Written by 
As the threat from Putin’s Russia escalates, the West is bracing itself for further cyber-attacks and disinformation campaigns. How sophisticated are its cyber-offensive capabilities and how might they be used?
In 1998, a cyber-attack unlike anything seen before was found to have ravaged US government systems over the course of two years, stealing vast troves of data. The resulting FBI investigation, dubbed Moonlight Maze, discovered the assault had targeted a number of academic institutions associated with US military and R&D efforts – and the evidence pointed to Russia.
The attack was so sophisticated that remnants of it were unearthed even 20 years later. Last year, security researchers at Kaspersky and Kings College London discovered a link between Moonlight Maze and Turla, the exploit used by a suspected Russian cyber-espionage group known to target government, military, technology, energy and commercial organizations.
As its capabilities continue to develop, Russia is thought to possess one of the accomplished cyber-arsenals in the world. Over time, its strategy has evolved from cyber-espionage and disinformation spreading to also include distributed denial of service (DDoS) attacks and cyber-assaults on critical national infrastructure such as power stations.
Indeed, a Russian group was thought to be responsible for the first-ever attack on an energy grid in Ukraine in 2015. Meanwhile, this year, the US traced a strike on its energy sector back to Moscow. In the UK, the National Cyber Security Centre (NCSC) is on high alert for attacks of a similar nature.
But more recently, the threat has elevated even further following tensions after the Salisbury poisoning and the US-led airstrike targeting Russian interests in Syria. So, what are Russia’s aims and how can businesses and governments protect themselves from cyber-attacks perpetrated by the country?
End goals
Russia’s aggressive approach goes back many years, but the nation’s end goal has changed, says Ralph Echemendia, CEO of Seguru. “In the past, Russian hacking was almost always tied to financially motivated cyber-crime; today it centres around political gains.”
At the same time, Russia can draw from impressive resources: Its military culture breeds talented engineers able to perform increasingly damaging attacks. According to Echemendia, Russia is in a unique position, because the country doesn’t necessarily have to spend more money to gain a higher level of resources.
“They have always benefitted from great engineering talent and this is ingrained into their culture from the Soviet days,” he says. “There are lots of intelligent minds with nothing to do, living in a cold place. They tend to sit inside for longer; we just don’t have that cultural mentality in the West. This gives them an upper hand: they have the numbers and don’t need the same budgets to get results.”