Security Threats to Russia: The Analysis of the 2016 FSB Press Releases (Part 3 – Hacking & Other Challenges)

This is the third and last article in the investigative series in which I analyzed the 2016 press releases published on the official FSB website. In the previous two articles, I covered the FSB counterespionage and counter-terrorist operations during 2016.[1] These operations were the subject of more than one third of the FSB press releases. This means that they consumed a great deal of attention, time, and resources of the Russian domestic law enforcement and counterintelligence community. It is safe to conclude that espionage and terrorism are considered the primary threats to Russia’s national security.

However, there are several other types of illegal activity that were occasionally covered in the press releases and that can also be used as tools to undermine political stability and economic well-being in Russia. They involve cybercrime and cyberattacks (hacking), and arms and narcotics trafficking. In this article, I will discuss in detail the FSB press releases dealing with these types of law-breaking activities.

Cybercrime and Cyberattacks (Hacking)

The first 2016 press release concerning cybercrime activities, popularly known as hacking, was published by the FSB on June 1.[2] It reported that during the massive law-enforcement operation taking place simultaneously in 15 regions of Russia, the FSB, in cooperation with the Russian Ministry of Interior and the National Guard, arrested close to 50 people, suspected of being members of a hackers’ group. The group allegedly stole more than 1 billion 700 million rubles ($27 million) from various Russian banks. The FSB recovered some of the stolen money, in addition to seizing a large number of false bank documents, credit cards, and computers.

It is important to note that this was one of the first operations conducted with the participation of the Russian National Guard which was established in April 2016. Just two months after its formation, it is evident that the National Guard proved very efficient in fulfilling its duties. The press release, for instance, stated that the arrested individuals were brought to Moscow on the aircraft operated by the National Guard.

The number of arrested individuals and their geographical dispersion throughout Russia shows that the problem of hacking in Russia is quite acute. This can perhaps open another line of inquiry related to the unproven accusations by the U.S. intelligence community of the Russian hacking of the 2016 U.S. presidential elections. In other words, even if there is a Russian “trace” behind the hacking, perhaps it is not the doing of the Russian government? Could it not be that the hackers worked for their own private benefit or out of ideological beliefs, or were hired by the anti-Putin Russian oligarchs based in the West in order to strengthen the anti-Putin climate in the U.S. political life and make economic sanctions harsher and military confrontation more likely? This would of course depend on the expectation that the Trump administration will not be able to change anything substantial in this respect, which yet remains to be seen. However, judging from the pre-election statements, Tramp’s VP Mike Pence already appears to have taken the side of the anti-Putin hawks.[3]

The FSB press release published on July 30 dealt more specifically with the issue of cyberattacks and cyber-espionage.[4] In fact, it reported that the FSB specialists were able to uncover an especially damaging virus program infiltrated into the network of more than 20 organizations on the territory of Russia. These organizations included the Russian government, military, and academic institutions and even the sectors of the Russian military-industrial complex.

The FSB did not comment as to where this malicious software could have come from. It just stated that it resembled the software found in other cyberattacks around the world. In my opinion, the description of the way that the virus infected the victims’ computers and the damage it caused resembled very much the hacks perpetrated in the U.S., both on the Democratic National Committee (DNC) and on Hillary Clinton’s campaign manager John Podesta. Considering the timing of the release (the end of July), just after the Democratic National Convention in Philadelphia was over and the full extent of the U.S. hacks became publicly known, it definitely raises several very significant questions.

First, was this massive hacking of the Russian “critical infrastructure” a retaliation by the U.S. intelligence agencies for the DNC and Podesta hacks allegedly perpetrated by the Russian military intelligence agency (GRU)? And if so, will the hacked emails and information be made publicly available? Will be we soon be reading the embarrassing details of the Russian government and military officials’ undercover dealings?

Or, alternatively, was this perhaps done by a third party which also hacked the DNC and Podesta? Following in the footsteps of the James Bond classic “From Russia, with Love,” is there perhaps a secret (criminal) network which uses the rogue elements of different intelligence communities to amplify the confrontation between the U.S. and Russia? To get the U.S. to blame Russia and, likewise, Russia to blame the U.S. for criminal deeds actually perpetrated by this hidden network. This of course is a mere speculation. But the coincidence of the almost simultaneous cyber-attacks cannot be denied.

The third and last 2016 press release dealing with cybercrime was published by the FSB on December 2.[5] This press release warned the Russian institutions and the Russian public that unnamed foreign intelligence agencies were preparing massive cyberattacks, starting on December 5, with the goal of destabilizing the Russian financial infrastructure and creating social and political chaos. The release was fairly specific as to where the cyberthreat was supposed to come from. It claimed that the servers and command posts for this attack were located on the territory of the Netherlands and belonged to the Ukrainian hosting company “BlazingFast.” The attack was supposed be initiated via social media with the large number of provocative posts regarding the imminent collapse of the Russian financial system and was supposed to take place simultaneously all across Russia (in “several dozen” Russian cities).

