Close this search box.

Cyber attacks from Russia: no sign of cyber war (yet)

Defence minister Ank Bijleveld stated on 14 October that the Netherlands is engaged in a cyberwar with Russia. It has been in the news regularly since 2015: cyber attacks from Russia in several Western countries. The term war seems exaggerated - after all, no physical damage has been done yet - but the attacks are becoming increasingly brazen. How did it come about, how does it work, and how do we deal with it? On these and other questions, cyber and intelligence expert Andrei Soldatov and Eliot Higgins of Bellingcat spoke at the Rode Hoed in Amsterdam.

Hacking attempt OPCW

Cyber attacks have the potential to do a lot of damage. For instance, the controls of a nuclear power plant can be taken over, with all its consequences, as well as the operating systems of Schiphol Airport, hospitals and other important institutions. While thankfully this has not happened yet, the attempt to hack the OPCW, the international chemical weapons watchdog, does send a clear message about what the Russians are capable of. This attempt may have failed, but far more attacks are taking place than we 'civilians' know. The MIVD, military intelligence and security service, was remarkably open in the OPCW case, as normally they operate in secret and no disclosure is made. Several reasons are given as to why disclosure was made this time. For instance, it is considered a signal to Russia that the Netherlands is alert, and it is a form of naming and shaming

Russian intelligence services

The hacking attempt of the OPCW fell under the GROe, Russia's military intelligence agency. With the increased number of cyber attacks and the attack on former spy Skripal in the UK, the GROe gained global notoriety. It is important to note that Russia's current intelligence service consists of three agencies. The KGB was split into the FSB (Federal Security Service) and the SVR (Foreign Intelligence Service) after the collapse of the Soviet Union, and the GROe continued on the same footing, but gained prominence under Putin. The service was created by Lenin and he insisted that it should be independent of the other security services. This stemmed from mistrust, but it is still the practice. While the FSB and SVR report directly to the president, the GROe reports to the defence ministry.

That cyber attacks and Russian intelligence are under a magnifying glass was also evident at a meeting in the Red Hat on 16 October, entitled 'Who is afraid of the FSB.' Guests included Andrei Soldatov, Russia's best-known cyber and intelligence expert and author of the book 'the Red Web', and Eliot Higgins, founder of Bellingcat which, among other things, investigates authenticity of information and gained great notoriety for its investigations into the shooting down of flight MH17 and the Skripal case.

Denial of responsibility

Soldatov explained what he sees as a turning point in internet information, namely the second Chechen war. Putin realised he could use the internet to explain the war, something he felt journalists had failed to do. However, a pro-Chechen website showed a different picture of the war, and despite several attempts by the Kremlin, the website was not taken offline. A group of students from Tomsk (a city in Siberia) did manage to do so. Soldatov explained that this is exactly what the FSB actually wanted: namely, the FSB could hide behind the fact that they themselves had done nothing and deny any responsibility, and meanwhile praised the action and called it a patriotic act.

Cyber hacking groups, such as Fancy Bear - known from the hacking scandal surrounding the 2016 US elections - play an important role because of the lack of a direct link to the Russian government, and this is now more or less true of the GROe's operations. Many hacker groups now work for the GROe, which is supported by the Russian government. So the link is there, but it is often difficult to prove. While the FSB did not have the resources to control the internet at the time, the GROe does and has now become a major player in the Russian cyber 'army'.

Fake news debunked

Apart from the 'normal' hack(attempts), we are also exposed to fake news, a topic that has become unavoidable with the advent of online social media. It is sometimes thought of light-heartedly, but the impact of fake news can be very big. Indeed, public opinion is influenced by fake news. Information is usually stolen initially, through hacking, and then misrepresented, or people respond in large numbers to certain messages (by so-called trolls) to influence public opinion. Eliot Higgins, founder of Bellingcat, is constantly concerned with the authenticity of messages and events. Most of his focus is on Syria and in his presentation he showed that the Russians lied many times about the location of a particular bombing, or about the date etc. Not only have there been important revelations in Syria, but Bellingcat has also uncovered important information in the MH17 investigation. Higgins' main message is that we cannot just take information as the truth, especially from Russia, but should first investigate whether it is true.

Bellingcat demonstrates with several studies that the spread of fake news can be countered, although it is often not easy and requires a lot of effort. The same goes for countering cyber attacks, which also requires constant vigilance. But for now, it is necessary in both cases as it does not seem plausible that Russia intends to stop. The other alternative, counterattacking by hacking back or spreading fake news ourselves, would mean lowering to someone else's level and we should not want that.


Sources: Business insider, Eenvandaag, The Guardian, Wed, Allegiance II