UARU
Hackers Expose Kremlin’s New Warfare Tools
4 April, 2018

Email hacking, trolling, bribery and paid-for anti-Ukrainian rallies –these are some of the Kremlin’s hybrid warfare tools revealed in the latest tranche of leaked emails hacked by Ukrainian hacker activist group Ukrainian Cyber Alliance.

Known as the “Surkov Leaks” after the Kremlin official linked to the emails, this is the third installment of leaks first published in late 2016. The emails appear to be grant proposals that Vladislav Surkov received from different groups to carry out these subversive operations, as well as briefing papers on the situation in Ukraine.

As well as Kremlin official Vladislav Surkov, the hacked emails also feature Surkov’s first deputy Inal Ardzinba and Kharkiv-based communist and former politician Alla Alexandrovska.

According to managing director of Euromaidan Press Alya Shandra, who is involved in analysing leaked the information, these emails expose “a wide complex of interference,” including “proxy political funds, paid street protests and paid activists that carry out provocations, that attack Ukrainian groups, even planned terrorist attacks.”

Most notably, this third tranche of hacked information reveals a proposal for a rebellion in the Zaporizhia region of Ukraine. The plan – codenamed “Troy” – involved the manipulation of public opinion in the area, followed by an uprising. The total cost for this operation, according to hacked emails, was estimated at around $180,000.

In addition to these plans, the emails also show that Surkov had been receiving detailed briefing papers on the situation in Ukraine. Shandra believes this to be clear evidence of “reflexive control” – a Soviet-era method for manipulating opponents by establishing their weaknesses.

“The Russians analysed the Ukrainian situation, the Ukrainian fears, the Ukrainian problems and divisions to such a detailed extent that it easily manipulated them, it easily exploited them to generate the divisions that we are talking about so much right now in the USA, in Europe and beyond,” Shandra comments.  

For Ukraine, one of the most concerning aspects of the leak is the evidence of Ukrainian citizens actively cooperating with Russia to carry out these operations and destabilize Ukraine, either for money, or, for ideological reasons.

“There are two types of people Surkov collaborated with in Ukraine. One of them are the people who will do it for money, basically, and the other – a small group that are the ideological allies, that do support the ideas of the Russian world and are ready to collude with Russia in order to make it happen,” Shandra explains.

However, this information could also be extremely useful in terms of countering Russia’s attempts to interfere in Ukraine.

“We are using these three dumps in order to analyse how the Kremlin conducts its hybrid war in Ukraine, to see if we can discern the strategies that it is using, and, whether we can find a way to react better to this war.”

Hromadske spoke to managing director of Euromaidan Press Alya Shandra, who is involved in analysing leaked the information, to discuss the revelations and takeaways from the latest tranche of hacked emails.

So you're going to publish a big report on Surkov leaks, as far as I understand, what is it and how did this idea come to you?

Well the Surkov Leaks is originally from three dumps of emails of Russia's right-hand Vladislav Surkov, who is also called Putin's Rasputin, and his first aide Inal Ardzinba, as well as the Kharkiv communist Alla Alexandrovska and her son. So, how do these emails come to the public eye? Back in 2016, late 2016, they were hacked by a Ukrainian cyber activist community called Ukrainian Cyber Alliance and then analysed by Inform Napalm, and open source investigative research team. And the first two leaks, they were published, they were publicized quite widely in international media and in Ukrainian media. But, the the third leak that came just recently from his aide Inal Ardzinba and the Kharkiv communist Alla Alexandrovska, to my astonishment, they were not given as much attention. So, basically, we are using these three dumps in order to analyse how the Kremlin conducts its hybrid war in Ukraine, to see if we can discern the strategies that it is using, and, whether we can find a way to react better to this war.

What information does this find give us to understand the strategy? What is the strategy behind the Russian hybrid war?

What information are we using?

What information do we have from these leaks that helps us to better understand or understand in a new way the strategy?

Well, basically, we are viewing the day-to-day communications of Putin's helpers that were tasked with managing the hybrid war in Ukraine – and by "hybrid war" I mean the political part of it, because by now it's fairly clear that the military part of Russia's interference in Ukraine and the political part, they are separated. So, right now we won't be seeing any facts of military presence, any commands to Russian military officers or the like, we are seeing the day-to-day operations of Russia's subversive political strategies in Ukraine.

