PUTIN’S CYBERWAR The FBI initially linked the hackers to Russia, and cybersecurity experts have added further substance to this belief since. The US-based cybersecurity firm root9B analysed the malware used 41 in the hacks and found code and signatures previously associated with APY28. Eleven months earlier, on 23 October 2013, the Warsaw Stock Exchange was hit by a series of cyberattacks. Data were stolen, client login details were made public online, and the Exchange’s systems were made accessible to cybercriminals of all stripes. It was sabotage by crowd-sourcing. 42 The hackers claimed to be from ISIS, but were in fact Russian, members of APT28. 5. The Kremlin’s Fingerprint? Vladimir Putin may have disparagingly characterised the Internet as a “CIA invention”, but he is determined to control it. Since he returned to the presidency in 2012, Putin has poured significant money and manpower into this endeavour. In 2015, he ordered the FSB, Russia’s Federal Security Service, to “cleanse the 43 Russian Internet” by forcing all Internet providers to keep their servers in Russia. During the Sochi Olympics in February 2014, the FSB deployed aggressive cyber-spying tools designed to infect foreign visitors’ computers and mobile phones with spyware through Wi-Fi networks and mobile 44 phone towers. In 2012, meanwhile, Putin pledged to create a separate Russian Internet, and has put some US$100 million towards it. While Putin has busied himself trying to master the Internet, there is uncertainty over who exactly is behind the cyberattacks from which Russia so evidently benefits. As with its more conventional warfare, Russia has intentionally blurred the dividing line between state and non-state. As well as having its own cyber specialists, the FSB reportedly recruits hackers to launch cyberattacks when it wants to punish or silence the Kremlin’s rivals. For at least the last decade, the Kremlin has sourced technology and even intelligence information from cyber-crime groups within 45 its near abroad – the so-called “Silicon Valley of Eastern Europe”. The result of this, according to cyber-threat analyst Jonathan Wrolstad, is that Russia possesses some of the most sophisticated hacking teams in the world. Russian hacking groups, says Wrolstad, write the “best pieces of 46 malware”, some of which are “almost impossible for an organization to detect”. Dmitri Alperovitch, co-founder of the security firm CrowdStrike, which monitors Russian cybercrime, has observed one of the tactics used by the Russian security services to recruit hackers. In an interview with The Hill, Alperovitch explained: “When someone is identified as being 41 ‘APT28 Targets Financial Markets: Zero Day Hashes Released’, root9B, 5 November 2015, available at: http://www.mediafire.com/download/bdr77piwp0ij0qz/FSOFACY.pdf, last visited: 13 May 2016. 42 Riley, M. and Jordan Robertson, ‘Cyberspace Becomes Second Front in Russia’s Clash With NATO’, Bloomberg, 14 October 2015. 43 ‘Russia Update: At FSB Meeting, Putin Portrays Russia as Innocent Victim of Hostile World’, The Interpreter, 26 March 2015, available at: http://www.interpretermag.com/russia-update-march-26-2015/, last visited: 6 May 2016. 44 Matthews, O., ‘Russia’s Greatest Weapon May Be Its Hackers’, Newsweek, 5 July 2015, available at: http://www.newsweek.com/2015/05/15/russias- greatest-weapon-may-be-its-hackers-328864.html, last visited: 6 May 2016. 45 One reason for the prevalence of such individuals is the Soviet legacy of emphasising maths and science education, which has resulted in high-qualified software writers and hackers. See, Flook, K. ‘Russia and the Cyber Threat’, Critical Threats, 13 May 2009, available at: http://www.criticalthreats.org/russia/russia-and-cyber-threat, last visited: 11 May 2016. 46 Bennett, C., ‘Kremlin’s ties to Russian cyber gangs sow US concerns’, The Hill, 11 October 2015, available at: http://thehill.com/policy/cybersecurity/256573-kremlins-ties-russian-cyber-gangs-sow-us-concerns, last visited: 6 May 2016. 10
Putin's Cyberwar Page 12 Page 14