U.S. cyber-attacks will accelerate Russia’s efforts to create a Chinese-style firewall

The Bell

Hello! This week we take a look at what an escalating cyber-war between Washington and Moscow might mean for the internet in Russia. We also analyze Putin’s increasingly clear position on the arrest of U.S. investor Michael Calvey, remind you of the influential life of Igor Malashenko, one of the political architects of modern Russia who died in Spain, and give you a rundown on a murky treason trial that wrapped up this week with the sentencing of Sergei Mikhailov, formerly a senior officer in the FSB’s cyber-wing, to 22 years in jail.

U.S. cyber-attacks will accelerate Russia’s efforts to create a Chinese-style firewall

What happened

Revelations published in The Washington Post this week about a November U.S. cyber-attack on Russia’s ‘troll factory’ has shown that U.S. cyber command used ordinary hacking tools in their intrusion, exploiting lax security. This escalation in the confrontation between Russia and the U.S. won’t make things easier for ordinary Russians: the attack was likely one factor behind a political push to isolate Russia’s internet from the world.

Details of the cyber-attack on the troll factory, which occurred around the time of the U.S. midterm elections, have been confirmed by an announcement by the troll factory itself and from sources (Rus) who spoke to the BBC Russian Service.

  • An ordinary phishing email was sent to one troll factory employee, claiming to have important information about the U.S. elections. The recipient opened the file, which launched a program containing a Trojan virus that gave the attackers control of the computer. But this attack was contained because the troll factory had basic cyber-security standards and computers with internet access were not connected to the local network.
  • A second attempt to get into the network was successful. A different employee connected his personal iPhone to his work computer, which didn’t have internet access, but was connected to the local network. The mobile phone had a pre-installed program (how it got there is not clear), as a result of which the U.S. agents got access to the victim’s computer and the network. After this, the servers of the the troll factory’s U.S. operations were disconnected (the trolls maintain this didn’t impact their work).
  • For such an attack to have been possible, the U.S. must have done some serious preparatory work, in particular to figure out the identities of the trolls. It remains unclear how the Trojan virus got into the employee’s iPhone and whether U.S. agents managed to plant it there. Either way, the hackers were probably helped by the troll factory’s use of Windows, the vulnerabilities of which are well known to the NSA.
  • The troll factory has claimed that U.S. cyber command used data centers controlled by Apple and Microsoft to carry out the hack.

All this is bad news for ordinary Russians. The reports about a cyber-attack on the troll factory sheds new light on the introduction of a law that will allow the Russian authorities to cut the country off from the global internet, which was introduced in the State Duma a month after the U.S. attack and passed its first reading in early February. The idea to isolate the Russian internet appeared years ago, but the attack has surely given it a new urgency.

Why the world should care

A Russian-U.S. cyber-war — if this is what we are seeing — is sure to be a vicious cycle of tit-for-tat attacks. The Russian authorities are highly unlikely to give up: instead, they will speed up the introduction of new limitations on the freedom of the internet in Russia, further isolating the country from the rest of the world.

Putin backs the FSB against U.S. investor Calvey in off-the-record meeting

What happened

President Vladimir Putin has finally commented on the Baring Vostok case (which we wrote about in detail here), which saw the arrest of U.S. investor Michael Calvey. On Thursday, a court turned down an appeal and Calvey is due to remain behind bars until a hearing on 13 April.

Putin’s public comments on Baring Vostok have been limited to statements from his press secretary, Dmitry Peskov. But during an off-the-record part of his recent meeting with top media editors, Putin did talk about the case. The Bell has found out some of the details.

  • Four editors present at the meeting with Putin said that a question about Calvey was asked by Ilya Bulavinov, the editor-in-chief of business daily Vedomosti (Bulavinov declined to talk to us about the exchange). But sources told The Bell the question he asked was: does Putin know that the basis for the affair is a conflict between two shareholders and wouldn’t it be better to solve the conflict in a court of arbitration?
  • Putin responded by asking if Bulavinov had seen the case materials, and, on hearing Bulavinov had only seen fragments that suggest a corporate conflict, said: “you didn’t see the case, and the FSB thinks differently” (this is how two participants in the meeting recalled Putin’s phrasing; another remembered that Putin said “there is more than just a conflict between two shareholders”). Later, the president added that U.S. citizenship and major investments in Russia do not absolve anyone of criminal responsibility.
  • Bloomberg also reported on what Putin said about the Baring Vostok case at a recent “closed door meeting.” According to Bloomberg, Putin said he did not approve the arrest in advance, and, in general terms, defended the jailing of businessmen ahead of trial. The sources who spoke with The Bell do not recall this phrasing.
  • More technical details about the case have also emerged. Sherzod Yusupov, who made the original complaint to the FSB about Baring Vostok spoke (Rus) out for the first time. Yusupov alleged Baring Vostok managers pressured potential buyers of assets he was trying to sell use to raise money to take part in a new share issue for Vostochny Bank (in which Baring Vostok has a controlling stake). Yusupov, like Putin, hinted the investigation might uncover “circumstances” explaining why Calvey has been treated so harshly.