Either the FSB successfully neutralized the threat or it was a false alarm, in any case, not much happened. The Russian financial system preserved its stability and in fact was strengthened as 2016 ended, because of the increase in the price of oil. However, the ties between the Dutch milieu and the aggressive Ukrainian anti-Russian cyber propaganda and hacking efforts were publicly revealed. This perhaps has something to do with the tragic fate of MH-17, the Malaysia Airline Boeing 777-200ER, flying from Amsterdam to Kuala Lumpur, which crashed in Ukraine in July 2014 under still disputed circumstances with most passengers onboard being Dutch citizens.

Arms and Narcotics Trafficking

The first 2016 press release concerning arms trafficking was published by the FSB on February 1.[6] It reported that the FSB arrested 3 individuals suspected of arms trafficking in the city of Izhevsk, the capital of the Udmurtian republic in the central Russia. According to the release, the arrested individuals were in charge of a criminal organization which "regularly" supplied the neighboring regions of the central Russia and Siberia with illegal weapons. At the moment of arrest, the FSB seized an automatic grenade launcher AGS-17 and more than 100 other automatic and semi-automatic weapons. The FSB did not specify who was purchasing these weapons and whether these individuals were also arrested. There was also no mention of whether the weapons were intended for terrorist activity, though it is difficult to imagine what else they could have been needed for, especially in the case of a grenade launcher.

About two and a half months later, on April 18, the FSB published another press release concerning arms trafficking.[7] It reported that 7 individuals, arrested in the city of Bryansk in the Russian central federal district, were suspected of illegal weapons smuggling. Several automatic weapons and revolvers, a great deal of ammunition as well as about a dozen grenades were seized. The report did not link up the arrested group with any act of terrorism, either planned or already performed.

The next FSB press release concerning arms trafficking, published on June 20, was longer than most because it elaborated on the on-going FSB operations, in tandem with the Ministry of Interior, directed toward discovering and closing down the network of illegal weapons manufacturies throughout Russia.[8] According to the release, a particular problem in this respect represents the activation of deactivated and self-made weapons (in Russian language, they are known under the acronym MMG) because they are very difficult to trace after being used in a criminal or terrorist act. The release noted that these types of weapons were used in several high-level assassinations, such as the assassinations of ex-deputy prime minister and opposition leader Boris Nemtsov and B. A. Kantemirov, a parliamentarian from the Kabardino-Balkarian republic. It also emphasized that their presence in Russia had substantially increased since the beginning of the violent conflict in Ukraine.

In addition, the release stated that in the period from 2014 to 2016, the FSB closed down about 100 illegal manufacturies and seized more than 3,500 different weapons. The release specifically mentioned that, in June 2016, 14 individuals were arrested in three different regions in Russia. They were all charged under Article 222 of the Russian Criminal Code, dealing with the illegal possession and/or trafficking of weapons.

According to the press release published on August 30, the FSB’s Russia-wide sweep for weapons traffickers and illegal manufacturies was also successful in the Far East.[9] The FSB arrested 7 individuals in the city of Vladivostok involved in the illegal making and trafficking of weapons. It seized close to 30 automatic weapons as well as a large quantity of grenades and ammunition. All arrested individuals were charged under Article 222 of the Russian Criminal Code.

Two months later, on October 25, there was another FSB press release concerning its activities against weapons traffickers and illegal manufacturies.[10] This time, the region of Tver in the central Russia was the focus of the FSB activities. The FSB arrested a group of individuals (not mentioned how many), suspected of running a weapons trafficking and manufacturing network. At the same time, the FSB conducted further operations throughout Russia. Altogether, it seized more than 250 automatic, semi-automatic and other weapons, a great number of grenades and various ammunition, and about 20 kilograms of explosives. It also closed down 8 illegal manufacturies. The press release did not make any indications that these weapons were intended for terrorists, though, as I pointed out above, this cannot be ruled out.

The last 2016 FSB press release dealing with arms trafficking was published on December 12.[11] It reported a large-scale FSB operation in the western and central regions of Russia focused on weapons traffickers and illegal manufacturies. 3 individuals were arrested and close to 100 different weapons were seized, including one grenade launcher. In the car belonging to one of the arrested individuals, the FSB found four 80mm grenades from the time of the World War II, which were subsequently destroyed. The release did not say what the intended purpose of these grenades was.

