Russia's Hackers Long Tied to Military, Secret Services
8.10.2018 securityweek
BigBrothers

During the Soviet era, the country's top computer scientists and programmers largely worked for the secret services.

That practice appears to have resumed under President Vladimir Putin, as Russia faces accusations of waging a global campaign of cyber attacks.

Dutch officials on Thursday accused four Russians from the GRU military intelligence agency of attempting to hack into the global chemical weapons watchdog in The Hague.

The agency has investigated both the fatal poisoning of Russian former double-agent Sergei Skripal; and an alleged chemical attack by Moscow-allied Syrian President Bashar al-Assad.

The Baltic states were the first to accuse Moscow of mounting attacks to knock out their sites back in 2007.

Estonia said one such attack had put the country's main emergency service phone number out of action for over an hour.

Since then, accusations of cyber attacks have continued against Moscow.

The Russian hacker group variously known as Fancy Bear, APT 28 and Sofacy has been linked to GRU and accused of attacks on the US Democrats' 2016 presidential campaign, together with Russia's FSB security service, the successor to the KGB.

The skills of Russian hackers today developed from a tradition of excellent computing and programming skills dating back to the Soviet era.

"The whole structure of the economy was skewed towards the military sector," said Oleg Demidov, a consultant at the Moscow-based independent think-tank PIR Center.

"All the achievements of Soviet science including the first computers went to serve the military sector."

The most brilliant students were pushed to work in the military and space sector, he added.

- Banking crime -

After the Soviet Union fell apart in 1991, its armed forces were broken up and most of the top specialists turned to the nascent banking sector in Russia, either to work there or to attack it.

In this era saw the first cyber attacks on banking operations and the first mentions of Russian hackers.

"Now Russian hackers are excellently trained and equipped and they still occupy one of the top positions in banking crime," said Demidov -- even if the Russian justice system has begun to crack down on them.

In 2016, Russian cybersecurity giant Kaspersky estimated that between 2012 and 2015, Russian hackers had stolen at least $790 million worldwide.

Russian computer scientists study at "very strong universities in Saint Petersburg, Moscow, Novosibirsk, Kazan or Krasnoyarsk", said Denis Kuskov of TelecomDaily specialised research agency.

They "can work anywhere in the world, in any international company," he added.

In recent years, however, more have opted to stay in Russia, he said. "The secret services have grown more interested in good programmers and it's easier for them to find work in Russia now."

In 2012, the Russian defence ministry announced it was creating its own "cyber troops". It launched a wide recruitment drive that included promotional videos on social media.

For Demidov, the growing wave of attacks attributed to Russian hackers has come about as Russia becomes better able to defend its own cyber security more strongly, the military sphere included.

"These efforts... have began to bring results," he said.

Today however, even the most established players in Russian IT are in the sights of the West.

The US in 2017 imposed a ban on the use of Kaspersky's anti-virus software by federal agencies amid concerns about the company's links to the Russian intelligence services.

While many young Russians may choose to work for the military and secret services for reasons of patriotism, some may still be more interested by the money.

This week a military tribunal in Moscow held a closed-doors trial for the head of operational control at the FSB's centre for information security, Colonel Sergei Mikhalkov and three alleged accomplices.

Kommersant daily reported that they were accused of passing secrets on the Russian secret services' cyber technology to the FBI in return for $10 million.