A history of Russian hacking

Just over a decade ago, Russia embarked on a global programme of state-sponsored cyber warfare to prove its technological prowess. Its hacking operations have become more wide-ranging in scope and more damaging with every target

  • By Sophie Perryer | Monday, October 22nd, 2018

Russia has mounted cyberattacks on a number of countries over the past decade, including Estonia, Georgia and the US

Russia is now seen as the global hegemon in cyber warfare – a staggering feat for a country that, less than 30 years ago, experienced a total political upheaval that practically flattened its technology sector. Over the past 10 years, it has orchestrated a vast number of coordinated and uncompromising cyberattacks across governmental and private organisations.

This year alone has seen parties such as Barack Obama, the UK and Dutch governments and the Swiss attorney general condemn Russia for causing worldwide chaos through a series of brazen hacks. Russia’s methods have advanced technologically over the years, from rudimentary email-server hacking to the creation of tailored social media messages carrying destructive malware viruses. However, it is still not clear why the nation chose to embark upon such an injurious hacking campaign in the first place.

Some have said it is a demonstration of technical prowess; others have claimed it is symptomatic of the evolution of modern warfare. The experts all agree on one thing, though: that Russia’s cyber offensive shows no sign of slowing.

History matters
In order to understand why the number of Russian hacks has accelerated so rapidly in the past few years, it’s vital to take a look back at the country’s history. Russia as we know it was formed in 1991, when the fall of the Soviet Union brought an end to one of the 20thcentury’s foremost geopolitical powers. In its short history, the country has suffered immense economic hardship, beginning with that very collapse and exacerbated by a number of recessions that have hit Russia’s fragile economy particularly hard.

In comparison to the rest of the world, which was experiencing the dotcom boom at the time, post-soviet society was reverting to the technological dark ages

The Soviet Union had a highly developed science and technology (S&T) infrastructure that was driven by state demand and focused on military and national security needs. “Russia, and before it the USSR, was very adept at information warfare – using information against people, and to confuse enemies – and the growth of the internet has made that a lot easier,”said Charles Arthur, former technology editor atThe Guardianand author of Cyber Wars: Hacks that Shocked the Business World. However, there was no semblance of a private technology sector, primarily due to the collectivist nature of the political regime.

The S&T sector was severely damaged by soviet ruin, as domestic investment sank and talented scientists left the discipline and even the country. In comparison to the rest of the world, which was experiencing the dotcom boom at the time, post-soviet society was reverting to the technological dark ages.

This lasted for some years, and with the Russian state being notoriously impenetrable, it is difficult to know what sort of technological progress took place during that time. David Manners glimpsed through a crack in the facade when he wrote for Electronics Weekly in 2005: “Russian big business is under control, taxes are being collected, and the oligarchs are turning their attention to the high-technology sector.” Manners also detailed a number of state-sponsored measures to encourage technological innovation, which included a “national investment fund with nanotechnology as a priority” and the establishment of “four new technoparks”. It seemed Russia had got its domestic affairs in order and was embarking on a programme to catch up with the rest of the world.

State intervention
It’s important to note, however, that Putin’s government sought to impose innovation from the top down – this meant heavy state involvement at all levels of the technological ecosystem. There was also an implication that innovation by private companies must serve to consolidate Russian power across the globe and incorporate an aspect of national security protection.

In approximately 2005, Russia began investing heavily in private sector technology companies, encouraging them to expand overseas. The additional injection of cash allowed them to take more risks with their international business, but also permitted the government to exert control outside of Russian borders. The state also set up corporations of its own, such as Rostekhnologii: established in November 2007, the company acts as a holding enterprise and unites more than 700 businesses, 80 percent of which operate in the defence sector. Now known as Rostec, the company has over 453,000 employees and operates in more than 60 countries. Many have speculated that its extensive overseas presence allows the company – and by extension, the state – to exert actual as well as symbolic control on a global scale.

The science and technology sector was severely damaged by soviet ruin. Domestic investment sank and talented scientists left the discipline and even the country

“The government’s heavy investment in technology is related to a political goal to influence global trade and to become highly competitive in many important areas,” said Dr Alexandra Smith, a reader in Russian studies at the University of Edinburgh. She continued: “As Putin mentioned a few years ago, he believes that the collapse of the Soviet Union in 1991 was the biggest tragedy that happened in the world in the 20th century. It seems to me that the Russian Government and state-sponsored companies are keen to regain some sort of control over many previous areas of influence.”

But despite this intensive state investment in what it hoped would become a burgeoning technology industry, Russia’s GDP lagged woefully behind on the world stage. Statistics from World Bank reveal that in 2007, Russia’s GDP stood at $1.29trn, compared with the UK’s $3.07trn, China’s $3.55trn, and the US’ staggering $14.47trn. Russia, realising that no amount of investment would grow its economy fast enough to uphold the sort of global power it desired, resorted to incapacitating other countries instead.

