Other Russian Malicious Cyber Actors

Posted on :
,

Internet Research Agency

The Internet Research Agency (IRA), dubbed a Russian “troll farm” by the western media played a critical role in Russian influence operations online since at least 2016. This malicious cyber actor employed an army of hackers to conduct disinformation campaigns, and disseminate Russian propaganda on major social media platforms in the United States and Europe such as Facebook, Twitter, and Instagram. Yevgeny Prigozhin, head of the Russian private military company Wagner, claimed to found the organization to safeguard the Russian information space from perceived aggressive propaganda. This ‘troll farm’ gained notoriety for its alleged interference in the 2016 United States presidential election.

The U.S. Department of Justice indicted several individuals associated with the Internet Research Agency in 2018 on charges related to conspiracy to defraud the United States. The indictment highlighted the creation of fake online personas posing as legitimate U.S. entities to disseminate political ads and organize rallies, all while concealing their Russian identity. The U.S. Treasury Department, in sanctioning the IRA, emphasized its role in managing a vast network of deceptive online personas that reached millions of people.

The Internet Research Agency was highly active until its deactivation after Prigozhin’s death in 2023. While it has been officially disbanded, it is highly likely that some other entity within Russia will assume its responsibilities to conduct influence operation online.


Hacktivists

Russian hacktivists are individuals or groups based in Russia who engage in hacking activities to advance political, social, or ideological causes. These hacktivists often use their technical skills to carry out cyber operations with the goal of promoting specific agendas or influencing events. Russian hacktivists may target various entities, including government organizations, political figures, corporations, or international institutions. Their activities can range from website defacements and distributed denial-of-service (DDoS) attacks to data breaches and information leaks. The motivations behind Russian hacktivism can be diverse, encompassing political dissent, nationalism, or support for specific geopolitical goals.

State-sponsored hacktivism is a notable aspect of Russian cyber activities. The Russian government has been accused of supporting or orchestrating cyber campaigns to achieve its strategic objectives, such as influencing elections, undermining adversaries, or spreading disinformation. These state-sponsored hacktivist groups often operate with a degree of official support and may be intertwined with the broader landscape of Russian cyber operations. For example, there is evidence that hacktivists have worked with government cyber actors like APT28 (Fancy Bear) and APT29 (Cozy Bear) to target critical infrastructure in multiple countries.

Russian hacktivism has been associated with various cyber incidents over the years. Russian hackers have been linked to cyber attacks on Baltic countries, including Estonia in 2007 and Lithuania. These attacks involved DDoS attacks and website defacements, impacting government institutions, and causing disruptions.

In 2014, during the Ukrainian presidential election, Russian hackers were accused of targeting the Ukrainian Central Election Commission. The attack aimed to disrupt the electoral process and manipulate the results. Russian hackers, specifically associated with APT28 (Fancy Bear), were accused of infiltrating the Democratic National Committee’s (DNC) servers in 2016. The stolen emails were later released through platforms like WikiLeaks, influencing the U.S. presidential election.

Russian hacktivists are also known for engaging in disinformation campaigns to spread propaganda and influence public opinion. This includes the use of social media platforms to disseminate misleading information on various global events.


Key Terrain Cyber is dedicated to the professional development of our cyber workforce and information warfare community. We offer all our programs at no cost to readers, including our professional journal, mentorship and fellowship programs, and information warfare memorial. Our team of unpaid volunteers work hard to keep this site running and appreciate any support you are willing to give us.

There are sevearal ways you can help us spark innovation, disseminate good ideas, and remember our fallen. You can donate to KTC via the paypal button or venmo graphic below and help us cover our operating costs. Buying Key Terrain Cyber merchandise from our webstore is another excellent way to show your support for our programs and look good in the process.

Interested in volunteering your time? Contact us at [email protected] if you want to learn more about becoming a volunteer, staff member, or senior fellow. Finally, you can thank our staff by using the button below to buy us a coffee or a beer.

Please follow and like us: