When we hear about cybercrime and hacking exploits we tend to immediately assign blame to the usual suspects: the Russians or the Chinese. Next in line are hackers from other Eastern European countries formerly part of the Soviet Union such as Romania and other satellites. Increasingly, cyber "bad guys" from Russia are hogging most of the press attention. Cyberattacks on computer systems at the DNC and the trove of confidential US government information delivered to WikiLeaks have both been traced back to Russia. State-sponsored Russian operatives have even been implicated in the dissemination of fake news on social media allegedly to affect the outcome of the 2016 US presidential election. This worrying trend forces us to ask: what is it about Russia and its people that have placed them at the forefront of both cybercrime and the trend towards the use of cyber warfare? The answers – if any are to be found – must be sought across multiple strata of Russian society and culture, not the least of which is Russia’s history.I have more than a passing familiarity with Russia and its culture having visited the country on several occasions for extended periods. The first time was on the eve of Russia’s economic collapse in 1998. The stoic, even resigned reaction of people on the streets to such a devastating event was telling. I don’t claim to be an expert on Russia. I speak and read a version of the language that falls somewhere between conversational and survival Russian. Having visited art, science, and history museums in Russia and most importantly, socializing and speaking with ordinary Russians has provided me with a greater insight into Russia and its people; more so than what constitutes my usual research method of choice: sitting behind a computer punching stuff into the Google search box.The topic of who is behind the hacking and the economics motivating it will require another post. I don’t want this one to rival Tolstoy’s “War and Peace.” Suffice it to say, a very large and important player in cybercrime coming out of Russia is the Russian mafia. This is closely followed by the Russian government, often in collaboration with the mafia.Ordinary citizens participate for a number of reasons, primarily economic. Many students and recent graduates of technical institutes are unable to find work. These highly-talented and highly-educated young people would do any tech firm proud. Instead, they crack software to avoid paying licensing fees and write sophisticated malware and bots which they then sell on the black market or decide to work directly for criminal organizations. The best and brightest minds of Russia are being corrupted. Their talent and potential squandered.I won’t offer up any bits of Machiavellian wisdom here. The international adversaries the United States is facing on the cybersecurity front are indeed formidable. Chinese cybercrime and cyberwarfare is largely state-sponsored and tends towards low budget exploits utilizing brute force techniques. Certainly, not something to be taken lightly, but pales in comparison to the elegance and startling sophistication of what is coming out of Russia these days. It pains me to call Russia our greatest enemy in securing our digital assets, but it would be naïve to ignore the most prominent and dangerous source of these threats. I only see the cybersecurity threat emanating from Russia continuing to grow in number, sophistication and severity.Finally, to answer the delicate and vexing question of why Russia is such a rich source of hacking talent or at least attempt to answer it, allow me offer up some final observations. Over the course of my career as a software developer I had the pleasure to work with several very talented engineering professionals from the former Soviet Union. All were highly-skilled and able to come up with very creative solutions to the most complex problems. But above all else, they exhibited a tenacity and resilience that was truly awe-inspiring.I recall one developer describing how he and three colleagues back in Russia shared an IBM XT PC with a 10mb hard drive. They were each apportioned a sliver of the drive for their work files, sharing access to the machine on a time-sliced basis in order to complete their work. During one of my stays in Russia, my Russian language tutor recounted a similar story from her college days. She would meet late at night for a “reading circle” with a group of friends. They would sit in a circle and pass around an illegal book smuggled into the country, each reading the opened pages and then passing it to the person next to them. They would read the entire book staying up till dawn reading only from the light provided by a flashlight in order to keep from being discovered.I heard many other stories during my visits of a similar nature. And things didn’t really improve much for the average Russian in the years immediately preceding the collapse of Communism or since its fall. A common story during the so-called “rebuilding” years of Perestroika
is one of waiting hours in the freezing cold to buy bread only to find the shop has run out when getting to the front of the line.In retrospect, that was nothing compared to what the city of Leningrad (now St. Petersburg) was forced to endure during the Nazi blockade of the city
– an important historical event of WWII that is virtually untaught and unknown in the West, but is a penultimate example of Russian resiliency and ingenuity. Unlike Americans, Russians experienced the horrors of WWII on their own soil. They still take it very seriously and I saw on the streets of St. Petersburg and Moscow more than a few veterans of the “Great War” as Russians call it, proudly wearing their uniforms with medals pinned to their chests. These traits continue today among the Russian people.It should go without saying that those studying the field of cybersecurity must be well-versed in all its disciplines. This means keeping up to date with the latest threats and vulnerabilities through continual reading and studying. Obtaining and keeping certifications up to date is also vital. We can help you with all of that here on Cybrary.it. But in addition to all these requirements, it’s worthwhile to stop and reflect on the nature of your adversary. This comes in the form of respect, knowledge, and compassion in order to understand their motivations and tendencies. Such understanding will make you a stronger cybersecurity professional in an increasingly hostile and complex field of battle.