Stars align
The ongoing Russian programme of cyberattacks is broadly accepted to have begun 11 years ago, and was facilitated by a number of factors that fortuitously aligned at that time. The 1998 financial crash meant a huge number of IT professionals were out of work: their talents could then be utilised by the government, and so many of them went on to become state-sponsored hackers.

Arthur explained to The New Economy: “Russia has a long history of really good programmers. Don’t forget that the first really addictive computer game, Tetris, was written by a Russian programmer.”

He added: “They’ve had to make do with very little, in programming terms, so have figured out ways around the system. And working for the state is at least a steady job – not like working for an oligarch who might get jailed at a moment’s notice. So recruitment isn’t a problem if someone meets the grade.”

The dotcom boom and the acceleration of technology worldwide made sure that the country wasn’t short of targets, while state sponsorship of technological manufacturers meant there was an abundance of cheap equipment available.

The first large-scale cyberattack that Russia orchestrated was targeted at Estonia in 2007, following a diplomatic war over a soviet war memorial. Russian hackers carried out a type of attack known as a ‘distributed denial of service’ (DDoS), which block the intended users of a machine or network by disrupting internet access with a flood of bogus traffic. Russian hackers made online banking unavailable, shut down government email systems and prevented Estonian media outlets from distributing news.

What was particularly shocking about this initial attack was its brazenness. Russia made no attempt to conceal that it was behind the hack, as instructions for how to restore sites appeared in Russian, and Estonian officials were quickly able to trace the IP addresses of the hackers to Russia. This impudence has remained a hallmark of Russian’s cyber warfare in the years since the Estonian attack: hacks on Georgia’s presidential website during the 2008 Russo-Georgian War contained the phrase “win+love+in+Rusia”, and in August 2009 Russian hackers shut down Facebook and Twitter in Georgia to commemorate the first anniversary of the Russian invasion.

What was particularly shocking about the Estonia attack was its brazenness. Russia made no attempt to conceal that it was behind the hack

For the first few years of its state-sponsored hacking programme, Russia mainly stuck to smaller targets such as ex-soviet countries. That changed in 2015, though, when the country turned its attention to Europe and orchestrated a mass-scale attack on the German parliament. Russia’s penetration of the Bundestag’s computer network was the most significant hack in German history and marked the beginning of a programme of political interference by Russian hackers.

Increased efforts
In 2016, Russian hackers embarked upon their biggest task yet: altering the outcome of the US election. Their activities were wide-ranging and included systematic distribution of ‘fake news’ on social media sites, alleged financial contributions to Trump’s campaign, and – the centrepiece of their interference – a phishing attack on Hillary Clinton’s campaign.

In March 2016, hackers sent a virus-laden email to Clinton’s campaign chairman John Podesta, giving them access to 60,000 emails from his private account. These emails were then passed through a third party to Wikileaks, which released the emails on a daily basis leading up to the date of the election. The hack irreparably damaged Clinton’s campaign and was a strong contributing factor in bringing about Trump’s election victory.

Since their success in changing the course of the US’ political history, Russian hacks have increased in frequency across the globe. In the past two years alone, the UK, Netherlands, US, France and Canada have all accused Russia of attacking various governmental institutions and private corporations, including the World Anti-Doping Agency, the Organisation of the Prohibition of Chemical Weapons, Ukrainian banks and energy infrastructure firms, and the US power grid.

Ongoing threat
As recently as October 4 this year, western nations pledged to work together to combat Russian hacking following the release of an explosive new report by the British National Cyber Security Centre. It definitively attributed a number of recent hacks to the Russian state, with the GRU – Russia’s foreign military intelligence agency – named as the perpetrators of the attacks. The report claimed that cyberattacks have become “the Kremlin’s chosen clandestine weapon in pursuing its geopolitical goals”.

Use of the term ‘weapon’ captures the fundamental reason behind Russia’s decision to aggressively pursue a cyberattack programme. Arthur explained: “Jaw-jaw might be better than war-war (to quote Churchill), but cyber-cyber is better than both. Physical warfare is imprecise – buildings and people tend to get damaged – where hacking is generally easy to target.” He continued: “[It] has simply become like owning nuclear weapons – it’s table stakes for modern nation-craft, and especially modern spycraft.”

Cyber-hacking has become a deadly tool in the modern world of warfare – one that Russia has become adept at using to great advantage. As the country goes after larger targets, it has become increasingly clear that it is on an unrelenting path for global hegemony, using these myriad attacks to consolidate its technological and economic power. Both states and corporations must therefore find more sophisticated ways to protect themselves in cyberspace, as well as safeguard their most precious possession in the modern era: their data.