What are the major symptoms of it? What are the major tools of the Russian actions?

Basically, they are an extended version of active measures, which is something known back from Soviet times. And, by "active measures," I mean really a wide complex of interference, including proxy political funds, paid street protests and paid activists that carry out provocations, that attack Ukrainian groups, even planned terrorist attacks, and even carry out terrorist attacks because they planted a bomb in a car of the Right Sector once in Odesa. But, other than that, there were several plans that were real terrorist activity and they are simply criminal, like, for instance, the plan Troy, that was published by The Times in Great Britain. That envisioned setting up a proxy front to subvert Ukraine's Zaporizhia oblast from within, to prepare for a military invasion from occupied Donbas. So, it included things like bribing SBU officers and infiltrating their people, like the pro-Russian people, into defense structures and setting up civic groups that would just generate a lot of discontent with life and calls for Russia to come and invade. So this is a wide complex of measures and it's basically a programme of measures to subvert the Zaporizhia oblast. It never happened, but nevertheless, it gives an idea of the proposals that Surkov received.

Did you have the evidence of Russian funding?

Of course. It's interesting that, in the third leak, basically, it mostly consists of what I view to be grant proposals that Surkov received from different groups.

Can you give some figures? For example, how much does it cost for...

Well, the plan Troy for the Zaporizhia oblast was estimated at $179,000 to carry out this complex of operations...

So basically, there are people in Ukraine, in eastern Ukraine, who are saying: Look, we're going to organize street protests and we need this much money...

This is a very good question. Unfortunately, yes, the Surkov Leaks revealed that there are many people in Ukraine that are willing to carry out these activities in return for funds. So, basically, what I see – there are two types of people Surkov collaborated with in Ukraine. One of them are the people who will do it for money, basically, and the other – a small group that are the ideological allies, that do support the ideas of the Russian world and are ready to collude with Russia in order to make it happen, which managed these other groups that were working for money. But, I suppose that traitors can happen is any country.

And I suppose that all these funds are unofficial and it's given in cash?

Well, we know that from the trial of the separatists in Odesa that were setting up the Bessarabia Republic that a trial was held and I think they travelled to Moscow to get this money and then I think there was something like a bank transfer. So, from that we know the concrete ways of how this money came. But, I mean, in Odesa it was really like employees. There were just these payslips stating how much money each player should get every week coming in to Ardzinba's account, because Inal Ardzinba – his helper – he managed the separatist activity on Odessa.

You made the announcement of this report in the western media, in the British media, was it easy to get the interest of the British media?

It was very easy to get the interest because they have the case of Skripal right now and it's a big deal and more attention is being paid to Russia's hybrid war. But, you know, another thing that I think is very interesting from the upcoming report that has relevance not only for Ukraine but other countries, is the amount of just general analytical information about Ukraine that Surkov received. And this is mainly Surkov, maybe he was dealing with like the large-scale strategy planning, but, the majority of emails he received are actually analytical briefs – very, very detailed analytical briefs – telling about the media situation in Ukraine, the political situation in Ukraine, all these little details that most Ukrainians don't know. So he had a team of analysts that monitored the situation very closely and we see this as evidence of a technique being employed that is known as "reflexive control," whereas a person who uses reflexive control analyses his opponent to know him perfectly and to manipulate his opponent into making the decisions that are beneficial to the manipulator. So here we see proof of how Russia was doing this in Ukraine. The Russians analysed the Ukrainian situation, the Ukrainian fears, the Ukrainian problems and divisions to such a detailed extent that it easily manipulated them, it easily exploited them to generate the divisions that we are talking about so much right now in the USA, in Europe and beyond.

Basically, this is also a typical KGB tactic to find a weakness and manipulate it.

Yes, yes, yes, but, here we see the ways in how this was being done, and, I can say that... First, it was very hard to figure out what was going on in Surkov's emails, why are all these briefs there, why is there all this analysis of the political situation. I mean, they are huge, it's a 20-page paper, with several coming in each day.

Can you say when you are going to publish this report what exactly will be in it? Will it all be empirical information or are you trying to systematize all that?

The report will hopefully go out in late May. It will be published by RUSI – The Royal United Services Institute in London – and there, of course, we try to include as much empirical evidence as we could, but, we try to go a step higher and analyse the strategies that are being employed in order to get to the patterns and the tactics that Russia is using.