News / Science & Technology

    Russia Plays Big Role in Cyber Spying, Hacking

    A man types on a computer keyboard in Warsaw in this Feb. 28, 2013 illustration file picture.
    A man types on a computer keyboard in Warsaw in this Feb. 28, 2013 illustration file picture.

    Even in these times of incessant cyber-attacks and Internet hacks, the news took many security analysts by surprise – and led to the doors of the Kremlin.

    Late in October, computer networks at the White House were breached by an outside group, causing disruptions throughout the entire system.  White House officials were quick to point out that the hacked systems did not contain classified information, and moved swiftly to plug the security holes.

    Still, the White House computer systems are among the most highly fortified in the world. So who was behind the successful and brazen attack?

    The White House blames hackers tied to Moscow. And, coming on the heels of other reports of alleged Russian cyber-attacks targeting the governments of Germany, Ukraine among others, and military resources at NATO headquarters, the White House hack is raising alarm that one of the most serious threats to online security may not be coming from China, but from Russia.

    “The Russians are a lot more sophisticated in terms of state-sponsored attacks than the Chinese,” says Darren Hayes, director of cyber-security at Pace University. “It’s of concern because often various traditional mechanisms used for stopping these types of attacks are rendered useless.”

    Russian cyber moves

    Russia was one of the first nations to move assertively into the digital sphere.

    As far back as 1998, long before most nations even began thinking about cyber-security, the Kremlin directed “Directorate K,” a government agency, to begin operations to monitor and defend against hackers and spammers. In recent years, Directorate K has since taken on a greater offensive role in the digital arena.

    In what is widely considered the first nationally coordinated cyber-attack against another nation, Russian hackers in 2007 launched waves of massive cyber-attacks against Estonia, effectively crippling the nation. One year later, a similar operation targeting Georgia was launched from Russian ISPs.

    “Russia is clearly testing NATO and the West,” Urmas Paet, Estonia’s Foreign Minister, warned at the time.

    “And that was before Ukraine,” said Hayes, an expert on Russia’s cyber activities. “Here, we’re seeing the convergence of military aggression – as we’ve seen what’s happened the last few days in Sweden for example – with cyber-attacks. The cyber-attacks can be just as devastating as an actual kinetic attack. They’re having tremendous success.”

    Analysts say Russia’s moves are getting far less notice than China’s cyber exploits.

    “The threat from China is overinflated, (and) the threat from Russia is underestimated,” said Jeffrey Carr, who heads the web security firm Taia Global and author of the book Inside Cyber Warfare. “Russia certainly has been more active than any other country in terms of combining cyber-attacks, or cyber-operations, with physical operations,” he told VOA. “The Russia-Georgia war of 2008 was a perfect example of a combined kinetic and cyber operation.  And nobody else has ever done that – China has never done anything like that.”

    Kurt Baumgartner is the Principal Security Researcher at the web-security firm Kaspersky Lab, and has been tracking various major malware Russian-speaking threats including “RedOctober”, “Epic Turla” and others. Two of those most recent threats, “Sandworm” and “Crouching Yeti,” have been linked back to Russia because of Russian language coding.

    But Baumgartner said Kaspersky has not yet been able to definitively tie these attacks to sources in Russia.

    “Cyber-espionage seems to be the name of the game,” he told VOA via email. “But, source attribution is practically impossible as cybercriminals have been known to use various techniques to keep themselves hidden (using different languages from their own in their code or work, constantly changing locations or working with a large organization of criminals.”

    US eyes Russia

    The cyber-threat posed by Russia may not be new, but it appears leaders in the U.S. intelligence and military communities see it as a growing problem.

    Earlier this year, speaking before the House Permanent Select Committee on Intelligence, James Clapper, the U.S. Director of National Intelligence, spoke to what he sees as the unique threat that Russia poses in the digital world.

    “Russia presents a range of challenges to U.S. cyber policy and network security,” Clapper told the committee. “Its Ministry of Defense is establishing its own cyber command, according to senior MOD officials, which will seek to perform many of the functions similar to those of the U.S. Cyber Command. Russian intelligence services continue to target U.S. and allied personnel with access to sensitive computer network information.”

    Some months later, speaking at a conference in Austin, Texas, Clapper was more blunt.

    “I worry a lot more about the Russians than China," he said.

    A DNI spokesperson told VOA via email that Clapper’s warning referred directly back to his cautionary statements made in public about Russian hacks.

