Featured

Russia’s secretive cyber tactics have amounted to accusations of political sabotage

Russian President Vladimir Putin. Photo by: Ivan Sekretarev (Associated Press).

Current relations between Russia and the United States are edging dangerously close to the Cold War era, due to stalled efforts to end the conflict in Syria, and a formal accusation of cybercrime. On October 7, the U.S. government formally accused Russia of trying to “interfere” with the American presidential election, and promised to respond at an undisclosed time and place. Adding to the already tense relations between the two nations, a joint statement from the Department of Homeland Security and Office of the Director of National Intelligence was the first formal statement made by Washington, accusing Moscow of cyber attacks to gain political advantage.

It’s not the first time Russia has come under fire recently by the U.S. for using secretive cyber tactics to its advantage. In September, reports surfaced that a Russian cyber-criminal group known as ‘Tsar Team’ and ‘Fancy Bear’ publicly released stolen data from the World Anti-Doping Agency (WADA) online, including medical data of American Olympic stars, including gold medalist, Simone Biles and tennis champion, Venus Williams. The hackers threatened to leak more data in the future.

‘Fancy Bear’ shared a message on its website which says in part: “Greetings citizens of the world. Allow us to introduce ourselves. We are Fancy Bears international hack team. We stand for fair play and clean sport.” According to WADA, the Olympic database was accessed through an account created by the International Committee for the Rio games. The agency claims that the hackers obtained information through phishing of email accounts, which allowed the hackers to obtain passwords to the agency’s database, CNN reported. 

The Russian government denied any involvement in the hack, according to a statement from Russian presidential spokesperson Dmitry Peskov, who said: “We can say without a hesitation any involvement in such actions on the part of official Moscow, the Russian government or any Russian secret services is strictly out of the question. It’s simply ruled out.” But Russia’s credibility has been growing thin, with so many negative accusations directed at the country.

It was alleged that the same hacker group could be behind the U.S. Democratic National Committee hack which took place in June, revealing sensitive political strategy, and resulting in the resignation of the DNC committee chairman. News first broke of the hack in mid-June, when Crowdstrike, a firm that analyzes threats to network security, revealed that the Democratic National Committee had called it in to inspect the party’s servers, where it found “two separate Russian intelligence-affiliated adversaries present in the DNC network.”

Crowdstrike then released a report about its findings on June 14, which was picked up by The Washington Post, detailing the scope of the attacks. Crowdstrike reported that one of the hacker groups had access to the DNC servers for about a year. But a hacker calling themselves Guccifer 2.0 attempted to deflect the DNC hack away from Russia by claiming single responsibility for it in a blog post. The hacker also claimed to have handed much of the hacked DNC content to Wikileaks.

But Cybersecurity firms Fidelis Cybersecurity and Mandiant independently corroborated Crowdstrike’s assessment that Russian hackers accessed the DNC network, according to a report by Wired, and found that the two groups that hacked into the network used malware and methods identical to tactics used by other Russian hacking groups. The evidence mounted from there…

A month later in July, Republican presidential candidate Donald Trump, who has openly expressed his support for Russia and its president, appeared to incite Russia’s government to hack into and publish Democratic presidential candidate Hillary Clinton’s private emails. The statement caused shockwaves throughout the West and increased distrust of Russia’s cyber tactics. Trump’s call sounded “alarm” at growing evidence of a foreign power “interfering in an American election.”

Trump took the controversy further when speaking at a press conference in Florida, when he again urged Russia to hack into and release his opponent’s emails from the personal server she used while she was secretary of state. “Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing,” he said. “I think you will probably be rewarded mightily by our press. Let’s see if that happens. That will be next.”

The Clinton campaign highly criticized Trump’s words, and riled up distrust for Russia among American voters. Trump was accused by Joe Biden in a televised interview of seeking to undermine NATO in ways that would benefit Russia: “He’s playing directly into the hands of a guy who says his overarching goal is to break up NATO and to fracture Europe,” the U.S. vice president told MSNBC, speaking about Russian president Vladimir Putin.

Who’s telling the truth?

The latest assertion against Russia, with the U.S. formally accusing it of committing cyber attacks, comes with relations already frayed over NATO defenses and stalled efforts to end the bloody civil war in Syria. A U.S. administration official said Washington would respond to the cyber attacks, but didn’t provide details.

"We will take action to protect our interests, including in cyberspace, and we will do so at a time and place of our choosing," the official said. "The public should not assume that they will necessarily know what actions have been taken or what actions we will take."

The official statement, according to AFP, said the U.S. intelligence community "is confident that the Russian government directed the recent compromises of emails from U.S. persons and institutions, including from U.S. political organizations." The statement added: “We believe, based on the scope and sensitivity of these efforts, that only Russia's senior-most officials could have authorized these activities.”

But the Kremlin reportedly labeled the allegations as "rubbish”. Spokesperson Dmitry Peskov told Russian news agency Interfax, "Every day [President Vladimir] Putin's website gets attacked by several tens of thousands of hackers. A lot of these attacks are traced to the territory of the USA, but we do not blame the White House or Langley each time."

The U.S. statement added that the disclosures of alleged hacked emails on WikiLeaks and other websites and by the online persona Guccifer 2.0 were "consistent with the methods and motivations of Russian-directed efforts." That statement added: "These thefts and disclosures are intended to interfere with the U.S. election process.”

The statement did, however, stop short of accusing Russia in the recent cyber attacks on state election databases. "Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company," the statement said. "However, we are not now in a position to attribute this activity to the Russian government."

It is not immediately clear how Washington will respond to the matter at this stage. The government will want to keep its intentions private. But officials have said in the past that any cyber attacks on important U.S. institutions would prompt a response, which could take the form of diplomatic or economic sanctions, or possibly cyber measures.