard in Warsaw in this Feb. 28, 2013 illustration file picture.

    Even in these times of incessant cyber-attacks and Internet hacks, the news took many security analysts by surprise – and led to the doors of the Kremlin.

    Late in October, computer networks at the White House were breached by an outside group, causing disruptions throughout the entire system.  White House officials were quick to point out that the hacked systems did not contain classified information, and moved swiftly to plug the security holes.

    Still, the White House computer systems are among the most highly fortified in the world. So who was behind the successful and brazen attack?

    The White House blames hackers tied to Moscow. And, coming on the heels of other reports of alleged Russian cyber-attacks targeting the governments of Germany, Ukraine among others, and military resources at NATO headquarters, the White House hack is raising alarm that one of the most serious threats to online security may not be coming from China, but from Russia.

    “The Russians are a lot more sophisticated in terms of state-sponsored attacks than the Chinese,” says Darren Hayes, director of cyber-security at Pace University. “It’s of concern because often various traditional mechanisms used for stopping these types of attacks are rendered useless.”

    Russian cyber moves

    Russia was one of the first nations to move assertively into the digital sphere.

    As far back as 1998, long before most nations even began thinking about cyber-security, the Kremlin directed “Directorate K,” a government agency, to begin operations to monitor and defend against hackers and spammers. In recent years, Directorate K has since taken on a greater offensive role in the digital arena.

    In what is widely considered the first nationally coordinated cyber-attack against another nation, Russian hackers in 2007 launched waves of massive cyber-attacks against Estonia, effectively crippling the nation. One year later, a similar operation targeting Georgia was launched from Russian ISPs.

    “Russia is clearly testing NATO and the West,” Urmas Paet, Estonia’s Foreign Minister, warned at the time.

    “And that was before Ukraine,” said Hayes, an expert on Russia’s cyber activities. “Here, we’re seeing the convergence of military aggression – as we’ve seen what’s happened the last few days in Sweden for example – with cyber-attacks. The cyber-attacks can be just as devastating as an actual kinetic attack. They’re having tremendous success.”

    Analysts say Russia’s moves are getting far less notice than China’s cyber exploits.

    “The threat from China is overinflated, (and) the threat from Russia is underestimated,” said Jeffrey Carr, who heads the web security firm Taia Global and author of the book Inside Cyber Warfare. “Russia certainly has been more active than any other country in terms of combining cyber-attacks, or cyber-operations, with physical operations,” he told VOA. “The Russia-Georgia war of 2008 was a perfect example of a combined kinetic and cyber operation.  And nobody else has ever done that – China has never done anything like that.”

    Kurt Baumgartner is the Principal Security Researcher at the web-security firm Kaspersky Lab, and has been tracking various major malware Russian-speaking threats including “RedOctober”, “Epic Turla” and others. Two of those most recent threats, “Sandworm” and “Crouching Yeti,” have been linked back to Russia because of Russian language coding.

    But Baumgartner said Kaspersky has not yet been able to definitively tie these attacks to sources in Russia.

    “Cyber-espionage seems to be the name of the game,” he told VOA via email. “But, source attribution is practically impossible as cybercriminals have been known to use various techniques to keep themselves hidden (using different languages from their own in their code or work, constantly changing locations or working with a large organization of criminals.”

    US eyes Russia

    The cyber-threat posed by Russia may not be new, but it appears leaders in the U.S. intelligence and military communities see it as a growing problem.

    Earlier this year, speaking before the House Permanent Select Committee on Intelligence, James Clapper, the U.S. Director of National Intelligence, spoke to what he sees as the unique threat that Russia poses in the digital world.

    “Russia presents a range of challenges to U.S. cyber policy and network security,” Clapper told the committee. “Its Ministry of Defense is establishing its own cyber command, according to senior MOD officials, which will seek to perform many of the functions similar to those of the U.S. Cyber Command. Russian intelligence services continue to target U.S. and allied personnel with access to sensitive computer network information.”

    Some months later, speaking at a conference in Austin, Texas, Clapper was more blunt.

    “I worry a lot more about the Russians than China," he said.

    A DNI spokesperson told VOA via email that Clapper’s warning referred directly back to his cautionary statements made in public about Russian hacks.

    Kaspersky’s Baumgartner point to what he calls a “learning effect” – that more advanced hackers tied back to Russia are apparently learning from each other, increasing the overall effectiveness of the attacks. However, he said that this learning effect does not definitively prove Moscow’s involvement.

    “Functionality found in malware or techniques can be misleading,” he said via email. “It cannot be relied on to speculate that a specific campaign was operated out of one part of the world or another - analysis and identifying the source is much more complex than that.”

