They are the most capable, their methods are ingenious and innovative, their weapons are the equivalent of the atomic bomb during the Cold War. How did the Russian hackers transformed their country into a cyber superpower?
“I think that we have to be very, very wary of what the Russians might be trying to do in that cyber realm. Their cyber warfare abilities are exceptionally capable and sophisticated“, said the head of the CIA, John Brennan. An alarm launched in the aftermath of the Democratic National Committee hacking that, according to preliminary FBI investigation, came directly from Moscow.
It was neither the first nor the last time that a cyber attack from Russia hit a server in a Western country. So much so that when on October 21 a DDoS attack, of a magnitude never seen before, paralyzed a big slice of the US WWW for a couple of hours (a completely new kind of attack, which exploited tens of millions of devices connected to the Internet around the world, such as video recorder and IP cameras, to create a bot army that hit the same target), everybody looked East.
But, how did Russia become the first cyber power in the world? And, most importantly, why?
A generation of hackers
Russia is the largest and most advanced marketplace for hacking services in the world. A report published in 2012 by Trend Micro, a security company, already warned on the level reached by Russian hackers and ease of access to their services. A DDoS attack may cost $30 to $70.
When between the 90s and 2000 crowds of youngsters spent their teenage years in the air stale of internet cafes scattered in the basements of Russian cities, was actually growing a generation of geeks able to exploit the web in a not so legal way, out of boredom or for money. No IT or developers – not only, at least – but just hackers.
The Russian government has immediately taken advantage of these groups of cyber criminals, financing them, motivating them politically and integrated cyber operations in its military doctrine against both external and internal threats. Unlike China, which has focused on a form of rigid censorship based on firewalls and Human Flesh Search Engine, the control on digital dissent in Russia has been assigned to the willing Putin’s youth: Web brigades, Team G, army of trolls. This has created an even more fertile ground in which to grow young talented hackers, eager to get in the government service, for money or ideology.
All the instruments of Infowar
“The Russians see the Internet as an instrument of conquest without physical warfare”, said James J. Wirtz, historian of the Cold War and expert of geopolitical conflicts to Parallax, a website specialized on security isues. “The minds of many people in Russia leap immediately to the grand strategic and political implications of a technology. The country’s best engineers don’t necessarily invent the technology, nor are they necessarily the best at using it. But they have a real talent for understanding the long-term political and strategic impact”.
Tom Kellermann, chief cyber-security officer for Trend Micro, thinks that the Russians are more intelligent, “they think through every action they take to a point where it’s incredibly strategic. They’re operating at eight to 12 steps ahead on both the offensive and defensive side of the chessboard”.
The idea of Russian hackers like chess players is fascinating, but does not explain by itself the level reached by cyber warfare facilities.
Russia has a broad concept infowar, a concept that goes beyond just cyber warfare and includes intelligence and counterintelligence, disinformation, electronic and psychological warfare, debilitation of communications and propaganda. In this sense, DDoS attacks, electronic espionage and RT TV programs are the same thing.
The doctrine of cyber war
The Doctrine of Information Security of the Russian Federation is a document dating September 2000 and signed by Putin just eight months after his rise to power. A 16 year old document, which explains the Russian approach to internal security: to protect strategically important information, block external threat like activities of foreign political, economic, military, intelligence and to reinforce the moral values of society, traditions of patriotism. An approach that is also found in the 2014 document on Military Doctrine.
Two years later, Putin abolished the Federal Agency for Government Communications and Information, FAPSI, and assigned the tasks of cyber warfare to the FSB, the FSO and the GRU, the three branches of the civilian and military intelligence.
The effects didn’t show up too late. In 2007, a DDoS attack took down Estonian government Internet network, in response of the decision to dismantle a monument to the soldiers of the Red Army in Tallin, causing the interruption of essential services and significant damage to the Estonian economy. In 2008, a few weeks before Russian military invasion in South Ossetia, Russian hackers blocked communications in Georgia, as well as several government and the President’s websites. In 2014 the cellphone network and the Internet of Crimea was hit, shortly before the arrival of “little green men”, the Russian soldiers without insignia. And earlier this year an attack on Ukraine’s electricity grid has left 700,000 houses in the dark.
Brennan is right when he warns against “digital bear” threat. But the security experts of the western countries had better listen to him.
@daniloeliatweet
They are the most capable, their methods are ingenious and innovative, their weapons are the equivalent of the atomic bomb during the Cold War. How did the Russian hackers transformed their country into a cyber superpower?
