Hintergrundgespräch: Russland, die Hacking-Supermacht?

Background Discussion

Russland werden seit Jahren weltweit Hackerangriffe und digitale Desinformationskampagnen zugeschrieben. Der russische Staat gilt als extrem einflussreich in der digital vernetzten Welt. Doch wie stark ist die Hacking-Supermacht wirklich?

Am 1. Juni um 18:30 Uhr ist der renommierte Moskauer Journalist und Geheimdienst-Experte Andrei Soldatov bei uns zu Gast, um mit uns über die Hacker-Szene und die Cyber-Sicherheitspolitik Russlands zu sprechen. Das Hintergrundgespräch führt Stefan Heumann, Mitglied des Vorstands der Stiftung Neue Verantwortung.


– Beginn des Transkripts –

Es handelt sich um ein Transkript des Hintergrundgesprächs mit Andrei Soldatov vom 1.6.2017 in der Stiftung Neue Verantwortung. Der Text wurde zur besseren Lesbarkeit und zur Anonymisierung von Publikumsfragen bearbeitet. Es gilt das gesprochene Wort. Rückfragen zu diesem Text bitte an Sebastian Rieger (srieger@stiftung-nv.de). 

Stefan Heumann: So Andrei, I was wondering: Russia has been struggling for international recognition I think for many years. Do you think that Vladimir Putin and the people in the Kremlin, in the government, are happy right now? I mean everybody is talking about Russia right? Russia has not been more in the news than any time I can remember. What's your sense?

Andrei Soldatov: First of all thank you for your invitation and thank you for having me here. Thank you for coming to this event. Well of course I do not talk to Vladimir Putin so I can only guess what these people think about. But given how emotionally they talk and think about this problem, the lack of respect and how they believe in the idea of a besieged fortress, that Russia is besieged by enemies and constantly under threat, under attack if you will. Yes, I think now they might be think that finally Russia propelled itself onto the world stage. Just to give you one example which I think is a very telling thing, 7 years ago we got the biggest spy scandal in the United States. Then Russian spies were caught by the FBI including Anna Chapman. Surprisingly this scandal was portrayed in two countries as a big victory. So it was understandably a big victory for the FBI because they had traced down these guys for years and finally caught them, sent to jail, swapped them. So it was a perfect counter intelligence operation. But surprisingly it was also a big victory for Russia. 

When these guys were finally swapped and sent back to Russia, to Moscow, they were given the red carpet, the Kremlin gave some awards and some good positions in some companies and why is that? Because the idea was we are back. No matter what we can't do in terms of spying but we can send a very strong signal. Just like in the Cold War we can send our people to the United States, the biggest and the most powerful country in the world and have them living there for decades. The very idea that you can have people in the United States for doing apparently nothing but nevertheless it was such a strong message for everybody and people felt proud. 

Then we got this scandal with this election last year. And lots of people in Moscow, they had very mixed feelings. On the one hand they tried to use every opportunity to say that Americans are stupid, they cannot properly identify Russian hackers, it's all bullshit but at the same time there was a sense of pride that we can do that. That actually Russia became the third player in the US election. 

Stefan Heumann: Hacks, the leaking of documents during elections, fake news stories to manipulate the media and discredit traditional media. This seems to be something new. Especially in Germany there is a new debate around it, how this might threaten our democratic institutions. I think in Russia this has been going on for much longer. I would like you to comment on this thesis that these techniques that we are currently seeing employed and were employed for example in the context of the US election and that people are concerned about being employed in the context of the German election, how these techniques have appeared in Russia for a long time and how they have been used to suppress civil society or go after political opponents or investigative journalists like yourself. 

Andrei Soldatov: Actually it's a very long story and it maybe started in the late 1990's. The very first website with compromat was online in 1998. It published compromising information about high level officials and journalists. So it's a very, really a very long story. The idea what you can use, technique like spearphishing, not just to collection some information but to make it public, to attack some people and to try to sat that everybody in the country are corrupt so there is politics should be left to the Kremlin is actually the message the Kremlin tried to convey for many years. There is no point to take part in politics because everybody is corrupt but at least people in the Kremlin are professional. So that was the basic idea and that's why they tried to find something on every guy who has some sort of reputation. It might be a journalist and in this case it might be some sex things. Maybe some money he appears to accept. It might be a politician, a popular politician. Again the same story as a technique the Kremlin used was mostly about hacking into the email accounts. Yes they tried with taking down websites and that's also a very long story, actually started in 1999 in 2000 because of the second Chechen war. Backt hen the Kremlin was desperate to take down the websites of Chechen separatists and that was the moment when we got the very first digital attacks. Lots of people got involved in hacking into attacking them. Relatively late, only in 2007, 2008 we got the same tactics applied to Western countries and first was Estonia of course, but in Russia it was a very long story. For example, during the Moscow protests in 2011, 2012, we got things which looked very similar to what the United States faced with the last year. We got email accounts of Russian activists and opposition leaders hacked. 

We got the Russia system of surveillance used against prominent Russia opposition leaders like Boris Nemtsov and his phone recordings were leaked just a day before a big protest rally in Moscow with the apparent goal to disrupt the protests (it didn’t work). It looks like sometimes it's not about only about techniques it's also about the same people, literally the same people. Last September, Threat Connect, a cyber security company in the US,  quite famous for providing digital forensic, detected that the same bears, Fancy bear, attacked Russian journalists. So it looks like we have not only techniques but people attacking the Western targets but also the  targets inside of the country. 

Stefan Heumann: You just mentioned the hackers or Vladimir Putin put also patriotic hackers, maybe you can give us also some context to understand, because this is a really interesting time when the internet came to Russia in the 1990's was opening up of Russia of course to the West but it also was a time of economic crisis. Actually Russia was one of the first countries that was among Eastern European countries that seemed to have developed a strong kind of criminal cyber scene environment. Can you speak a little bit about that, what kind of factors drove that and why that became such a big thing in Russia in the 90's and maybe from that forward how that scene was related also to the government, how the government viewed this criminal cyber activity and the relationship between it? 

Andrei Soldatov: Yes actually it's one of the most interesting stories personally to me, because what we need to remember is the Soviet Union enjoyed the largest engineer community in the world. Literally we had more engineers than the United States. The only reason for that is that Stalin wanted to have lots of people working in supplying his military complex and security services, the KGB. That's why he launched lots of polytechnic schools all over the country. The problem was that these people, they were given good technical skills but the political leadership of the country was not interested to give them a proper University education. What does it mean? People were given mostly technical skills, we had not taught them humanities properly and certainly they were not taught ethics of a profession and it's still the case unfortunately. So what happened next when we got 1991. 

We got these people with lots of them living all over the country including the Baltics, for example, or Ukraine and Georgia, and all of a sudden they lost their social standing. Because the military industrial complex failed to give them proper job and meaning. So many of them retreated to Russia. Lots of people just moved from Baltics to St. Petersburg and we got lots of people in their 40's and 50's but also they took with them their childrend. They were very desperate because they were smart, they understood they were smart but they had nothing to do actually. It was quite natural for them to turn to the computer sciences because we were good at that. Some of them started very good companies that's why we got such a great IT industry in the country. Actually Russia is one of the very few countries in the world which have internet services which compete with American companies. We have Yandex competing with Google, we have Mail.ru which is sometimes more popular than Gmail, we have Vkontakte which is a way more popular than Facebook in Russia. 

So we had lots of very good internet services. At the same time we have lots of people who have no ethics. That is something. They also feel betrayed, not by the government but by the West, because they believed that it was the West who destroyed the Russian military complex in the 1990's. It was a kind of conspiracy against them. So quite naturally we got this very fertile ground for lots of criminal gangs with very good technical skills. But still these people have a narrow focus on computer sciences. That's why they are so good. But what happened next, for many years in the 1990's, they were not very interested in political things. They were making money, they were doing something interesting, maybe some fun but in 1999 when we got the second Chechen war, it was such a crazy climate in Moscow and I remember that very well because I was working for two newspapers and I was covering terrorist attacks in Moscow so we had lots of people outraged by terrorists and they wanted to do something about it. 

They couldn't go to Chechnya to fight but wanted to do something sitting at their desks. Quite interestingly, Russian security services which were paid well and they had all their resources, all technical capacities to do things, they completely missed the point. In the 1990's, Russian cyber agencies tried to prevent a completely different kind of threat... they actually completely miscalculated the threat. They believed the biggest threat for Russia in terms of cyber was supposed penetration. Like you need to control and protect your government communications against tje US intelligence penetration. Actually it was not a mistake but also very profitable because you can sell a lot of equipment and Russian security services had lots of enterprises. So it's a very profitable business. But when we got the war, the second Chechen war, we got all these websites launched by Chechen rebels, all of a sudden it was quite clear that there was no one who can fight and take down these websites. 

The Russian foreign ministry sent some requests to Western countries where these websites were hosted. The answer was no, and all of a sudden, we got students in Tomsk, once again the Technical University of Tomsk is quite famous, and these students were so outraged that they attacked some of these websites by their own and that was a trick. The local department of the FSB seized the opportunity and immediately issued a statement, to the effect that this people did nothing criminal, they were doing their patriotic duty. So actually they encouraged that. That was the moment when the Kremlin found this thing that you can encourage some people doing something amd you can always deny a responsibility because these people have nothing to do with the government -- they're students. Of course, over the years it became clear that this is now not only about students, it’s also about people who have some affiliation with the government. Some of them were paid directly, indirectly but the Kremlin always has tried to maintain some distance. 

So these people were working for the government but they were not part of the government. That was a trick, the Kremlin said it's not about us, it's about some people outraged by Estonia, by Lithuania, by Georgia, maybe by United States but it's not about the government agency. Exactly the same line was maintained last year with the US election. The very first comment made by Putin spokesman Dmitry Peskov, in June when he was asked about these fundings that Russian hackers were in the system of the Democratic National Committee -- he said “I completely rule out that any government organizations could do this.” I think it's really telling that he said it's about government organizations. He tried to make his point that it's not about the government. This might be about Russia hackers but it's not about us. 

Stefan Heumann: But it seemed like the security agencies left the cybercrime scene to itself as long as people were not targeting Russian interests. This seems to have changed. Have you seen more direct recruiting, to either get them voluntarily to cooperate or even maybe forcing some people to work with the security agencies? 

Andrei Soldatov: It is a developing story and it has different stages. It looks like we can define these things at least in two stages. The first stage is what we got from 1999 to 2014. At this stage, we are talking mostly about people, let's say at the administration of the President, and some intermediary -- it could be some pro-Kremlin youth movement. There were some criminal hackers doing a real job but back then at this first stage, criminal hackers, they tried to give some distance, so they tried to not to talk directly to the FSB out of fear to be one day exposed. We actually wrote a story about one of these guys back in 2012 -- he was arrested recently in Spain, he was expelled literally expelled from the hacker community because he got into one of the secret forums and said – “look, maybe it's time to do something for our country and I want to invite some people from the FSB to talk to us,” so actually he opened the door for the FSB and people were so frightened that they immediately expelled him. But it looks like in 2014, mostly because of the annexation of Crimea, we are coming to the second and this stage, is slightly or maybe not slightly different. 

Now we got closer cooperation, not only between criminal hackers and the security services and we have proof of these, because of for example the recent investigation of attack o Yahoo when we see there the FSB officers. They were working directly with criminal hackers but also we got a closer cooperation between say government agencies, not only security agencies but government agencies and the IT industry. It looks like we got this climate of fear and mobilization in the country because in 2014 it was crazy in Moscow because everybody should be United against an enemy, you need to be working for the country and everybody understand it. Lots of people got the point. The IT industry found itself in a situation that if they were approached by the government and asked to do something sensitive there is no way to say no. 

So we got some companies, literally approached by some ministries, by some officials and ask them to, for example to help to do DDoS attacks. They were in position to say only yes and to lend a guy. We know this story because one of this guys was so frightened that he fled the country and now he's, as far as I know he's in Prague but he carefully recorded all his conversations with all the officials, that's why we know it's true. But that's the second stage when we got a much tougher situation than we had --  a closer corporation of criminal hackers and closer corporation with the IT industry. 

Stefan Heumann: In 2014, internet security companies were observing changes in the way Russian cyberattacks were conducted. They became much more aggressive and even if they were detected, the attackers would continue and there was a really a new scale of this. Would you explain this as a response to the Ukraine crisis and a more aggressive posture to the West?

Andrei Soldatov: Actually I see the same trend, because the nature of attacks also changed, like before it was mostly about phishing and DDoS attacks and in 2015 we got really something new and much more sophisticated, there was an attack on a power plant in Ukraine in December, that was something completely different in terms of technology because it took a lot of time, it looks lots of people. Hackers were in the system for maybe seven months. It was maybe the very first attack on so the called critical infrastructure and a very successful one. That was the very first time. So yes, it looks like something completely changed, still I'm a bit cautious to say why exactly that happened -- maybe because of the reasons I talked before. 

I know the narrative that we all got through the news -- everybody excited by this news that the Russian ministry of defense, they announced that now they’ve got these cyber troops, information warfare troops, all this stuff. 

But what we need to remember about the Russian military, that for many years, almost for 22 years after the collapse of the Soviet Union, quite unlike say Western countries, the Russian military were almost completely banned from cyber in Russia. It was all for the secret services. The security services controlled everything. They had a monopoly on cyber, not only they had capacities and they had budgets they also defined the rules. The military for years, they tried to find a way how to get into this field and the FSB was not very happy with that. For example, in 2010 when the military just said, “Maybe...we need to launch something to deal with cyber,” immediately the FSB issued a public statement to the effect that the military had to mind their business, they didn’t not know what they were talking about. So we got the military involved in cyber relatively late. Only 2013-2014.

This happened mostly thanks to the minister of defense Sergei Choigu -- because he is popular, and he's extremely loyal to Putin so he found a way to explain to Putin that the military need this. So they started publicizing everything about it. That's why if you look at say public statements made about cyber in Russia, in Russian, you see that it's mostly about the military. The FSB, which still have the biggest cyber capacities, they are absolutely silent, they never talk about these things. The military, on the contrary, they love to publicize themselves because they try to secure the ground. But we should not be misguided by these statements. Still the FSB is the biggest player in this field. 

Stefan Heumann: When people talk or write about Russian cyber capabilities, they often use the term information warfare. But what you are really saying is that the military didn't really play such an important role.

