MOSCOW (Reuters) – U.S. Secretary of State Mike Pompeo said on Friday that Russia was responsible for a cyber attack that embedded malicious code inside U.S. government software systems and those of other governments and companies across the world.
The Kremlin has always denied Moscow’s involvement in cyber attacks against the West. It has said that Russia had nothing to do with this latest assault.
Here is some information about Russia’s possible motives for such an attack, and details about Russian cyber offensive and information warfare capabilities.
POSSIBLE RUSSIAN MOTIVE
The Kremlin has said many times it wants to improve ties with the United States, which are at a post-Cold War low and strained by issues from Ukraine to Syria.
But it also openly views the United States as Russia’s main geopolitical adversary and as a threat to its national security.
President Vladimir Putin has accused Washington of starting a new arms race and NATO of moving military infrastructure closer to Russia’s borders, and has complained about U.S. sanctions, part of what Putin casts as an attempt to hold Russia back economically and technologically.
Russia regularly probes U.S. defences, flying nuclear-capable strategic bombers near Alaska and sending submarines into the Atlantic to lurk off the East Coast.
Putin has complained that outgoing President Donald Trump was unable to improve U.S-Russia ties and has singled out what he has called President-elect Joe Biden’s harsh anti-Russian rhetoric.
On Thursday, Putin blamed U.S. intelligence agencies for a series of recent media investigations into people close to him. Without providing evidence, he also linked U.S. intelligence agencies to what he presented as the stage-managed poisoning of Kremlin critic Alexei Navalny.
Putin did not congratulate Biden on his victory in the Nov. 3 election until Dec. 15. Putin said last month he was not worried that his delay in congratulating Biden would worsen U.S.-Russia ties.
“You can’t spoil a spoiled relationship,” said Putin.
‘COZY BEAR’
Some cyber researchers have suggested that Russia’s SVR foreign intelligence service may have been behind the latest attack.
In 2018, Dutch media cited unnamed intelligence officials as saying the AIVD, the Dutch intelligence agency, had linked a Russian hacking group known as “Cozy Bear” or APT29 (advanced persistent threat 29) to the SVR. The AIVD did not comment.
The Washington Post cited sources on Dec. 13 as saying the United States had identified “Cozy Bear” as being responsible for the latest cyber attack referred to by Pompeo.
Hackers from “Cozy Bear” were detected by cyber security firm CrowdStrike on the U.S. Democratic Party’s servers in the run-up to the 2016 U.S. presidential election when email accounts of Hillary Clinton’s staff were hacked.
In July, Britain, the United States and Canada accused “Cozy Bear” of trying to steal COVID-19 vaccine research from academic and pharmaceutical institutions around the world.
