“Hackers are free people, like artists,” Putin told a panel in St. Petersburg. “They wake up in a good mood and paint things. Same with hackers … They read something about the state-to-state relations. If they are patriotic, they make their own contribution to fight those who say bad things about Russia. “
“It’s not evidence. It’s an attempt to put this on us,” Putin added.
To some observers, this smells like a first attempt at “plausible deniability” by the Kremlin as investigations in the US continue. Even if those probes ultimately point the finger at Russian hacking, the Kremlin can shrug and plead ignorance or fabrication.
Proving otherwise would be very difficult. In the world of Russian hacking, the lines dividing criminal enterprise, freelance patriotism and service to the state are often blurred beyond recognition.
Patriotic hackers are not unknown in Russia. Vladislav Horohorin, an experienced hacker, recalls that when Russia and Georgia briefly went to war in 2008, Russians without any government connection hacked into the Georgian telecom infrastructure.
“I can attest that action developed spontaneously and out of sheer patriotism,” Horohorin said in an email exchange with CNN several months ago.
But Dmitry Volkov, head of threat intelligence for Russian cyber-security company IB, told CNN recently that he encountered little evidence of “hacker patriots.”
“We see newspapers that are writing about such type of threat actors, sometimes we track “hacktivists,” but usually they are very low-skilled guys,” he said.
Statistics (and prosecutions) suggest the vast majority of Russian hackers are in it for the money. Take the example of Peter Levashov, indicted by the US for computer fraud and theft. He was arrested in Spain in April and is awaiting extradition.
On a much smaller scale, hackers can trade their expertise for favors, according to Horohorin, who recently served a jail sentence in the US for online credit card fraud.
“I know there are certain individuals who for their hacking services obtained ‘predpisanie,'” Horohorin told CNN. That essentially means they had some sort of protection from arrest.
Sometimes, profit and patriotism may overlap — as in the multiple attacks on Ukrainian infrastructure allegedly carried out by Russian groups. There have been at least two attacks on the Ukrainian power grid. Suspected Russian hackers associated with the group “Fancy Bear” last year managed to install malware in a Ukrainian military application that helped reveal communications and location data from Ukrainian forces.
The US Director of National Intelligence came to similar conclusions over the hacking of the Democratic Party last year.
Most of the time, the evidence to support such assessments remains classified, and the ultimate identity of hackers unknown. Guccifer 2.0 was supposed to be a Romanian hacker.
But Thomas Rid, an authority on cyberespionage, told a US Senate hearing in March that the GRU had become more “careless, risk-taking, and error-prone” in its hacking, leaving digital fingerprints on various operations.
Poor tradecraft can make deniability less plausible.
There are also Russian hackers who try to subvert rather than support the state and may not be motivated by profit. Some have hacked into the personal records of senior officials and business figures, either to embarrass them or in a self-declared war on corruption.
Horohorin said that “some may use hacked resources for cyber-warfare, in pursuit of information, or to declare themselves or proclaim their own beliefs.”
His peers had little interest “in anything that could not be exploited for profit and stayed away from politics.” But “the younger generation became more politicized.”
Among them are groups like Humpty Dumpty, or in Russian, “Shaltai Boltai.”
The puzzling cross-currents and shifting loyalties among Russian hackers came to rare light in December when two officers of the FSB (Russian security service) were among four men arrested and accused of “treason on behalf of the United States,” according to a lawyer defending one of them.
But years before he had joined the FSB, Dokuchaev had himself been a hacker. He was a contributor to Hacker magazine, in which he once wrote: “There is a way to wealth — to start your own business in the web. One-two years and maybe you will be able to save enough to buy a villa by the Mediterranean Sea.”
Beyond doubt is the Russian authorities’ embrace of hacking and disinformation as part of a broader campaign of ‘active measures’ designed to weaken and confuse adversaries. Back in 2013, Russian Defense Minister Sergei Shoigu spoke of the need for a “head hunt” for experts in coding.
From the military’s determined recruitment of IT specialists to the patriotic fervor of hackers in their bedrooms, the age of what Shoigu likes to call ‘information warfare forces’ is here to stay.