As President Donald J. Trump prepares for a call with his Russian counterpart, Vladimir V. Putin, Russia’s FSB Cybersecurity team implodes, amid allegations of US spying. What’s going on?
Dmitry Dokuchaev was making a good living as a Russian hacker under the handle “Forb” for over a decade. He even boasted about his lucrative trade in a 2004 newspaper interview in which, he claimed, he was netting between $5,000 and $20,000 a month by stealing credit card numbers and mercenary hacking. Then in 2014, he was approached by the FSB – the successor intelligence agency of the KGB. The agency gave him a choice: face jail time or work for them in their cyber crime unit. He chose the latter.
At his new “job”, The former hacker worked for FSB’s cyber-crime chief, Sergei Mikhailov. As employees of a domestic cyber crime unit, they had intimate access to the affairs of many Russians and may have leaked juicy details about the lives of Moscow’s most powerful politicians. We’ve heard the word ‘kompromat’ a lot lately, and they were in a position to get it all.
This week, a Moscow newspaper revealed the two had been arrested for leaking information, not at the bidding of their Kremlin masters, but allegedly to the US government. Vladimir Putin acted swiftly and dramatically.
Sometime in December, Kremlin guards stormed into a FSB board meeting, put a black bag over Mikhailov’s head and dragged him away, According to Moscow’s New Newspaper. The Kremlin charged him with treason, claiming he had allegedly tipped off US investigators on who was behind a coordinated Russian hack of the voter rolls in Arizona and Illinois.
The hacks were widely reported in July, and although the identities of hundreds of thousands of voters were compromised, it wasn’t immediately clear why? The hackers had got in, but they hadn’t done much. What was clear was that Russian fingerprints were everywhere. A spokesman for the Arizona Secretary of State Michele Reagan told CNN, “We indirectly heard that the credential and username posted online was from a known Russian hacker.”
As the heat turned up on the Intelligence Community to reveal some proof, their alleged informant, Mikhailov, likely led them to Russia’s “King Servers” according to online chatter. Investigators were able to link the company’s owner, Vladimir Fomenko, to the majority of domains which initiated the hacks on Arizona and Illinois State election Board servers. “While these IPs are physically located in the U.S. and The Netherlands, “King Servers” is based out of Russia,” according to cyber-security firm Threatconnect.
The FSB also made two other arrests in December. The chief cyber-investigator of Russia’s Kaspersky Labs, Ruslan Stoyanov and one other person, who has not been identified.
It’s entirely possible the pressure to release the information publicly, compromised the alleged US spies, who now face serious jail time, or death. More troubling, the furor may have cost the Intelligence Community a direct source in the Kremlin.
As a side-note, Andrei Gerasimov, the architect of Russia’s domestic Cyber security operation was fired, presumably for overseeing a very leaky department, according to the New York Times.
We know Russia had sought to influence the elections but now we have confirmation, they were also after the US voter rolls, what isn’t clear is why? “We cannot determine the actors’ motivations and what they would ultimately seek to do to or later target with any collected intelligence,” Threatconnect says.
The phrase “later target” is what caught my eye. It’s common practice for hackers to plant code which they later activate. Could Russia be planning to do something with the information? Had they created a back door they could later access? After all, it’s the same FSB which is charged with “securing” Russia’s voter rolls and elections.
Which brings us to the unusual obsession by the new President to investigate voter fraud, claiming 3-5 millions people had voted illegally – and not for him – in the recent election. All unfounded. While popular wisdom blames this obsession on Trump’s insecurity over losing the popular vote, Trump is too shrewd a strategist to simply be stewing over an election he already won.
And it seems to go further than just the Oval Office. Vice-President Mike Pence told Republican lawmakers this week. “What I can tell you is that I would anticipate that the administration is going to initiate a full evaluation of voting rules in the country, the overall integrity of our voting system in the wake of this past election,” Pence said.
Russia’s relations with the Trump administration have cooled since the revelations of Russian hacking surfaced. A planned summit between the two leaders had been put on ice but now that chill is thawing. Trump and Putin will talk on the phone on Saturday. On the table? Lifting sanctions in exchange for co-operation on ISIS and a nuclear arms deal.
Until Russia’s role in the Arizona and Illinois State Election Board hacks is determined, and until we know why the alleged US spies were arrested, it may be prudent for President Trump to heed British Prime Minister Theresa May’s advice, “with President Putin, my advice is to ‘engage but beware'”. Is President Trump listening? The answer could lie in what Putin will do for him in return.
(My post on this strategy can be read here.)