    Russian officials have routinely denied any involvement in hacks that have been traced back to Russian ISPs. Several calls to the Russian embassy by VOA for comment were not returned.

    And while many forensic analysts like Carr say that  Russia’s capacity for cyber-attacks is technologically comparable to that of the U.S. or Israel – among the world’s most sophisticated hackers – finding definitive proof of Moscow’s involvement remains difficult.

    “Viruses unfortunately don’t carry ID cards” Kaspersky, the Russian security specialist and founder of Kaspersky Lab, told Der Spiegel. Kaspersky was referring to the now-standard practice used even by amateur hackers to spread malware or launch attacks through a series of ISPs in various countries, thwarting efforts to trace the attack back to the source.

    Pace University’s Darren Hayes also notes that another tactic employed by Moscow has been to use non-governmental groups, such as the pro-Putin “Nashi” youth movement, to carry out cyber-attacks, giving the government plausible deniability for involvement.  

    “It’s been long known that the Russian government isn’t afraid to use young hacker groups, not only for monetary uses but also for attacks related to political issues,” said Hayes. “When you use these younger hacking groups that aren’t employed by, but are connected to, the Russian government, then it gives them a way to distance themselves from these attacks and not be noted as the perpetrator.”

    Russia’s Internet control

    There’s another trend that troubles some analysts; namely what appears to be Russia’s expanding efforts to control the Internet within its borders and those companies doing business there.

    Already, tech firms operating within Russia are required to comply with all requests about their products from the state Federal Security Service, known as the FSB. That can include providing sensitive information about the software design or registered users, or requests to insert new bits of code.

    The Kremlin tightened restrictions this year on what bloggers can say and expanded search requests for user information. Several months later, another law required major foreign-owned services like Twitter and Facebook to register with the state Internet monitor Roskomnadzor as well as locate all servers handling and storing Russian data traffic within Russia’s borders. 

    Some analysts like Hayes see a parallel between what Russia is trying to accomplish with its cyber-strategy and its current broader, national goals on the world stage: namely, continuing efforts to probe Western defenses while destabilizing local neighbors.

    “The effective counter-measures are more sanctions,” Hayes said. “These cyber-wars can be a lot more devastating financially and in terms of confidence than actual ground warfare sometimes. The U.S. needs to clearly define what cyber-warfare is, attribute it to various nations, and discuss repercussions for theft of intellectual property or money or just destructive attacks.”


    Doug Bernard

    Doug Bernard covers cyber-issues for VOA, focusing on Internet privacy, security and censorship circumvention. Previously he edited VOA’s “Digital Frontiers” blog, produced the “Daily Download” webcast and hosted “Talk to America”, for which he won the International Presenter of the Year award from the Association for International Broadcasting. He began his career at Michigan Public Radio, and has contributed to "The New York Times," the "Christian Science Monitor," SPIN and NPR, among others. You can follow him @dfrontiers.

    You May Like

    Video Democrats Clinton, Kaine Offer 'Very Different Vision' Than Trump

    In a jab at Trump, Clinton says her team wants to 'build bridges, not walls'; Obama Hails Kaine's record; Trump calls Kaine a 'job-killer'

    Turkey Wants Pakistan to Close Down institutions, Businesses Linked to Gulen

    Thousands of Pakistani students are enrolled in Gulen's commercial network of around two dozen institutions operating in Pakistan for over two decades

    AU Passport A Work in Progress

    Who will get the passport and what the benefits are still need to be worked out

    This forum has been closed.
    Comment Sorting
    by: Lawrence Bush from: Houston, Texas
    November 17, 2014 12:17 PM
    Really, I've been pondering over in great apprehension for a long time over the cyber hackings in ours and how it can be stopped? In context of of military competition and rivalry, the piratical activities and such hackings to go on. And, all that do necessiate to be curbed. Certainly, we should possess that sort of safeguards for our cyber systems all that to remain immune to any kind of piratical hacking by any enemy side in this
    world. Our cyber research sides of our defense and intelligence along with our top IT technocrats do have great responsibilities in this regard.
    In Response

    by: Doug Bernard
    November 18, 2014 8:17 AM
    I would only add that I've never spoken with a cyber-security researcher who believes that the U.S. government is doing nearly enough to protect sensitive assets from such hacks.

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    In State of Emergency, Turkey’s Erdogan Focuses on Spiritual Movementi
    July 22, 2016 11:49 AM
    The state of emergency that Turkish President Recep Tayyip Erdogan has declared is giving him even more power to expand a purge that has seen an estimated 60,000 people either arrested or suspended from their jobs. VOA Europe correspondent Luis Ramirez reports from Istanbul.

