Security Experts:

Connect with us

Hi, what are you looking for?



Russia’s Hackers Long Tied to Military, Secret Services

During the Soviet era, the country’s top computer scientists and programmers largely worked for the secret services.

That practice appears to have resumed under President Vladimir Putin, as Russia faces accusations of waging a global campaign of cyber attacks.

During the Soviet era, the country’s top computer scientists and programmers largely worked for the secret services.

That practice appears to have resumed under President Vladimir Putin, as Russia faces accusations of waging a global campaign of cyber attacks.

Dutch officials on Thursday accused four Russians from the GRU military intelligence agency of attempting to hack into the global chemical weapons watchdog in The Hague.

The agency has investigated both the fatal poisoning of Russian former double-agent Sergei Skripal; and an alleged chemical attack by Moscow-allied Syrian President Bashar al-Assad.

The Baltic states were the first to accuse Moscow of mounting attacks to knock out their sites back in 2007.

Estonia said one such attack had put the country’s main emergency service phone number out of action for over an hour.

Since then, accusations of cyber attacks have continued against Moscow.

The Russian hacker group variously known as Fancy Bear, APT 28 and Sofacy has been linked to GRU and accused of attacks on the US Democrats’ 2016 presidential campaign, together with Russia’s FSB security service, the successor to the KGB.

The skills of Russian hackers today developed from a tradition of excellent computing and programming skills dating back to the Soviet era.

“The whole structure of the economy was skewed towards the military sector,” said Oleg Demidov, a consultant at the Moscow-based independent think-tank PIR Center. 

“All the achievements of Soviet science including the first computers went to serve the military sector.”

The most brilliant students were pushed to work in the military and space sector, he added.

– Banking crime –

After the Soviet Union fell apart in 1991, its armed forces were broken up and most of the top specialists turned to the nascent banking sector in Russia, either to work there or to attack it.

In this era saw the first cyber attacks on banking operations and the first mentions of Russian hackers.

“Now Russian hackers are excellently trained and equipped and they still occupy one of the top positions in banking crime,” said Demidov — even if the Russian justice system has begun to crack down on them.

In 2016, Russian cybersecurity giant Kaspersky estimated that between 2012 and 2015, Russian hackers had stolen at least $790 million worldwide.

Russian computer scientists study at “very strong universities in Saint Petersburg, Moscow, Novosibirsk, Kazan or Krasnoyarsk”, said Denis Kuskov of TelecomDaily specialised research agency.

They “can work anywhere in the world, in any international company,” he added. 

In recent years, however, more have opted to stay in Russia, he said. “The secret services have grown more interested in good programmers and it’s easier for them to find work in Russia now.”

In 2012, the Russian defence ministry announced it was creating its own “cyber troops”. It launched a wide recruitment drive that included promotional videos on social media.

For Demidov, the growing wave of attacks attributed to Russian hackers has come about as Russia becomes better able to defend its own cyber security more strongly, the military sphere included.

“These efforts… have began to bring results,” he said.

Today however, even the most established players in Russian IT are in the sights of the West.

The US in 2017 imposed a ban on the use of Kaspersky’s anti-virus software by federal agencies amid concerns about the company’s links to the Russian intelligence services.

While many young Russians may choose to work for the military and secret services for reasons of patriotism, some may still be more interested by the money.

This week a military tribunal in Moscow held a closed-doors trial for the head of operational control at the FSB’s centre for information security, Colonel Sergei Mikhalkov and three alleged accomplices.

Kommersant daily reported that they were accused of passing secrets on the Russian secret services’ cyber technology to the FBI in return for $10 million.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona


The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


A newly identified threat actor tracked as NewsPenguin has been targeting military organizations in Pakistan with sophisticated malware.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...