Surkov leaks

Last updated
Vladislav Surkov Vladislav Surkov 7 May 2013.jpeg
Vladislav Surkov

In October 2016, Ukrainian hacker group CyberHunta leaked over a gigabyte of emails and other documents alleged to belong to Russian political operative and senior Kremlin official Vladislav Surkov. [1] Known as Russia's "grey cardinal", Surkov served as a political adviser to President Vladimir Putin in the conflict in eastern Ukraine and is the architect of Russia's ideology of sovereign democracy. [1] [2]

Contents

The document leak included over 2,300 emails from Surkov's inbox. [3] The emails illustrate Russian plans to politically upset Ukraine and the coordination of affairs with major opposition leaders in separatist east Ukraine. [4] [2] The release included a document sent to Surkov by Denis Pushilin, former Chairman of the People's Council of the Donetsk People's Republic, listing casualties during 2014. [3] It also included a 22-page outline of "a plan to support nationalist and separatist politicians and to encourage early parliamentary elections in Ukraine, all to undermine the government in [ Kyiv ]." [5]

The Kremlin has said that the leaked documents are fake. [6]

Authenticity

Washington think tank Atlantic Council's Digital Forensic Research Lab analysed the emails. They determined that they were genuine, based partially on the routing information. [7] Independent website Bellingcat also determined the authenticity of the emails. [8]

Russian entrepreneur Yevgeny Chichvarkin confirmed that his emails from the document dump were authentic, saying "Yes, this is my original text." [7] Russian journalist Svetlana Babaeva also verified that her three emails from the leak were genuine. [9]

Kremlin press secretary Dmitry Peskov suggested that the emails did not belong to Surkov, saying that he "does not use email." [10] [11] Oleksandr Tkachuk of Security Service of Ukraine stated that they had managed to "authenticate a number of documents in the release" but could not confirm the authenticity of the entire batch of documents. [12]

Publication

The leaked correspondence was obtained by alliance of hacktivists calling themselves the Ukrainian Cyber Alliance. They secured the release of thousands of emails and documents in a 1GB Microsoft Outlook data file. Which were then analyzed by a second group, Inform Napalm, an open-source journalistic investigative group, and finally published online in three batches. [13] [14]

The first two batches, known as 'the Surkov Leaks' were published on the internet on 25 October and 3 November 2016, included correspondence from Surkov's office email account. The third batch was published on 2 November 2017, these contained correspondence from Surkov's first deputy, Inal Ardzinba and Kharkiv Communist Party leader Alla Aleksandrovska. [13] [14] The material made available was from September 2013 to November 2014, when Russia was pursuing its 'Novorossiya' project. Inform Napalm reported that the hackers also were in possession of documents from 2015 and 2016 that were being analysed by intelligence agencies and were not released due to their operational value. [14]

New batches of emails from the leak were further published in November 2017 [15] and April 2018. [16]

Contents

The document leak was a Microsoft Outlook data file (.PST) that included 2,337 emails from the inbox of Surkov's prm_surkova@gov.ru. The released material covers a period from September 2013 to November 2014. The email address appears to have been an office account run by Surkov's aides, including "Masha" and "Yevgenia". [3] Among the documents were scans of Surkov's and his family's passports. [17] While the vast majority of the emails comprise routine briefings and schedules, a small handful are of geopolitical significance or potentially incriminating. [3] These emails illustrate Russian plans to politically destabilize Ukraine and the coordination of affairs with major opposition leaders in separatist east Ukraine. [4]

An email sent to Surkov and others on 14 June 2014 by Denis Pushilin, the former Chairman of the People's Council of the Donetsk People's Republic, contains a document listing casualties that occurred from 26 May to 6 June 2014. [3] The list of casualties includes a row for an unnamed soldier listed as "VDV Pskovsky" ("ВДВ Псковский"), a designation for a deployment of Russian Airborne Troops (VDV) from the city of Pskov. [10] Paratroopers based in Pskov were thought to be among the first of Russia's covert casualties in Ukraine in 2014. The Pskov-based 76th Guards Air Assault Division was awarded the Order of Suvorov by Putin for unspecified tasks in August 2014. [18]

An email sent to Surkov from a Russian government account on 18 June 2014 detailed the practicalities of Russia absorbing a portion of Ukraine. An email attachment included a briefing paper titled "On the Risks of an Economic Blockade of the LNR and DNR". The paper noted that 30% of the Donbas electrical supply comes from power plants in Zaporizhzhya. The document includes suggestions to supplement electrical supply in Donbas with power from the Rostov Nuclear Power Plant in Russia. The document's author also suggested increasing iron ore shipments and connecting Donbas to the Voronezh Oblast electricity grid. [19]

One of the emails to Surkov from Konstantin Malofeev [20] contained a list of recommended candidates for positions in the separatist government prior to their appointments. [7]