    Video In State of Emergency, Turkey’s Erdogan Focuses on Spiritual Movement

    The state of emergency that Turkish President Recep Tayyip Erdogan has declared is giving him even more power to expand a purge that has seen an estimated 60,000 people either arrested or suspended from their jobs. VOA Europe correspondent Luis Ramirez reports from Istanbul.

    Video Scientists in Poland Race to Save Honeybees

    Honeybees are in danger worldwide. Causes of what's known as colony collapse disorder range from pesticides and loss of habitat to infections. But scientists in Poland say they are on track to finding a cure for one of the diseases. VOA’s George Putic reports.

    Video Wall Already Runs Along Parts of US-Mexico Border

    The Republican Party’s presidential nominee, Donald Trump, gained the support of many voters by saying he would build a wall to keep undocumented immigrants and drugs from coming across the border from Mexico. Critics have called his idea impractical and offensive to Mexico, while supporters say such a bold approach is needed to control the border. VOA’s Greg Flakus has more from the border town of Nogales, Arizona.

    Video New HIV Tests Emphasize Rapid Results

    As the global fight against AIDS intensifies, activists have placed increasing importance on getting people to know their HIV status. Some companies are developing new HIV testing methods designed to be quick, easy and accurate. Thuso Khumalo looks at the latest methods, presented at the International AIDS conference in Durban, South Africa.

    Video African Youth with HIV Urge More Support

    HIV, the virus that causes AIDS, is the top killer of teens in sub-Saharan Africa. But many youths say their experience with the virus is unique and needs to be addressed differently than the adult epidemic. VOA South African Correspondent Anita Powell reports.

    Video Poor Residents in Cleveland Not Feeling High Hopes of Republican Convention

    With the Republican Party's National Convention underway in Cleveland, Ohio, delegates and visitors are gathered in the host city's downtown - waiting to hear from the party's presidential candidate, Donald Trump. But a few kilometers from the convention's venue, Cleveland's poorest residents are not convinced Trump or his policies will make a difference in their lives. VOA's Ramon Taylor spoke with some of these residents as well as some of the Republican delegates and filed this report.

    Video Pop-Up Art Comes to Your Living Room, Backyard and Elsewhere

    Around the world, independent artists and musicians wrestle with a common problem: where to exhibit or perform? Traditional spaces such as museums and galleries are reserved for bigger names, and renting a space is not feasible for many. Enter ArtsUp, which connects artists with venue owners. Whether it’s a living room, restaurant, office or even a boat, pop-up events are bringing music and art to unexpected places. Tina Trinh has more.

    Video With Yosemite as Backdrop, Obama Praises National Parks

    Last month, President Barack Obama and his family visited some of the most beautiful national parks in the U.S. Using the majestic backdrop of a towering waterfall in California's Yosemite National Park, Obama praised the national park system which celebrates its 100th anniversary this year. He talked about the importance of America’s “national treasures” and the need to protect them from climate change and other threats. VOA’s Julie Taboh reports.

    Video Counter-Islamic State Coalition Plots Next Steps

    As momentum shifts against Islamic State in Iraq, discussions are taking place about the next steps for driving the terrorist group from its final strongholds. Secretary of State John Kerry is hosting a counter-IS meeting at the State Department, a day after defense ministers from more than 30 countries reviewed and agreed upon a course of action. VOA Pentagon correspondent Carla Babb reports.

    Video Russia's Participation at Brazil Olympic Games Still In Question

    The International Olympic Committee has delayed a decision on whether to ban all Russian teams from competing in next month's Olympic Games in Brazil over allegations of an elaborate doping scheme. The World Anti-Doping Agency recently released an independent report alleging widespread doping by Russian athletes at the 2014 Winter Olympics in Sochi. So far, only Russian track and field athletes have been barred from the Summer Games in Brazil. VOA's Zlatica Hoke has more.

    Video Scotland’s Booming Whisky Industry Fears Brexit Hangover

    After Britain’s vote to leave the European Union, Scotland’s government wants to break away from the United Kingdom – fearing the nation’s exports are at risk. Among the biggest of these is whisky. Henry Ridgwell reports on a time of turmoil for those involved in the ancient art of distilling Scotland’s most famous product.

    Video Millennials Could Determine Who Wins Race to White House

    With only four months to go until Americans elect a new president, one group of voters is getting a lot more attention these days: those ages 18 to 35, a generation known as millennials. It’s a demographic that some analysts say could have the power to decide the 2016 election. But a lot depends on whether they actually turn out to vote. VOA’s Alexa Lamanna reports.

    Special Report

    Adrift The Invisible African Diaspora