During the entire 2016, there was only one FSB press release dealing specifically with the trafficking of narcotics. It was published on November 17 and mentioned several FSB anti-narcotics operations.[12] One of the operations took place on the territory of the Moscow region in October 2016. 2 individuals were arrested and more than 100 kilograms of synthetic narcotics and 1,900 liters of liquid narcotics were seized. The narcotics-making lab was also discovered and shut down.

Another operation, conducted in 2014, which led to the arrest of 6 individuals and the seizure of 400 kilograms of narcotics with the market value of 400-800 million rubles [$6-12 million], resulted in the sentencing of the arrested individuals to 6 years in prison in May 2016. The release described in detail the modus operandi of these individuals. They never met in person, communicated only via the Internet using fake identities, and distributed the narcotics and money through the system of dead drops. Evidently, catching them was quite an accomplishment.

The FSB concluded the press release by noting that in the preceding two-year period, it seized more than 7,000 kilograms of various narcotics.

Conclusion

Both cybercrime and arms trafficking appear to be serious challenges to Russia’s national security. As I pointed out, foreign cyberattacks against the Russian “critical” infrastructure are on the rise. The sources of these attacks are not always specified, but they seem to be connected to the anti-Russian and anti-Putin forces in the West. They may be a part of the U.S. intelligence community’s strategy of retaliation (or offensive projection of power) against Russia. There is also a (remote) possibility that they are the work of a third party wanting to ratchet up the tensions, even to the point of military confrontation, between Russia and the U.S.

I have no doubt that we will see more of these types of attacks, with rapidly increasing severity, in the coming period. I therefore expect the FSB press releases in 2017 to cover this issue more extensively.

Judging by the number of the 2016 press releases concerning arms trafficking and illegal weapons manufacturing, this is clearly a major problem for the Russian internal political stability. The FSB, in collaboration with the Ministry of Interior and the newly-formed National Guard, appear to be regularly conducting large-scale sweeps throughout the country. They have had a great deal of success, but much more needs to be done. It is especially important to prevent the possible linkages of arms traffickers and illegal weapons manufacturies to terrorist groups, such as the Islamic State and other radical groups which have their followers and agents of influence inside Russia. On the other hand, narcotics trafficking appears to be less of a problem for the Russian security apparatus or, at least, it was so during 2016, according to the FSB press releases.

# # # #

Filip Kovacevic, Newsbud-BFP Analyst, is a geopolitical author, university professor and the chairman of the Movement for Neutrality of Montenegro. He received his BA and PhD in political science in the US and was a visiting professor at St. Petersburg State University in Russia for two years. He is the author of seven books, dozens of academic articles & conference presentations and hundreds of newspaper columns and media commentaries. He has been invited to lecture throughout the EU, Balkans, ex-USSR and the US. He currently resides in San Francisco. He can be contacted at fk1917@yahoo.com

NOTES

[1] http://www.newsbud.com/2016/12/28/newsbud-exclusive-security-threats-to-russia-the-analysis-of-the-2016-fsb-press-releases-part-1-counterespionage/ ; http://www.newsbud.com/2017/01/05/security-threats-to-russia-the-analysis-of-the-2016-fsb-press-releases-part-2-counter-terrorism/

[2]http://www.fsb.ru/fsb/press/message/single.htm%21id%3D10437717%40fsbMessage.html

[3] http://www.cnn.com/2016/10/16/politics/mike-pence-donald-trump-russia-hacking/index.html

[4]http://www.fsb.ru/fsb/press/message/single.htm%21id%3D10437870%40fsbMessage.html

[5]http://www.fsb.ru/fsb/press/message/single.htm%21id%3D10438041%40fsbMessage.html

[6]http://www.fsb.ru/fsb/press/message/single.htm%21id%3D10437666%40fsbMessage.html

[7]http://www.fsb.ru/fsb/press/message/single.htm%21id%3D10437706%40fsbMessage.html

[8]http://www.fsb.ru/fsb/press/message/single.htm%21id%3D10437720%40fsbMessage.html

[9]http://www.fsb.ru/fsb/press/message/single.htm%21id%3D10437876%40fsbMessage.html

[10]http://www.fsb.ru/fsb/press/message/single.htm%21id%3D10437888%40fsbMessage.html

[11]http://www.fsb.ru/fsb/press/message/single.htm%21id%3D10438047%40fsbMessage.html

[12]http://www.fsb.ru/fsb/press/message/single.htm%21id%3D10438042%40fsbMessage.html

 

FB Like

Share This

This site depends….

This site depends exclusively on readers’ support. Please help us continue by SUBSCRIBING and/or DONATING.

Speak Your Mind