About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

1 1 (January 4, 2021)

handle is hein.crs/goveadj0001 and id is 1 raw text is: C res~ibrni~ ~s~r~h $~rvkx~ ~14 9 January 4, 2021 Russian Cyber Units Rus sia has deployed sophisticated cyber capabilities to conduct disinformation, propaganda, espionage, and destructive cyberattacks globally. To conduct these operations, Russia maintains numerous units overseen by its various security and intelligence agencies. Rus sia's security agencies compete with each other and often conduct similar operations on the s ame targets, making specific attribution and motivation as sessments difficult. Congress may be interested in the various Russian agencies, units, and their attributes to better understand why and how Rus sia conducts cyber operations. Early Russian Cyber Operations According to media and governmentreports, Russia's initial cyber operations primarily consisted of Distributed Denialof Service (DDoS) attacks andoftenrelied on the co-optation or recruitment ofcriminal and civilian hackers. In 2007, Estonia was the target of a large-scale cyberattack, which most observers blamed on Russia. Estonian targets ranged fromonline banking and media outlets to government websites and email services. Shortly thereafter, Russia again employedDDoS attacks during its August 2008 war with Georgia. Although Russia denied responsibility, Georgia was the victimof a large- scale cyberattack th at corresponded with Rus sian military actions. Analysts identified 54 potentialtargets, (e.g., government, financial, and media outlets), including the National Bankof Georgia, which suspended all electronic operations for 12 days. Russian Security and Intelligence A gencies Over the past 20years, Russia has increased its personnel, capabilities, and capacity to undertake a wide range of cyber operations. No single Rus sian security or intelligence agency has sole responsibility for cyber operations. Observers note thatthis framework contributes to competition among the agencies for resources, personnel, and influence, and some analysts cite it as a po s sible reason for Rus sian cyber units conducting similar operations, without any apparent awareness of each other. Additionally, some agencies appear to prioritize the development of in- house capabilities, whereas others lookto contract outside actors for operations. Military Intelligence The Main Directorate of the General Staff, commonly referred to as the GRU, is Russia's military intelligence agency. The GRU has beenimplicated in some ofRussia's most notorious and damaging cyber operations. Media reporting and U.S. government indictments identify two primary GRU cyber units. The U.S. Department ofJustice (DOJ) has charged personnel fromboth units for actions ranging fromelection interferencein the 2016 U.S. presidential election to multiple damaging cyberattacks. The units' public profile underlines a high operational tempo. The GRU also reportedly controls severalresearch institutes thathelp develop hacking tools and malware. Observers have noted an apparent willingness by GRU cyber units to conduct brazen and aggressive operations, sometimes with questionable levels of operational security and secrecy. Collectively, these units are sometimes referred to as APT (Advanced Persis tent Threat) 28, Fancy Bear, Voodoo Bear, Sandworm, and Tsar Team. Unit 26165: Unit 26165 is one oftwo Rus siancyber gioups identified by the U.S. government as responsible for hacking the Democratic Congressional Campaign Committee, Democratic National Committee, and presidentialcampaignofHillary Clinton. Media and Western governments also have linked Unit 26165 to cyber operations against numerous political, government, and private-sector targets in the United States and Europe. Unit 74455: Unit 74455 has been linked to some of Rus sia's most brazen and damaging cyberattacks. The U.S. government identified Unit 74455 as responsible for the coordinatedrelease ofstolenemails and documents during the 2016 U.S. presidential election. As opposedto primarily focusing on penetrating systems and collecting information, Unit 74455 appears to have significant offensive cyber capabilities. DOJ alleges Unit 74455 is responsible for numerous malicious cyberattacks. In October 2020, DOJ indicted members ofGRU Unit 74455 for numerous cyberattacks, including the2017 NotPety aMalware attack. In June 2017, malware was deployed against numerous targets in Ukraine. The malware soon spread globally, causing significant damage to countries andbusinesses beyond Ukraine. Foreign Intelligence Service The Foreign Intelligence Service (SVR) is Russia's primay civilian foreign intelligence service. It is responsible for the collection of foreign intelligence using human, signals, electronic, and cyber methods. Most observers acknowledge the SVR operates with a strong emphasis on maintaining secrecy and avoiding detection. Most cyber operations reportedly linked to the SVR have focused on collecting intelligence as opposed to causing damage through cyberattacks. The SVR also is known to have high levels of technicalexpertise, often seeking to gain and retain access inside compromised networks. SVRhackers sometimes are referred to as APT 29, Cozy Bear, and the Dukes. Analysts andobservers have recognized the SVR as highly capable and professional. In contrast to GRU cyber units, https://crsrepc

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Already a HeinOnline Subscriber?

Log In

profiles profiles most