Over the past four years, the term Russian Hacker has no doubt gained notoriety in the US, and, in turn, the world. Before the 2016 presidential election, most had little idea of the capabilities that computer wizzes from Russia possess.
However, the hackers from the region had been active in many communities’ years prior, executing brazen cyber-attacks on neighboring countries. It’s just that, in recent times, they’ve decided to expand, and ply their trade globally.
There are numerous reasons why so many of these digital criminals (or geniuses) hail from Eastern Europe and former Soviet block countries. Traditionally, these areas of the world put a greater focus on teaching IT in middle and high schools, even though they lack a career pipeline, the likes of which exist in the US. Thus, many of these educated and capable IT experts find themselves with no high-paying jobs comparable to their skill level.
According to research by the College Board in the US, in a period of ten years, from 2005 to 2016, 270,000 high school students decided to take the national exam in computer sciences. In Russia, that number stood at 600,000. This is because Russians have a head start when it comes to many elements of informatics, such as mathematics and technology, making it easier for them to pursue a career in the field. Nonetheless, due to limited options, the allure of using their talents for nefarious purposes is tempting. Here are a few examples of Russian hack stories.
Following a 2008 nation-wide ban of casinos in Russia, a group of St. Petersburg-based criminals saw an opportunity in buying out old equipment in an attempt to reverse-engineer their technology. A mathematician named Alex, who studied at a top Russian university and the FSB academy (successor to the KGB) led this criminal ensemble.
Alex and his team had figured out the “randomness” that governs the behavior of certain machines and could predict the exact moment when the odds would tip in the player’s favor. They would deploy four operators on a casino floor, who would film footage of a machine’s behavior and send it back to St. Petersburg for analysis. After which the team from Russia would send back queues as to what are the appropriate times to bet.
The team would rake in about a quarter of a million a week and cleaned out gaming venues throughout the US until their eventual capture. The scandal didn’t affect the industry, especially as more and more players have moved on to playing slots on the web, which feature far more sophisticated RNGs that are impossible to hack.
One has to give a nod to these cyber-criminals for their ingenuity in terms of their criminal and technological prowess, as well as their naming ability. A group called Fancy Bear has links to several cyber-attacks dating back to at least 2007.
The group has received credit for breaking into the Democratic National Committee, the NotPetya strikes against Ukraine, and targeting numerous political parties in Europe. In their latest, and most public venture, they used devices like a VOIP phone, an office printer, and a video decoder to gain access to corporate networks.
These devices usually have default passwords that leave the door open for exploitation. Hackers use them as a starting point and once they establish a beachhead, they look for other insecure ones in search of higher-privileged accounts and valued data.
It’s said that Fancy Bear targeted close to 1,400 organizations, mainly in sectors such as military, medicine, government, and engineering.
A joint report from the Department of Homeland Security and the FBI, in 2018, claimed that Russian hackers managed to gain access to systems across many industries, collecting sensitive data in the process.
According to this report, the hackers targeted energy sectors. To gain access to powerplant computers, they first gained access to smaller companies, such as those that sell the software or make parts for the plants. They would hack one email account and use it to communicate with other employees and get them to reveal confidential information. They also altered existing websites to collect information such as logins and passwords.
After retrieving this kind of information, the hackers would set up admin accounts and place malware in the networks. They also programmed this malware to cover their tracks by performing automatic log-outs, after eight hours.
The hacker’s goal was not to sabotage, rather to record information and obtain data from the energy generation system. They wanted to get a sneak peek into how these facilities operate and the process turned into a prolonged observation.
A recent internet poll showed that 82% of voters think that Russia has the world’s best hackers. Whether this is true or not is another debate. However, it illustrates public perception. Many different reasons contribute to the rise of the Russian hacker phenomenon, including a lack of ethical consideration that has roots in decades of education under Stalin. These people are overeducated, and their underemployment in the IT sector is rampant. Thus, we should expect an influx of more Russian hack stories in the future.