With news of the US suspecting Russia of hacking into the Pentagon e-mail system still buzzing, it seems almost ironic that Russia's own Defense Ministry would fall prey to a similar information security issue. And yet, the mysterious Russian hackers Anonymous International have released official documents that they claim expose poor information security practices within the government department.
The group, known for its regular hacks and leaks of government and state communications, released an open letter on Friday, August 7, alleging that Russian Ministry of Defense officials have been emailing sensitive documents to one another for the last four years via free email services.
The open letter is addressed to Aleksandr Bezverkhny of the counterintelligence department of the FSB, Russia’s state security service and modern successor to the KGB. As detailed in the open letter, Anonymous International sees the “incompetence” of the Russian Ministry of Defense as “criminal negligence.”
Через бесплатные почтовые сервисы типа yandex.ru, mail.ru и американский gmail.com передавались незашифрованные служебные документы, часто представляющие собой секретную информацию, связанную с обороноспособностью РФ. В частности, таким образом передавались доклады и информация по вопросам, обсуждавшимся на совещаниях у министра обороны РФ и его заместителей. Информация проходила по незащищенным каналам электронной почты в открытом виде, легко доступная большинству заинтересантов.
Through free email services, such as yandex.ru, mail.ru, and the American gmail.com, they have transmitted unencrypted official documents, often containing secret information related to the defense of the Russian Federation. In particular, they used this method of transferring documents related to reports and information discussed in the meetings with the Minister of Defense and his deputies. The information that passed through the unsecured email channels in open view, easily accessible to the majority of those interested.
In addition to the open letter, Anonymous International (also known as Shaltai Boltai [Russian for Humpty Dumpty]) released proof of their allegations by providing a redacted document detailing the deployment of Iskander missile complexes and Pacific Fleet nuclear submarines.
However, Anonymous International are not simply moral crusaders seeking to improve the information security of the Defense Ministry. The group is attempting to sell some of the information intercepted from the Ministry of Defense on joker.buzz, a site that allows users to auction off stolen or sensitive information. According to the auction listing, the information (for the low price of 350 bitcoins, currently worth almost $100,000) includes four years of email correspondence with Ministry of Defense official Roman Filimonov’s assistant and the content of the assistant’s iPhone and iPad. The group did, however, offer a 50 percent discount on the price for Russian counterintelligence officers, “should they be able to prove their credentials.”
Unexpectedly, Dmitry Peskov, President Putin’s press secretary (and expensive watch owner), provided an official response to the allegations in the Anonymous International leak. Speaking with journalists on August 7, Peskov said that Russian special services would be tasked with verifying the authenticity of the reports. Putin's spokesman also called using free email services to pass sensitive government information “beyond insane” and “completely unacceptable.” This statement from Peskov was immediately relayed on most Russian state media outlets, including TASS, Interfax, and Rossiyskaya Gazeta.
RuNet Echo has provided extensive coverage of the various leaks by Anonymous International over the past two years. Like the previous leaks, the letter shaming the Defense Ministry seemingly attempts to humiliate the Kremlin, as well as particular figures within the government. However, this leak is unique in that it has received a quick—and widely broadcast—response from the Kremlin.
Though many may point to intra-Kremlin feuds and machinations driving both the leak and the reaction to it, perhaps the swift response from the Russian state was inspired by recent reports of Russian cyberattacks against the Pentagon. Though this leak isn't any more or less damaging to the Kremlin's reputation, it presents a convenient opportunity to save face and demonstrate that Russia is actually taking information security seriously.