Inside Putin’s secret cyber units where elite Russian hackers attack the US, UK and Ukraine

With Russia and Ukraine seemingly on the brink of war, everyone is on deck for President Vladimir Putin’s forces, including his army of hackers.

Over the years, Moscow has faced numerous allegations of cyberattacks that have resulted in multiple sanctions and the expulsion of its diplomats.


The term “hacker” has almost become synonymous with Russia.

From “troll factories” to hackers allegedly controlled by the country’s security services, here’s an overview of the world of Russian cybercrime.


Russia has been a breeding ground for IT experts for decades.

During the Soviet era, the government pushed for advances in science and technology and, with the appearance of the first computers, for programming.

With the fall of the USSR in 1991, some of the talented but underpaid programmers turned to cybercrime, quickly making Russians notorious for credit card theft worldwide.

“In the 90s, the environment fermented, with a culture of resourcefulness and a tendency to bend the rules”, recalls Kevin Limonier, of the French Institute of Geopolitics.


Experts say that in its persistent confrontation with the West, Russia relies heavily on its cyber warfare and information warfare capabilities.

Several notorious hacking groups are suspected of working for the country’s security services, and Russia’s Defense Ministry created its own “cyber units” in 2012.

The first large-scale attack attributed to Russia dates back to 2007, when the Baltic state of Estonia faced a wave of cyberattacks against its newspapers, banks and ministries.

The United States claims Russian military intelligence (GRU) hackers sought to manipulate the 2016 presidential election by hacking into the Democratic National Committee and Hillary Clinton’s campaign.

The most notorious cyber espionage group involved in dozens of cases is known as Fancy Bear or APT28. It is believed to be sponsored by the Russian government.

According to Washington, the attack on the American software developer SolarWinds was carried out by the SVR, the Russian foreign intelligence service.

The attack compromised government agencies such as the FBI and hundreds of private companies.

Ukrainian government websites were hacked last month, allegedly by Russia, with the compromised pages carrying a message warning residents of


Ukrainian government websites were hacked last month, allegedly by Russia, with the compromised pages carrying a message warning residents to “expect the worst”.Credit: Unknown


More recently, attacks have focused on Ukraine and its NATO allies in an attempt to destabilize the region.

More than 140,000 troops are currently stationed on Ukraine’s eastern and southern borders ahead of a possible invasion that intelligence officials say could be launched as early as this week.

Putin’s intentions remain unclear, but he has strongly criticized Ukraine’s plans to join NATO.

Last month, hackers suspected of working for Russia targeted the websites of Ukrainian government agencies and banks.

The suggestion was that cyber sleuths were probing systems in preparation for large-scale shutdowns of key infrastructure in the event of an invasion.

Kiev has alleged that Moscow is engaged in a growing “hybrid war” against it.

“All the evidence points to Russia being behind the cyberattack,” the Department of Digital Development said.

Attackers should also target NATO members.

Britain, for example, has been told to prepare for a massive cyberattack ahead of a possible war in Ukraine.

The National Cybersecurity Council has issued a rare nationwide alert after a series of malicious cyberattacks have been branded by Kremlin-backed hackers.


“The cyberattacks carried out by the Russian secret service are part of multi-year international operations aimed at obtaining strategic information,” German intelligence services said in 2016, referring to espionage and sabotage operations.

The list of alleged Russian attacks is long: a hacking attack on the German parliament in 2015; targeting Ukrainian artillery units between 2014 and 2016; hacking of a French television channel in 2015; interfering in the 2016 and 2020 US elections and targeting coronavirus vaccine research institutes in the West in 2020.

Experts say the attacks are getting more and more sophisticated.

“The level of Russian cyberattacks is increasing compared to three or four years ago,” intelligence expert Andrei Soldatov said.

“We know the operations that have been discovered but many are still effective.”

Headquarters of the Russian intelligence agency in Moscow, Russia


Headquarters of the Russian intelligence agency in Moscow, RussiaCredit: Reuters


Russia has also been accused of carrying out large-scale disinformation campaigns to influence democratic processes in the West and fuel social discord online.

The country is believed to operate online “troll factories” that concoct viral false information in an attempt to influence internet users.

The accusations have been leveled at both state media including RT (ex-Russia Today) and Kremlin allies like Yevgeny Prigozhin, a businessman suspected of being behind the “food factories”. trolls” in Russia and Africa.

Washington has accused President Vladimir Putin’s ally of funding the Internet Research Agency, a St Petersburg-based company that sought to sway the US electorate in 2016.


Aware that the nature of cyberattacks makes their origin difficult to trace, the Kremlin has always denied any involvement and accused the West of waging a war of disinformation against Russia.

Russia has also repeatedly affirmed its willingness to cooperate in the cybersphere.

Ahead of the 2020 US presidential elections, Putin has proposed an election noninterference pact and a global agreement against the misuse of communications technology.

The proposal went unanswered.

Soldatov said Russia could use hacking attacks to force the West to cooperate.

He did not rule out that, faced with the Russian threat and for lack of a better alternative, “the police in Europe and the United States might wish to resume cooperation with Russia on cybersecurity”.

Igor Kostyukov, director of Russian military intelligence, responsible for numerous large-scale cyberattacks in Moscow


Igor Kostyukov, director of Russian military intelligence, responsible for numerous large-scale cyberattacks in MoscowCredit: Getty

In other news, a British woman has told of her horror after scammers used photos of a ‘silver fox’ politician to cheat her out of £80,000.

Norfolk County Council is suing Apple over what it says is misleading iPhone sales information.

The makers of a spooky new horror game say the title is so disturbing they’ve been forced to censor it on PlayStation.

And, Apple announced updates to AirTags following claims that the coin-sized tracking devices are being used to stalk people.

We pay for your stories! Do you have a story for the Sun Online Tech & Science team? Email us at [email protected]

Previous February 12 Splitgate Update Improves Map Creator, Fixes Bugs, And More
Next Alert! Update Google Chrome now; serious bugs found