Andrei Soldatov: The figures, sometimes it's useful where the Russia security services and the military, all of them they have their own language. Information security, information warfare is a language used and developed by the FSB. We got these things mostly for two historical reasons. First,  because of the second Chechen war, because back then Putin needed to explain to the Russian people why we lost the first Chechen war. Of course we all know who to blame, journalists, of course. “Journalists they led us to this trap and we lost our war because of journalists. That's why we need to have a special system of information security. To protect us from hostile actions of Western media.” 

That's why we got this very first doctrine on information security in 2000 signed by Putin. The thing was developed by the FSB. So when the military as I said became involved in cyber, they needed their own language and they came up with the concept of hybrid war. This is the language used by the Russian military. 

Stefan Heumann: I want to move you into 2012, 2013. You had the election that you mentioned in 2012. There were reports about election fraud and protest on social media. I think many people here in the West forgot how much really that threatened the political leadership and Putin's political. At the same time the Arab Revolutions had challenged governments in the Middle East and showed how quickly you could mobilize movements with network technologies like social media. Was that really an important turning point? How did the security agencies and Russian government react to this? 

Andrei Soldatov: Once again, what is important here is context. The Kremlin is in a kind of pace, a competition with the West which started maybe in the early 2000's. This competition is about technology to bring people to the streets. So the usual traditional means of mobilizing people and getting them to the streets are opposition parties or trade unions. By 2002, 2003, Putin crushed opposition movement, opposition parties and trade unions and put everybody under control. When we got color revolutions. Color revolution was seen by the Kremlin as a new technology developed by the West to deal with the country where traditional means of mobilizing people are crushed. So you can launch your youth movement very quickly out of scratch and to have people mobilized very quickly. The Kremlin responded launching its own youth movements to deal with the problem on the street. So when the crisis come and you have thousands of youth in your streets you have your own youth to fight them. The Kremlin was pretty relaxed about this, they thought that they've won this competition. But when we got the Arab spring and the Kremlin saw this again as a technology developed by the West -- when you can't get people to the streets, you have no traditional means, no parties, no trade unions, even no youth movement. What do you have? You have social media and that really scared people in the Kremlin because it means that you have nor organization, you have no leader. It’s a big problem because the FSB has a traditional scheme, how to look into everything almost. It's a scheme I know because when I was interrogated by the FSB, I've actually had it explained to me...it was pretty easy. So if you have something like an event or crisis so you try to identify an organization, a leader and the channel to outside, to channel money or expertise or training. So they're looking into these three things. But in terms of social media and the Arab spring you do not have an organization, you do not have a leader to follow him and you do not have any channels to outside to channel money or anything else. That poses a big problem -- a new big challenge for the secret services because actually it means that the next crisis will be a complete surprise. That scared them. That was to reason, what we need to understand that the events in Moscow, they were relatively small. We are talking mostly about Moscow and at the peak of the protest it was maybe 70 okay 100,000 people in the streets, which is almost nothing because in Moscow alone we have 14 million people living. So it's 100,000 people, is it really that big? 

But for the Kremlin it was a part of the Arab spring technology brought to Russia, they always tried to put it into the context. They believed that now the West tried to use this technology against them. That's why we got such a harsh counter attack because. They really believed that it was a part of the global event and also what didn't help were all these remarks made by some advisors to Hillary Clinton. One of them said, Alec Ross I think, that was his name, who said now we see Che Guevara is social media, so of course people in Moscow, and they're always paranoid, they’ve got proof of what they believed.

Stefan Heumann: Then one year later, 2013, the Edward Snowden revelations happened, the media reports start to come up. Snowden ends up in Russia, in Moscow and I know you've spoken about this but it's interesting first: How did he change the discussion in Russia? Especially also the security agencies in the Russian governments thinking about this problem? 

Andrei Soldatov: Well I should say that as a journalist I was really skeptical when he landed in Moscow and critical of him because his very first steps in Moscow were not that encouraging. For example he said that he would have a press conference but decided not to invite journalists, so that was really strange. He invited human rights activists but these guys were not chosen by him, but by the Kremlin. It was all very secret. When he made it his policy not to meet and talk to Russian journalists or foreign journalists based in Moscow, for example it's impossible for the Guardian correspondent in Moscow to talk to him but it's possible for the Guardian in London to fly to Moscow and to have a conversation with Snowden and we all understand the reasons -- because the Moscow correspondent inevitably would ask about the conditions and circumstances in Moscow, all these questions about his life in Moscow. 

There was a moment when it looks like Snowden understood that he needs to do something with how his revelations were used and exploited in Russia because when he landed, immediately an opportunity was seized by the Russian officials and everybody from the State Duma to the Council of Federation, they started telling things like we need to protect Russian citizens against NSA that's why we need to attack Google, Facebook, Twitter...we need to land them in Russia. We need to force them to move the service to Russia. 

We understood the reason why, the real reason. The real reason was not the protection of personal data of Russian citizens because actually nobody asked them to protect our data. The real reason was that we have a very sophisticated system of surveillance but to make the system effective against Google you need Gmail service being in Russia to get direct access to it. That was a goal, I'm not speculating I'm telling you the legislation because it's actually all written in the law that once the service is on the Russian soil the service should be accessible to the Russian secret services. 

A year later Snowden decided to do something about it. There was this in-call show that Putin has every few months and Snowden gave a call on Skype and he asked about mass surveillance in Russia. Putin’s remarks and Putin's answer was partly true...it was really Putin. He said we cannot do that because it's against Russian legislation and also we cannot do that because we do not have technical capacities. It was partly true because actually, they want to do this and we have the Russian legislation on mass surveillance but they can't because they do not have technical capacities. Initially I praised Snowden’s question because I thought maybe at least it could help to start public debate in the Russian society, unfortunately it never happened. 

Unfortunately, we needed to wait another year and a half to have people really get interested in privacy and it was not because of Snowden but because of the implementation of the Russian system of internet filtering. Finally, and that's why I'm so optimistic, sometimes you can get very surprising moves, surprising things. Like in the Fall of 2015, all human rights activists in Moscow and all journalists writing about this stuff completely give up on public. They thought that we cannot get public interest in internet privacy. But in November, Russian government made a huge mistake, they decided to ban Rutracker, the biggest Russian torrent, a video sharing website where you can see movies for free. Immediately Russia skyrocketed to the second position in the number of users of Tor. Three months past or four months past they decided to ban PornHub wow you can imagine, the people immediately understood how to use VPN's, how to use messengers and secret chats and all this stuff so actually we need to praise the government, they do crazy things sometimes that helps to increase awareness of ordinary Russian citizens about privacy. 

Stefan Heumann: So I want to take you back to today and put in some statement where he of course denied any Russian involvement in the hacks of the democratic national council. Maybe briefly elaborate on what is your assessment – did you have any questions or doubts whether the Kremlin could be involved? 

Andrei Soldatov: Well, let me start with this. Digital forensics has some limits and these limits are to this moment that you can properly identify the country behind the attack, you can do that now. So all these full things that it might be grey, not doesn't work these days. You can also identify whether it was a state backed effort but that's the end. You cannot go further, you cannot say what particular agency, what particular department was behind it. 

Stefan Heumann: What would tell you that it was state backed? 

Andrei Soldatov: There is some technical signs, for example it's about the time and it's about how much efforts, how much resources were spent on this attack, how many people. You can...there is some sort of agreement between cyber security experts all over the world, but these days digital forensics can do that. That was actually what we had in the summer of last year but when unfortunately tech companies decided to go further and to name the agencies and that actually gives some advantages to the Kremlin because immediately they spotted this weak point that there is no real proof to say that was a GRU, that was an FSB. They tried to attack these weak points, trying to compromise the whole scheme. The U.S. intelligence agencies,  when they decided to launch the report in the fall, they decided just to repeat what had been already said by tech companies, of course what we got, we got lots of people disappointed, we expected some real proofs, especially after Snowden you cannot trust your agencies just because they said that. 

Now, you need to give some proofs. The US intelligence agencies, they just failed to do that. We got only some strange claims like we know what we are doing now, you should trust us. And it looks like only in December and November the law enforcement started thinking about how to get the real intelligence about what had actually happened. That's why I think we got the arrests of Russian hackers all over the world. My guess is that maybe it was because the US intelligence finally decided to collect real intelligence. Almost all of the hackers arrested, they have been known to have some contacts with the Russian secret services. 

It looks like the US intelligence tries to approach these guys and to force them to disclose what they know about Russian security services, how tney do these things and what kind of environment we have. But it also helps us understand the whole picture. Which means that we still have this cooperation between informal actors and formal actors. Still it's not like China. I think it was a big mistake to think that it's just like China when you have your military and people in uniforms doing this stuff because they've been given the orders. No, it's not like this. We have this corporation, it's actually a historical thing because the IT industry, for years in terms of cyber security was much more competent that the FSB or the military, they had more experience, more knowledge, more competence in this field. For years Russian IT companies have advised the Russian security services. 

Stefan Heumann: Bringing you back to the news reports of today, I'm wondering maybe this is the peak of Russian cyber power? Putin is getting all this international attention immediately, the New York Times reports it's breaking news on CNN, it's everywhere. But at the same time, everybody seems to be better prepared. The attack on Macron is a good example. Maybe these kind of operations that have worked so well during the past will stop working in the future. Would you agree with his?

Andrei Soldatov: I'm a bit more pessimistic. I love to be an optimist but maybe it’s time to be more pessimistic. The real achievement the Kremlin got in the United States is just the idea that Russia could be powerful and could play a big role in the election. It looks like it was exactly the same in France. What was the point to expose all these things a day before the election? Maybe just to show that Russia could play a role. But the problem is if you have this level of expectation it means that you can try anyway, just because it would mean that you would look powerful. My biggest cencern is that, what you say about this information and fake news. The problem here is much, in my view, much deeper. The thing is that there was, for years, almost for decades a big gap in terminology between the West and Russia, how to talk about cyber. 

The West always wanted to talk about cyber, cyber security and cyber weapon etc., the Russians has insisted on talking about information security.  Why is that? Because the West wanted to talk about cables and computers. The Russians wanted to talk about the content. My problem is that it looks like we all started talking the Kremlin’s language. This could be really dangerous because we sort of accept that we are in a kind of information war, right? So maybe one day it would come that we need to stop this war. But if we decide to end this war with Russia, talking about information aggression and information war, they could say okay fine we stop fake news and you stop BBC and please, maybe we can lay some borders on the internet, why not? Because it's all about information warfare. So it's extremely dangerous and it also had some effect, I really believe that it could end up with some censorship because if we started talking about censoring content and look into the content and trying to judge journalists and trying to judge experts on what they say, well that's very Russian. 

Stefan Heumann: Okay but a dire warning I think for all of us as we grapple with this problem currently but I want to open it up to questions, I will try to draw a list as I see the hands go up. I see the first hand, please go ahead. 

Guest: I have a question about reaction and I guess even more so about deterrence because as we saw in the US, they were not really able right, to deter the Russians, actually the Russians carried away a big victory. So my question is there a way to either preventable or reactively counter act these strategies that the Russians are now carrying out. So I think that connects a little bit to the last question and is deterrence possible at all if we look at these kind of operations? 

Andrei Soldatov: It's a very good question, actually we tried to answer this question in our chapter, because it looks like for years the United States and Russia and the European Union actually, they had in place the system which was designed to prevent this kind of things. This was called cyber CBM. Cyber confidence building measures. The idea, it's very bureaucratic, but basically the idea is to try to use experience which was developed in the Cold war to deal with nuclear weapons, now in cyber age. It’s stupid, to be honest. The idea is basically to have a hotline so when you see something coming out from this particular country you can maybe call or text the message and say okay we are thinking, you are doing something crazy so maybe you can stop. That’s exactly what the Americans did in the Fall of the last year.

Of course it cannot be comparable with the nuclear because when you have a nuclear test or nuclear launch you cannot deny that it is about your government, you cannot say it's some rogue elements. With cyber, you see what happened. I think that triggered this very emotional reaction I mean this US intelligence report because we understood, they had a conversation between Obama and Putin in September in China. It didn't have any effect, when they tried to use this system, this hotline, again the same effect, then they decided to publish this US intelligence report, everybody said there was nothing there. Finally, we got the new sanctions. To be honest I think it was a big failure because the idea of sanctions, as far as I get, was to give an example of what to do for other countries if say something similar happened. But you cannot use this example, you cannot expel 35 Russian diplomats from France, from Germany. Even in the Cold War it was used only by UK, by USA and once by France maybe. So you cannot expect, say, Finland or the Baltic countries to do the same thing. The American officials also tried to say “look we have a secret part of the sanctions you just don't see the real effect,: but what we got we got Macronleaks, which means that no, Russian hackers were not properly deterred.

I'm not in position to give any advice but as far as I get at least one thing working with China, the indictment. When you have a proper criminal investigation, you identify people, you launch a real law enforcement investigation and you name the names. I think this kind of thing could work here, if you can stop speculation about things and if you can launch a real criminal investigation with law enforcement, not intelligence but law enforcement, that could give some results. 

Guest 2: Thanks for your views. I have the feelings that the effect of the Russian interactions with the elections were quite overestimated, I mean starting from Comey to the centers and whatever. But what I perceive that regardless whether they play a part of not Russia seems to be a really good escape goat for things. So whenever something strange happens it has been the Russians. So my question is to put some numbers on this, we know from the Snowden leaks that the black budgets for the NSA was 50 to 80 depending whether you count in military funding as well, billion dollars a year. What can we...what would be your estimation about the financial support? I'm not saying you know the number is 25, but at least some kind of relation or is it completely unknown? Which would be interesting information as well. 

Andrei Soldatov: It's completely unknown because we are not talking about state budget. We are talking about the IT industry involvement and it means there are costs placed on the companies. They are forced to lend some people at the expenses and it's not about the government to pay for these things in most cases. It's also about, because it started with programs with the pro-Kremlin youth movements and it was a secret from the beginning. They used all kind of means to hide the financial tracks and not to show that these youth movements were funded by the government. So now they use the same techniques to do these things and that's why it's not possible to say and I just don't want to speculate. 

Guest 2: Professionally, I mean youth movements...

Andrei Soldatov: Youth movements is an intermediary. They are not executors, they are not actually the people who are doing the hacking. Youth movements they are used as something in between to channel money because they have this infrastructure.

In terms of professionalism, I think they are quite professional because it's about in some cases it's about the best Russian IT companies and these people are really very good. It's extremely difficult and I'm really cautious to talk about capacities of the Russian secret services because we almost didn't see them doing anything. For instance, we didn’t see say, super computer capacities of the secret services used. They could be giving some help to the hackers with some intelligence because to do real spearphishing you need to get some intelligence, you need to know the names, you need to know how things are organized and for that you need to have some help but not in terms of computer capacities. That's why it's a big unknown. 

Guest 3: In September we have a big federal election in Germany. Do you think there will be more attacks or there will be attacks by using fake news, by using trolling and hackers to get influence to this election? 

Andrei Soldatov: Well I think it's likely because...look, especially with the situation in France. Ffirst of all they were not stopped in the US and it also means that again, once again I am getting to my point about the low expectation, if the idea is just to make Russia look powerful it might be only about some leaks. It's also, the thing is that we talked before the event: In some European countries, like for example Austria or Germany or France, traditional parties and the establishment, they have a very strange attitude to social media. I'm not a big expert on Germany policy but from my conversations I gathere there is some sort of arrogance about social media. Of course it creates a void and this void could be filled like in Italy by some marginal parties and they can exploit these things to the big effect and the same thing might happen here. 

Guest 4: I've got a quick question also regarding the German election if you look at the Western Press now a days what you will see every other week, another intelligence where people say anonymous sources say look we work inside the Russian networks so when we say it was Russia it's not only what you can seeing the technical report that they published back in January. What they are saying we have infiltrated their networks so we know. So when we're talking about the German election, I don't know if this is the case but say German and help agencies had insight which would directly point to Kremlin somehow being involved, do you think it would be better that they should release that information prior to the election or do you think it wouldn't make any difference at all? 

Andrei Soldatov: Well I have a very personal attitude of these things because for many years I worked as a journalist covering terrorist attacks and hostage takings in Russia and I know the argument used by the secret services all the times that we need to keep things secret because it could save the lives. My problem is that unfortunately it's not the case in most cases. They love to cover the problems and the mistakes by talking about secrets but I think that maybe now it's time to make something public. I don't buy this argument about lives. I know...remember it was used against Assange, against Snowden, all over and over and over. Well, the biggest problem today is trust, actually it was for the Russian hackers to find a way how to use this lack of trust so maybe it's time to try to do something about it and to gain some trust by publishing some real stuff. Maybe now it's worth it. 

Guest 5: So the bottom line here is the military used to call false fact creations as doing something under the name, that is the default in cyber affairs and CIA, NSA documents have proved that they have that capability. So my question to you is watching that everything that happens also requests the energy and the occupation and some goal behind it, why should Russia currently have it willingly and in the meaning of actively doing it themselves or acting through players that they are loyal to them. Why should they have an interest to enforce in this area in the United States and in other places which started actually with Crimea here which is pretty making the Russians appear like a major global influence player interfering in everybody’s lives, being a big danger and bring us all into the hands of the western intelligence who wants to protect us from that. 

Andrei Soldatov: Well I started answering this question in the beginning that it's very emotional, you think sometimes that it's all about propaganda, Russian TV propaganda but people really talk about this lack of respect, and also it’s true about the Kremlin, these people they are desperate to get this respect and the idea that we can get back and be a super power again. The other thing is that sometimes we try to see some strategical thinking in the Russian foreign policy but in most cases it's all about tactical moves. The Russian foreign policy is mostly reactive, they react to things because we have this idea of a besieged fortress and we also believe that we're always under attack. Like Crimea -- it was not something to do with grabbing something in Ukraine, using some opportunities, the idea was to respond to Maidan, because Maidan was seen as a threat to the Russian sphere of influence and that Maidan might be repeated in Russia. So it was a kind of idea of defensive measures. Everything failed and they failed it because they invested in the “Janukowitsch way”, provided a lot of support to the Ukrainian secret services and everything fell and Putin was desperate. He needed to do something to stop these guys. 

So he decided okay maybe we can teach a lesson. Maybe we can grab some land and that could be a good lesson to other countries -- if you have some sort of revolution you can lose some land. That was for example a big signal to Kazakhstan and countries in central Asia with lots of Russians, ethnic Russians living in these countries. So it's a kind of reaction. Why we got into Syria, because we wanted to have US sanctions lifted. So we got into Syria, to make some trouble to force US into talking to us. Again we failed. Why to say to attack Clinton and to meddle in the election, again it was a response, response to Panama papers. Because Panama papers was published in the early April of 2016 and Putin took this attack very personally and we documented the things in our chapter, it was very clear that he took these things personally. He commented on these things, that his personal friend was attacked and he actually couldn't stop talking about this and he wanted to do something to send a message. Everybody in Moscow, journalists based in Moscow, everybody knows that there are some rules that you cannot touch Putin’s family, with that you cross the line, that would be really dangerous so when Panama papers touch not his family, but his personal friend that was crossing the line for Putin so he wanted to do something against it.  

So once you see...it's always kind of tactical moves which make it all very unpredictable, sometimes extremely successful because nobody can guess what might be the next and but in the end there is no strategy. That's why it is so difficult to answer your question because you try to portray something like take 5 years -- why they are doing this and that and I can say you, okay why after they had such a successful Sochi games and they invested 50 billion dollars and it was such a huge success, why just to throw it literally into the window by annexing Crimea. So they invested into something to get world recognition, they got it, everybody was happy, and then they just destroyed it. Why? Because usually it's about emotions and it's about response. 

Guest 6: My question at the beginning you said surveillance is a profitable industry. You followed the export of surveillance technology with some other projects of yours. How would you assess the ability of the Russian industry and the whole complex, would it be the West or the UK for instance is there a Nexus that you can see that they can actually turn towards Russia for some other technologies and say look this is really the top notch industry or what would you say? 

Andrei Soldatov: It's an interesting question, we had this when we started our project with Privacy international but it looks like, yes Russia has something which we call  “natural advantages,” like the US have natural advantages because lots of traffic coming through the US territory. The Russian security services also have some natural advantages, which means on the former Soviet Union, most of the countries apart from the Baltics, they failed to modernize and reform their security services especially the units in charge of surveillance. Once we did a fascinating thing, it was really fascinating. Because in Russia terminology means a lot, so we tried to get a list of terminology used by the Russian security services and the security services of Ukraine, Belarus, central Asia etc., etc. In many cases we understood that they still use the same terminology, the same names for the units in charge of surveillance.  The same acronyms. 

Which actually means that many of them have this legacy of the surveillance practices. When they get the new legislation, they just adopt the Russian legislation. It was a very funny story about Kazakhstan when they got a new law and they forgot to remove Russia and to replace it with Kazakhstan. So when you have this kind of natural advantages it means that you also buy the equipment from Russia, because the legislation is very specific and very different from the Western legislation on surveillance, it's not like ETSI for example, the European communication standard institute. You need not only to imitate the Russian legislation, also you need to buy the stuff from Russia because we know how to produce this stuff. But it works only for comms interception and only for the former Soviet Union. 

The exception is biometrics:  speech recognition and face recognition. The Russian companies are extremely, extremely good at it. We had examples when the Russian company managed to get government contracts in Mexico. They actually got the system of voice/speaker recognition in Mexico. This equipment helps to identify who is talking on the phone. But this is dangerous because for that you need to teach your policeman how to use this technology which means that you do not only buy the technology, you buy the expertise, so the Mexicans also invited Russian experts.

It ended up with almost a totalitarian system in Mexico in terms of speaker recognition. Now in many Mexican states it's obligatory to give the voice samples to get the driving license. That was advised by Russian experts. That makes it dangerous. But once again, it's mostly about Latin America... There were some reports about an office of this company in the US but I do not know the results... I know that the FBI got interested. But well...so far I do not see any big contracts but one day it might happen. 

Guest 7: I have a question, the one thing is the hacking and the other thing is the disinformation hacking. I feel like Russians really analyze the countries and found certain vulnerabilities for like each country. Like in the German case the refugee crisis, they saw there kind of a division of the country, there was a case of Lisa then they see well we have some historical connections we can use for that and also kind of the Germans are finding it's own narrative and also to get kind of rid of Angela Merkel in terms of weakening the European Union is one of the goals of Putin himself. What would you say are the main vulnerabilities of Germany and how does Russia tack in in terms of disinformation including channels like Russia Today? 

Andrei Soldatov: Well I'm not that deep into German situation so I cannot comment on these things. I just don't know what the main vulnerabilities are here. Usually as far as I get it, but it's not only about Germany - it's usually about lack of trust and it's about when people got tired of someone. If they see that the system is stalled and people got tired of a leader... if they see someone in power for too many years and people want some changes, hat thing might be exploited. My guess that Clinton actually lost not only because of all these things but also because people think, well look we cannot survive another Clinton, that's just impossible. So that might be one of the biggest vulnerabilities but I would be cautious because I'm not a big expert in the internal situation. 

Stefan Heumann: Okay. I would like to really thank you Andre for coming all the way from Moscow and sharing really these very interesting insights about how the Russian cyber power has developed, helping us to understand where it's coming from, how it's also tied to domestic surveillance and targeting of activists and journalists in Russia. I was really struck by the end of the questions when you made this warning, kind of to all of us that our discussion about cyber and the internet that as so optimistic just a few years ago, has really turned one about fake news and information warfare that you mentioned, that is something that we should reflect it's actually a very dangerous development for all of us, especially for free and open and democratic societies. I also want to thank you for warning us about that and reflect on what’s actually happening and how we can counter that and really thank you again for coming over and discussing so openly with us as an opportunity to continue the conversation over a drink now if you still have time and really thank you Andrei. 

– Ende des Transkripts –


Andrei Soldatov

06/01/2017 - 6:30pm to 8:00pm