Advertisement

These are the Russian cyber warfare capabilities that may have been used on the U.S.

Click to play video 'CSIS links Russia, China and Iran to COVID-19 misinformation' CSIS links Russia, China and Iran to COVID-19 misinformation
WATCH: CSIS links Russia, China and Iran to COVID-19 misinformation – Dec 3, 2020

U.S. Secretary of State Mike Pompeo said on Friday that Russia was responsible for a cyber attack that embedded malicious code inside U.S. government software systems and those of other governments and companies across the world.

The Kremlin has always denied Moscow’s involvement in cyber attacks against the West. It has said that Russia had nothing to do with this latest assault.

Here is some information about Russia’s possible motives for such an attack, and details about Russian cyber offensive and information warfare capabilities.

Read more: Russia ‘pretty clearly’ behind cyberattack on U.S., Pompeo says

Possible Russian motive

The Kremlin has said many times it wants to improve ties with the United States, which are at a post-Cold War low and strained by issues from Ukraine to Syria.

Story continues below advertisement

But it also openly views the United States as Russia’s main geopolitical adversary and as a threat to its national security.

President Vladimir Putin has accused Washington of starting a new arms race and NATO of moving military infrastructure closer to Russia’s borders, and has complained about U.S. sanctions, part of what Putin casts as an attempt to hold Russia back economically and technologically.

Click to play video 'CSIS says foreign actors engaging in COVID-19 disinformation' CSIS says foreign actors engaging in COVID-19 disinformation
CSIS says foreign actors engaging in COVID-19 disinformation – Dec 3, 2020

Russia regularly probes U.S. defences, flying nuclear-capable strategic bombers near Alaska and sending submarines into the Atlantic to lurk off the East Coast.

Putin has complained that outgoing President Donald Trump was unable to improve U.S-Russia ties and has singled out what he has called President-elect Joe Biden’s harsh anti-Russian rhetoric.

On Thursday, Putin blamed U.S. intelligence agencies for a series of recent media investigations into people close to him. Without providing evidence, he also linked U.S. intelligence agencies to what he presented as the stage-managed poisoning of Kremlin critic Alexei Navalny.

Story continues below advertisement

Putin did not congratulate Biden on his victory in the Nov. 3 election until Dec. 15. Putin said last month he was not worried that his delay in congratulating Biden would worsen U.S.-Russia ties.

Read more: ‘They got into everything’: Scale, threat of cyberattack on U.S. increasingly alarming

“You can’t spoil a spoiled relationship,” said Putin.

‘Cozy bear’

Some cyber researchers have suggested that Russia’s SVR foreign intelligence service may have been behind the latest attack.

In 2018, Dutch media cited unnamed intelligence officials as saying the AIVD, the Dutch intelligence agency, had linked a Russian hacking group known as “Cozy Bear” or APT29 (advanced persistent threat 29) to the SVR. The AIVD did not comment.

Click to play video 'U.S. election: Officials say Iran, Russia have obtained voter registration information' U.S. election: Officials say Iran, Russia have obtained voter registration information
U.S. election: Officials say Iran, Russia have obtained voter registration information – Oct 21, 2020

The Washington Post cited sources on Dec. 13 as saying the United States had identified “Cozy Bear” as being responsible for the latest cyber attack referred to by Pompeo.

Story continues below advertisement

Hackers from “Cozy Bear” were detected by cyber security firm CrowdStrike on the U.S. Democratic Party’s servers in the run-up to the 2016 U.S. presidential election when email accounts of Hillary Clinton’s staff were hacked.

In July, Britain, the United States and Canada accused “Cozy Bear” of trying to steal COVID-19 vaccine research from academic and pharmaceutical institutions around the world.

‘Fancy bear’

Read more: Malicious software found in Microsoft systems, related to U.S. cyberattack

Russian military intelligence, commonly known as GRU, has potent cyber offence capabilities, according to U.S. intelligence agencies.

In particular, GRU controls a hacking group known to cyber researchers as “Fancy Bear” or APT28 (advanced persistent threat 28) they have said.

It was that group, according to a Department of Justice indictment filed in 2018, that hacked the email accounts of Hillary Clinton’s staff before the 2016 election.

Reuters reported in September that Microsoft believed “Fancy Bear” had also targeted a firm working with Biden.

Click to play video 'Russia releases footage purporting to show test of Zircon hypersonic missile' Russia releases footage purporting to show test of Zircon hypersonic missile
Russia releases footage purporting to show test of Zircon hypersonic missile – Nov 26, 2020

In 2016, the World Anti-Doping Agency accused Russian hackers of stealing confidential medical information about U.S. Olympic athletes and publishing it online. The FBI later seized the domain of the site – http://www.fancybear.net – where the information was released.

Story continues below advertisement

“Fancy Bear” hackers have also been linked by cyber security investigators to cyber attacks on the U.S. and French elections.

The F.S.B.

Russia’s Federal Security Service, the FSB, is the country’s main domestic intelligence agency.

Read more: Russia suspected of hacking U.S. Homeland Security, thousands of businesses

The United States in 2017 charged two FSB agents and two hackers with masterminding the 2014 theft of 500 million Yahoo accounts.

The Justice Department indictment included charges of computer fraud, economic espionage, theft of trade secrets, wire fraud, access device fraud and aggravated identify theft.

It painted a picture of the Russian security services working hand-in-hand with cyber criminals, who helped spies further their intelligence goals in exchange for money.

Internet Research Agency

Click to play video 'Trump: ‘No proof’ Putin critic Alexei Navalny was poisoned' Trump: ‘No proof’ Putin critic Alexei Navalny was poisoned
Trump: ‘No proof’ Putin critic Alexei Navalny was poisoned – Sep 4, 2020

U.S. prosecutors say the St. Petersburg-based Internet Research Agency (IRA) played a key role in Russian efforts to try to sway the 2016 election in favor of Trump.

Story continues below advertisement

It did so, they say, by flooding social media with false reports and conspiracy theories in an attempt to exploit existing divisions.

The group is a Kremlin-backed outfit whose employees have posed as Americans, according to U.S. officials.

The U.S. Treasury Department in September imposed sanctions on individuals and entities linked to the financier of the IRA, who was charged in 2018, along with 12 other individuals and three entities, with conspiracy to defraud the United States for his alleged role in election meddling.