Modern field guide to security and privacy
Russian President Vladimir Putin attends his annual end-of-year news conference in Moscow, Russia, December 23, 2016.
Sergei Karpukhin/REUTERS | Caption

How Russia wields cyberpower

patterns of thought

Cyberattacks around the world linked to Russia – including hacking US political groups – expose a growing sophistication for leveraging the internet's speed and scale to exert influence.

Though President-elect Donald Trump called for the American public to "move on" from suspected Russian hacks that marred November’s election, the Obama administration isn't letting go.

At a hearing on Capitol Hill Thursday, US intelligence officials said they will release a report early next week that promises to reveal direct evidence supporting the government's claims the Kremlin orchestrated sophisticated cyberattacks to expose Democratic National Committee (DNC) documents and attempt to undermine the presidential campaign.

While Director of National Intelligence James Clapper refused to reveal details of the report, he told the Senate Armed Services Committee that the intelligence community was "even more resolute" than ever that Russia carried out the operation, which involved "classical propaganda, disinformation, fake news" during the election. "Whatever crack they could fissure in our tapestry, they would exploit it," he said.

Even though Mr. Clapper said the tampering is one of the most aggressive cases of Russian political interference he has encountered, the US is hardly alone in trying to fend off possible Russian hackers. Moscow appears to be increasingly wielding power in cyberspace to disrupt other Western democracies, intimidate European adversaries, and grow its sphere of influence.

German Chancellor Angela Merkel recently warned that Russian hackers might attempt to meddle in its election through cyberattacks. France's cybersecurity watchdog said that suspected Russian hackers are targeting their systems ahead of a presidential vote in April. And last year, US officials blamed an unprecedented 2015 cyberattack on the Ukrainian electric on the Kremlin. 

"Russia has been the dominant actor in state-sponsored espionage in cyberspace for the past two decades," says Tom Kellermann of the cybersecurity firm Strategic Cyber Ventures. "Cyberespionage and cybercrime are being seen as a strategic imperative for the regime," he said. "It will be employed not only to facilitate propaganda, but it could also be used to manipulate data. Russia has the luxury of using their cybercrime proxies to create a fog of war."

But hacking tools appear to be just one means for Russia to exert its global agenda. Moscow is also relying on its economic powers, traditional propaganda, and espionage campaigns to compete with the US for influence in Europe, according to a joint report released last year by Washington's Center for Strategic and International Studies and Center for the Study of Democracy in Bulgaria.

"In certain countries, Russian influence has become so pervasive and endemic that it has challenged national stability as well as a country's Western orientation and Euro-Atlantic stability," according to the study.

"Kompromat is an old KGB strategy," says Andrei Soldatov, an investigative journalist based in Moscow, referencing a Soviet strategy to leak damaging information to harm or blackmail public figures used during the Cold War.

But with the onset of the Digital Age, Mr. Soldatov says, the Kremlin has learned to apply those tactics online, using the pro-Russian hacktivist group CyberBerkut to leak scandalous details about Ukrainian government officials after the invasion of Crimea. "These tactics were so effective – you can get a lot of dirt."

In a joint statement prepared for Thursday's hearing, Clapper, National Security Agency Directory Michael Rogers, and Marcel Lettre, Undersecretary of Defense for Intelligence, said that Russia had also recently used "cybertactics and techniques to seek to influence public opinion across Europe and Eurasia." 

Indeed, with the internet, Russia is more able to disrupt its adversaries and promote its global viewpoint at greater speed and scale.

"You have to view the hacking as one part of a broader series of steps that the Russian leadership has undertaken over the last few years," says Michael Sulmeyer, director of the Cyber Security Project at Harvard University's Belfer Center for Science and International Affairs. "The broader US–Russia relationship is at a very dangerous point right now. Hacking is a part of it."

Those tools aren’t limited to propaganda efforts. Russia-linked hackers appear to be using Ukraine as a test bed for digital attacks that target utilities and military operations.  Last month, Reuters reported that a Russian hacking group that shut down a part of the Ukrainian grid in 2015 also hit a utility in Kiev, cutting off the lights for a short time last month.

Additionally, the cybersecurity firm Crowdstrike, which investigated the DNC incursion, said that a Kremlin-linked hacking group was also able to successfully compromise an Android app developed by Ukrainian soldiers used to speed up firing time for artillery weapons.

"This is a tactic that will be looked at by many militaries around the world," says Dmitri Alperovitch, chief security officer at CrowdStrike. "If you target those devices, you can get extremely valuable information."

Even with evidence mounting that point to Moscow's involvement in the pre-election hacking in the US, it's unclear how Mr. Trump will respond to reports of Russian hacking. So far, he has contradicted US government reporting on the breaches at the DNC and other political organizations.

Speaking at his resort in Palm Beach, Fla., last week, Trump promised to reveal additional details about the hacks that he said US officials weren’t privy to on “Tuesday or Wednesday” – though no such details came.

Trump will receive a classified briefing from Mr. Clapper and other top Obama administration officials at Trump Tower on Friday. President Obama said Thursday that the briefing could help reduce tensions between intelligence officials and Trump, who seemed to favor WikiLeaks founder Julian Assange's doubts over the US intelligence community's findings in Twitter posts this week.

But even amid the flurry of hacking reports and news of fresh White House economic sanctions against Russia and the expulsion of 35 diplomats from the US, experts think it’s important to recognize that Washington has its own advantages when it comes to taking the fight to Moscow in cyberspace. 

“I’m hesitant to make the Russian cyber machine into a 10 foot tall personification. We’re pretty good, too,” says Harvard’s Mr. Sulmeyer. “We have standards – in terms of how we want states to play and operate in international relations. What we’re finding is that some of our toughest competitors are exploiting that.”