One Simple Rule: Never Hack Russians
Putin's "Patriotic Hackers" are the cyber equivalent of "Little Green Men". They just need to follow one simple rule.
The Kremlin employs a motley crew to undermine the West — biker gangs, Little Green Men, and of course, “patriotic hackers”, many of whom have ties to Russian intelligence.
Russian cyber crime rakes in billions of dollars each year. The Russian government largely turns a blind eye to the practice as long as hackers follow one simple rule: never target Russians.
It’s a cozy arrangement for many in the former Soviet Union. Legitimate cybersecurity jobs are relatively rare and pay just a few thousand dollars per year. As one Russian cybercriminal remarked, “I’ve got no money, a strong education, and law enforcement’s weak. Why not earn a bit on the side?” Indeed, many Russian cybercriminals have a symbiotic relationship with Russian intelligence agencies. Criminals receive tacit support and endorsement from the Russian government for their activities while the Russian government can attack its adversaries with plausible deniability.
Take the 2007 Distributed Denial of Service (DDoS) attack on Estonia, an attack so disruptive Estonian officials actually considered invoking NATO’s Article 5 for a military response. Though the attack certainly emanated from Russia and achieved the Kremlin’s political objectives, no one has yet conclusively pinned the attack on the Russian government. Instead, Russian actors tapped into criminal botnets in order to flood Estonian websites, placing the country under a digital blockade with nary a word from the Kremlin.
The tradition continues today. In 2017, the US Justice Department unsealed an indictment against three Russian citizens for targeting the Yahoo accounts of prominent Western journalists and politicians. Two of the Russians — Igor Sushchin and Dmitry Docuchaev — were officers of the FSB, the intelligence agency previously known as the KGB. The third Russian, Alexsey Belan, had been previously been indicted on cyber-related charges in the US before being arrested in Europe and eventually fled to Russia. The FSB offered to overlook Belan’s arrest warrant in return for services to the Russian government.
Russian cybercriminals continue to be a thorn in the side of Western governments. In October, US Cyber Command took the unusual step of launching an operation against a large criminal botnet known as Trickbot. Trickbot’s owners are notorious for offering their services to the highest bidder, usually for the purposes of ransomware. Cyber Command allegedly undertook the operation against the criminal network in the hopes of preventing it from interfering in the 2020 Election — a service its (presumably) Russian handlers would pay handsomely for.
Russia is expected to exchange favors with Russian cyber criminals for plausibly deniable operations against the West. Hackers just have to heed one simple rule — never hack Russians.