An unexpected country has kept appearing throughout the 2016 election, in the news and elsewhere. Russia has been a surprising player in the 2016 election, although officially, of course, Russia has denied everything. According to Russia, it’s just malcontents that happen to be within its borders, which nobody genuinely believes. Why is Russia starting a cold war online, and what does it mean for us?
State-sponsored hacking is hardly a new phenomenon. The FBI has added several Chinese military personnel to its most wanted list over suspicions of breaching United States computer systems. Iran has been accused of attacking American banks. And the American intelligence community itself is hardly innocent, as Edward Snowden’s leaks have made abundantly clear.
These hacking attacks are, in the end, simply a different way to perform basic spycraft. Instead of reading an ambassador’s letters, they now read his emails. It may be of questionable legality, but for many in governments around the world, it’s just one of the many problems they have to deal with to serve their country. What’s brought Russia under the microscope is how its hacks are used.
The DNC email hack was unprecedented because it was believed Russia, however clumsily, was attempting to influence the 2016 election. The FBI has warned of state-sponsored groups attempting to breach voter databases and election boards in the U.S. It’s even attempted to breach U.S. news organizations like The New York Times and CNN, although the motive behind these attempts isn’t clear.
And, worryingly, Russia has been exceptionally hostile towards former Soviet states. In 2007, Estonia, an independent country, removed a statue and had its entire online presence shut down for several days, little more than a juvenile prank. By 2015, it attempted to take down a Ukrainian power grid. And no website is safe, as Russia will pay trolls to endlessly promote whatever viewpoint it wants out there in comments sections and blogs.
How can Russia do this, flagrantly and publicly? In the end, it’s simple: Everybody knows Russia is sponsoring the hackers behind it, but nobody can prove it definitively.
How State-Sponsored Hacking Works
Officially speaking, there are no state-sponsored hackers, in Russia or anywhere else in the world. There are only malcontents, patriots, and criminals working independently for the country they love. But there are hints and fingerprints that can reveal state-sponsored hacking, usually betrayed by the software used.
Computer software is like any other form of technology; the more complex it is, the more expensive and the more specialized knowledge it takes to build it. The hackers you hear about committing petty crimes tend to use preprogrammed software such as Blackshades instead of creating their own. Beyond a certain point, it’s all but impossible that a lone actor or ambitious amateurs could be trained in the techniques and create the code necessary to perform the breach, and that’s generally where you find the state behind the hack.
Take, for example, Hammertoss. A likely state-sponsored piece of Russian malware, Hammertoss scans a list of Twitter handles for instructions, reading a URL, a file size and an encryption key. Then it goes to popular code repository website GitHub and downloads an image. It scans that image for specific cues, and if it finds them, only then does it act. Hammertoss can sit on computers, dormant, conceivably for years without being found, and it’s such a complex, disconnected set of instructions that finding the true people behind the attack is effectively impossible. And, yet, that very complexity makes it unlikely in the extreme that it was achieved without state help.
Then, of course, there are the targets. Most computer criminals are uninterested in breaching government systems or, if they are, they do it for bragging rights. There’s simply no reason to breach, say, the DNC email system, let alone leak documents with Russian characters in the metadata for most hackers. Nor, for that matter, is America terribly unique: Russia has been accused of attempting to meddle in European elections far more directly.
All of which leads to another question. If Russia is committing crimes and everybody knows it, isn’t this the exact opposite of spycraft? Why so public?
A Desperate Russia Is Feeling Left Out
Russia is finding itself increasingly outmatched in the twenty-first century. When it invaded the Ukraine, Russia prepared for a shooting war. Instead, the U.S. and the EU imposed economic sanctions that targeted Russia’s rich elite directly and destroyed the Russian economy so thoroughly it may only now be starting to recover. Even if it does, population decline and low oil prices virtually guarantee Russia won’t be able to keep up economically.
Russia’s government is desperate not just to keep up with the countries it views as foes, but to prove to them that Russia is a genuine threat to be taken seriously, and to maintain Russia’s geopolitical power. Putin in particular has made it clear he believes the Cold War was the best time in human history, at least from a Russian standpoint.
So, in the end, many of these hacks are as much a bid for attention and a fist pounded on the chest as they are spycraft. The Russian government is attempting to assert power, to show that it is strong and that it is a threat. The question remains, though: What will happen when a country with a destroyed economy, a military struggling to recruit professional troops, and making as many enemies as it can, finally gets what it asks for?