Why the world should care

It looks clear that the outcome of this case rests on a decision taken in the Kremlin. Although dozens of businessmen and politicians have publicly defended Calvey, this is clearly less important for Putin than the FSB’s conclusions, which are still largely unknown to the public. All this is bad news for Calvey — and Russia’s investment climate.

A political architect of post-Soviet Russia is found dead in Spain

What happened

Russian political scientist and media manager Igor Malashenko was found dead in Spain on Monday. His life is like a history of modern Russia: he worked with Mikhail Gorbachev and Boris Yeltsin, but declined a job with Putin. He also created, and then lost, Russia’s first independent television network. In recent years, Malashenko has apparently been weighed down by family troubles. Spanish investigators said it appears as if he committed suicide.

  • During the last years of the Soviet Union, Malashenko was a consultant to Mikhail Gorbachev and responsible for relations with the foreign press corp. He stood next to Gorbachev when he signed his resignation. When the Soviet Union collapsed, Malashenko left politics and created NTV, Russia’s first independent television channel. NTV was known for the quality of its journalists, its objective reporting about the war in Chechnya, and a fearless political satirical program. All of this was totally new for Russian viewers and quickly made the channel extremely popular.
  • In 1996, Malshenko was the political strategist behind Yeltsin’s election campaign in which he pulled off an astonishing victory. Not long before Yeltsin’s resignation in 1999, Malashenko was introduced to Putin, but he declined to work on Putin’s 2000 election campaign.
  • Soon after Putin became president, NTV was seized from its owners, dozens of journalists quit, and the channel was taken under state control. Malashenko, together with NTV’s investor, Vladimir Gusinsky, faced criminal charges and fled Russia. He didn’t return for almost a decade.
  • He eventually came back to Russia in 2009 and made a return to politics in 2018, leading the campaign team for presidential candidate Ksenia Sobchak (The Bell wrote about her here and here). She marketed herself as an opposition candidate, but many said she was a fake because she had no chance of victory and her participation seemed calculated to boost turnout, which the Kremlin desperately needed. In addition, her father had been very close to Putin. Malashenko admitted all of this, but believed it wasn’t a waste of time because Sobchak might become a real candidate in future elections.
  • It isn’t known why Malashenko decided to end his life. According to his widow, Bozhena Rynska, he had been suffering after his children from his first marriage cut ties during Malashenko’s difficult separation from their mother. Rynska wrote that he was afraid “they will take everything from him” in the divorce proceedings.

Why the world should care

In Russia, many commentators labeled Malashenko’s death “the end of an era.” While he wasn’t well known outside Russia, Malashenko was extremely important and behind many processes that have impacted Russia’s relations with the world. As Yeltsin’s daughter, Tatiana Yumasheva, once said, he was “one of the strongest, smartest, cruelest and most memorable political strategists of that time but he remained, luckily for him, in the shadows.”

Senior FSB cyber officer sentenced to 22 years in prison on treason charges

What happened

The most intriguing Russian spy case in recent years has come to an end. The former deputy head of the FSB’s cyber security unit, Sergei Mikhailov, has been sentenced to 22 years in prison for treason. But there is still no answer to the most interesting question: was Mikhailov linked to the hacking of the Democratic National Committee in 2016?

  • Mikhailov was sentenced (Rus) by a military court on 26 February. His co-defendant, an expert from cyber-security company Kaspersky, Ruslan Stoyanov, received 14 years.
  • Both men were arrested in December 2016, a month after the U.S. presidential elections and the arrest was reportedly dramatic: Mikhailov was detained during a FSB meeting and marched out of the room with a black bag over his head.
  • Mikhailov, Stoyanov and two accomplices, an unknown businessman and a former hacker who worked for the FSB, were accused of treason. Very little is known about the charges because the trial took place behind closed door, but media reports suggest prosecutors alleged Mikhailov gave an employee of American company Verisign, Kimberly Zenz (who, according to the charges, worked for the FBI), confidential materials about a criminal case against Russian businessman Pavel Vrublevsky.
  • The official version is bizarre: both Mikhailov and Stoyanov have maintained they are innocent and Zenz has denied her alleged role, even offering to testify at the trial (she was not summoned). Several sources familiar with the case told The Bell last year that Mikhailov was actually suspected of giving the U.S. information about Russia’s hack of the DNC. Special Counsel Robert Mueller subsequently filed extremely detailed indictments of 12 employees of the GRU, Russia’s military intelligence, which include the real names of the accused. The source of his information is unknown.

Why the world should care

This murky case has been shrouded in secrecy since it began, and the length of the sentences mean we are unlikely to find out any more details for a long time. It’s inevitable suspicion will linger that Mikhailov played a key role in one of the biggest political scandals of our generation.

Peter Mironenko

Support The Bell!

The Bell's Newsletter

An inside look at the Russian economy and politics. Exclusively in your inbox every week.