Military and intelligence cyber activities are considered as important as conventional military capacity in Russia. Military intelligence agency GRU uses the APT28 cyber espionage group for its ends, while the FSB makes use of the group SNAKE (Turla) and, together with foreign intelligence service SVR, another called APT29.
The board got wind of one such connected cyber espionage group’s attempt to steal data from EU member states a few years ago. The counteroperation revealed that the Russians targeted one member states’ diplomats who were sent infected emails.
Diplomats who fell for the ploy gave the group access to their documents, media files, personal information, screenshots. Keyloggers read what delegates typed into their computers. Russians intercepted 80,000 files or around 20 gigabytes of information over a year. It is probable the attacker had an overview of the victim’s diplomatic communication during that period.
“The only positive aspect of the story is that the assailants were in a non-classified system. We have not been able to find Russian attacks or presence in classified systems,” Marran said.
EV100 safe
The head of the foreign intelligence service said that they did not pick up increased Russian intelligence activity during the Finnish presidential election in January even though it was anticipated. Sweden might find itself in a rather different position this year as it is in Russia’s interests to quash the country’s NATO membership debate.
Estonia, celebrating its 100th anniversary this year, should not be worried over Russia’s increased meddling, Marran believes. Russian think tanks are still supercilious concerning the independence of the Baltic countries. “It might happen in 2018, but we do not anticipate a massive Russian influence campaign at this time,” Marran said.