    Kaspersky’s Baumgartner point to what he calls a “learning effect” – that more advanced hackers tied back to Russia are apparently learning from each other, increasing the overall effectiveness of the attacks. However, he said that this learning effect does not definitively prove Moscow’s involvement.

    “Functionality found in malware or techniques can be misleading,” he said via email. “It cannot be relied on to speculate that a specific campaign was operated out of one part of the world or another - analysis and identifying the source is much more complex than that.”

    Russian officials have routinely denied any involvement in hacks that have been traced back to Russian ISPs. Several calls to the Russian embassy by VOA for comment were not returned.

    And while many forensic analysts like Carr say that  Russia’s capacity for cyber-attacks is technologically comparable to that of the U.S. or Israel – among the world’s most sophisticated hackers – finding definitive proof of Moscow’s involvement remains difficult.

    “Viruses unfortunately don’t carry ID cards” Kaspersky, the Russian security specialist and founder of Kaspersky Lab, told Der Spiegel. Kaspersky was referring to the now-standard practice used even by amateur hackers to spread malware or launch attacks through a series of ISPs in various countries, thwarting efforts to trace the attack back to the source.

    Pace University’s Darren Hayes also notes that another tactic employed by Moscow has been to use non-governmental groups, such as the pro-Putin “Nashi” youth movement, to carry out cyber-attacks, giving the government plausible deniability for involvement.  

    “It’s been long known that the Russian government isn’t afraid to use young hacker groups, not only for monetary uses but also for attacks related to political issues,” said Hayes. “When you use these younger hacking groups that aren’t employed by, but are connected to, the Russian government, then it gives them a way to distance themselves from these attacks and not be noted as the perpetrator.”

    Russia’s Internet control

    There’s another trend that troubles some analysts; namely what appears to be Russia’s expanding efforts to control the Internet within its borders and those companies doing business there.

    Already, tech firms operating within Russia are required to comply with all requests about their products from the state Federal Security Service, known as the FSB. That can include providing sensitive information about the software design or registered users, or requests to insert new bits of code.

    The Kremlin tightened restrictions this year on what bloggers can say and expanded search requests for user information. Several months later, another law required major foreign-owned services like Twitter and Facebook to register with the state Internet monitor Roskomnadzor as well as locate all servers handling and storing Russian data traffic within Russia’s borders. 

    Some analysts like Hayes see a parallel between what Russia is trying to accomplish with its cyber-strategy and its current broader, national goals on the world stage: namely, continuing efforts to probe Western defenses while destabilizing local neighbors.

    “The effective counter-measures are more sanctions,” Hayes said. “These cyber-wars can be a lot more devastating financially and in terms of confidence than actual ground warfare sometimes. The U.S. needs to clearly define what cyber-warfare is, attribute it to various nations, and discuss repercussions for theft of intellectual property or money or just destructive attacks.”


    Doug Bernard

    Doug Bernard covers cyber-issues for VOA, focusing on Internet privacy, security and censorship circumvention. Previously he edited VOA’s “Digital Frontiers” blog, produced the “Daily Download” webcast and hosted “Talk to America”, for which he won the International Presenter of the Year award from the Association for International Broadcasting. He began his career at Michigan Public Radio, and has contributed to "The New York Times," the "Christian Science Monitor," SPIN and NPR, among others. You can follow him @dfrontiers.

    You May Like

    Multimedia Obama Calls on Americans to Help the Families of Its War Dead

    In last Memorial Day of his presidency, Obama lays wreath at the Tomb of the Unknown Soldier at Arlington National Cemetery

    The Strife of the Party: Will Trump Permanently Alter Republicans?

    While billionaire mogul's no-holds-barred style, high-energy delivery are what rocketed him to nomination, they also have created rift between party elites and his supporters

    China's Education Reforms Spark Protest

    Beijing is putting a quota system in place to increase the number of students from poor regions attending universities

    This forum has been closed.
    Comment Sorting
    by: Lawrence Bush from: Houston, Texas
    November 17, 2014 12:17 PM
    Really, I've been pondering over in great apprehension for a long time over the cyber hackings in ours and how it can be stopped? In context of of military competition and rivalry, the piratical activities and such hackings to go on. And, all that do necessiate to be curbed. Certainly, we should possess that sort of safeguards for our cyber systems all that to remain immune to any kind of piratical hacking by any enemy side in this
    world. Our cyber research sides of our defense and intelligence along with our top IT technocrats do have great responsibilities in this regard.
    In Response

    by: Doug Bernard
    November 18, 2014 8:17 AM
    I would only add that I've never spoken with a cyber-security researcher who believes that the U.S. government is doing nearly enough to protect sensitive assets from such hacks.

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    Chinese-Americans Heart Trump, Bucking National Trendi
    May 27, 2016 5:57 AM
    A new study conducted by three Asian-American organizations shows there are three times as many Democrats as there are Republicans among Asian-American voters, and they favor Hillary Clinton over Donald Trump. But one group, called Chinese-Americans For Trump, is going against the tide and strongly supports the business tycoon. VOA’s Elizabeth Lee caught up with them at a Trump rally and reports from Anaheim, California.

    Video Chinese-Americans Heart Trump, Bucking National Trend

    A new study conducted by three Asian-American organizations shows there are three times as many Democrats as there are Republicans among Asian-American voters, and they favor Hillary Clinton over Donald Trump. But one group, called Chinese-Americans For Trump, is going against the tide and strongly supports the business tycoon. VOA’s Elizabeth Lee caught up with them at a Trump rally and reports from Anaheim, California.

    Video Reactions to Trump's Success Polarized Abroad

    What seemed impossible less than a year ago is now almost a certainty. New York real estate mogul Donald Trump has won the number of delegates needed to secure the Republican presidential nomination. The prospect has sparked as much controversy abroad as it has in the United States. Zlatica Hoke has more.

    Video Drawings by Children in Hiroshima Show Hope and Peace

    On Friday, President Barack Obama will visit Hiroshima, Japan, the first American president to do so while in office. In August 1945, the United States dropped an atomic bomb on the city to force Japan's surrender in World War II. Although their city lay in ruins, some Hiroshima schoolchildren drew pictures of hope and peace. The former students and their drawings are now part of a documentary called “Pictures from a Hiroshima Schoolyard.” VOA's Deborah Block has the story.

    Video Vietnamese Rapper Performs for Obama

    A prominent young Vietnamese artist told President Obama said she faced roadblocks as a woman rapper, and asked the president about government support for the arts. He asked her to rap, and he even offered to provide a base beat for her. Watch what happened.

    Video Roots Run Deep for Tunisia's Dwindling Jewish Community

    This week, hundreds of Jewish pilgrims are defying terrorist threats to celebrate an ancient religious festival on the Tunisian island of Djerba. The festivities cast a spotlight on North Africa's once-vibrant Jewish population that has all but died out in recent decades. Despite rising threats of militant Islam and the country's battered economy, one of the Arab world's last Jewish communities is staying put and nurturing a new generation. VOA’s Lisa Bryant reports.

    Video Meet Your New Co-Worker: The Robot

    Increasing numbers of robots are joining the workforce, as companies scale back and more processes become automated. The latest robots are flexible and collaborative, built to work alongside humans as opposed to replacing them. VOA’s Tina Trinh looks at the next generation of automated employees helping out their human colleagues.

    Video Wheelchair Technology in Tune With Times

    Technologies for the disabled, including wheelchair technology, are advancing just as quickly as everything else in the digital age. Two new advances in wheelchairs offer improved control and a more comfortable fit. VOA's George Putic reports.

    Video Baby Boxes Offer Safe Haven for Unwanted Children

    No one knows exactly how many babies are abandoned worldwide each year. The statistic is a difficult one to determine because it is illegal in most places. Therefore unwanted babies are often hidden and left to die. But as Erika Celeste reports from Woodburn, Indiana, a new program hopes to make surrendering infants safer for everyone.

    Video California Celebration Showcases Local Wines, Balloons

    Communities in the U.S. often hold festivals to show what makes them special. In California, for example, farmers near Fresno celebrate their figs and those around Gilmore showcase their garlic. Mike O'Sullivan reports that the wine-producing region of Temecula offers local vintages in an annual festival where rides on hot-air balloons add to the excitement.

    Video US Elementary School Offers Living Science Lessons

    Zero is not a good score on a test at school. But Discovery Elementary is proud of its “net zero” rating. Net zero describes a building in which the amount of energy provided by on-site renewable sources equals the amount of energy the building uses. As Faiza Elmasry tells us, the innovative features in the building turn the school into a teaching tool, where kids can't help but learn about science and sustainability. Faith Lapidus narrates.

    Special Report

    Adrift The Invisible African Diaspora