The documents also included a spreadsheet containing the budget for a newspaper in Donetsk. [7]

On 25 August 2014, a Russian official forwarded an email to Surkov from Russian Reporter editor Vitaly Leybin. The email bore the title "corrections in the text" and concerned a letter to the Ukrainian government from the "public representatives of the Donbas." A nearly identical article, purportedly from citizens living in Ukraine, appeared in Russian Reporter days later with only minor changes. Within the week, the letter had appeared on Russia Today and other Russian websites. [3]

One of the documents included in the leak was a 22-page outline of "a plan to support nationalist and separatist politicians and to encourage early parliamentary elections in Ukraine, all with the aim of undermining the government in [ Kyiv ]." [5]

See also

Related Research Articles

<span class="mw-page-title-main">Vladislav Surkov</span> Russian politician

Vladislav Yuryevich Surkov is a Russian politician and businessman. He was First Deputy Chief of the Russian Presidential Administration from 1999 to 2011, during which time he was often viewed as the main ideologist of the Kremlin who proposed and implemented the concept of sovereign democracy in Russia. From December 2011 until May 2013, Surkov served as the Russian Federation's Deputy Prime Minister. After his resignation, Surkov returned to the Presidential Executive Office and became a personal adviser of Vladimir Putin on relationships with Abkhazia, South Ossetia and Ukraine. He was removed from this duty by presidential order in February 2020.

<span class="mw-page-title-main">Konstantin Malofeev</span> Russian businessman

Konstantin Valeryevich Malofeev is a Russian businessman and the chairman of the non-governmental and pro-monarchist organisation called the Society for the Development of Russian Historical Education "Double-Headed Eagle". He is the chairman of the media group Tsargrad, dedicated to Russian Orthodox Christianity and supporting Russian president Vladimir Putin. He is a co-founder of the international investment fund Marshall Capital Partners, member of the board of trustees of the non-profit partnership Safe Internet League and chairman of the Saint Basil the Great Charitable Foundation.

<span class="mw-page-title-main">Russo-Ukrainian War</span> Armed conflict between Russia and Ukraine since 2014

The ongoing Russo-Ukrainian War began in February 2014. Following Ukraine's Revolution of Dignity, Russia occupied and annexed Crimea from Ukraine and supported pro-Russian separatists fighting the Ukrainian military in the Donbas War. These first eight years of conflict also included naval incidents and cyberwarfare. In February 2022, Russia launched a full-scale invasion of Ukraine and began occupying more of the country, starting the biggest conflict in Europe since World War II.

<span class="mw-page-title-main">Donetsk People's Republic</span> Disputed Russian republic in eastern Ukraine

The Donetsk People's Republic is a republic of Russia, comprising the occupied parts of eastern Ukraine's Donetsk Oblast, with its capital in Donetsk. The DPR was created by Russian-backed paramilitaries in 2014, and it initially operated as a breakaway state until it was annexed in 2022. The entire territory of DPR is viewed as sovereign territory of Ukraine by nearly all UN member states.

<span class="mw-page-title-main">Igor Girkin</span> Russian intelligence officer and militant leader

Igor Vsevolodovich Girkin, also known by the alias Igor Ivanovich Strelkov, is a Russian political prisoner, army veteran and former Federal Security Service (FSB) officer who played a key role in the Russian annexation of Crimea, and then in the Donbas War as an organizer of militant groups in the Donetsk People's Republic (DPR).

Media portrayals of the Russo-Ukrainian War, including skirmishes in eastern Donbas and the 2014 Ukrainian revolution after the Euromaidan protests, the subsequent 2014 annexation of Crimea, incursions into Donbas, and the full-scale invasion of Ukraine in 2022, have differed widely between Ukrainian, Western and Russian media. Russian, Ukrainian, and Western media have all, to various degrees, been accused of propagandizing, and of waging an information war.

<span class="mw-page-title-main">Novorossiya (confederation)</span> 2014–2015 proposed confederation in eastern Ukraine

Novorossiya or New Russia, also referred to as the Union of People's Republics, was a project for a confederation between the self-proclaimed Donetsk People's Republic (DPR) and the Luhansk People's Republic (LPR) in Eastern Ukraine, both of which were under the control of pro-Russian separatists.

<span class="mw-page-title-main">Minsk agreements</span> Series of agreements to stop the Donbas war

The Minsk agreements were a series of international agreements which sought to end the Donbas war fought between armed Russian separatist groups and Armed Forces of Ukraine, with Russian regular forces playing a central part. After a defeat at Ilovaisk at the end of August 2014, Russia forced Ukraine to sign the first Minsk Protocol, or the Minsk I. It was drafted by the Trilateral Contact Group on Ukraine, consisting of Ukraine, Russia, and the Organization for Security and Co-operation in Europe (OSCE), with mediation by the leaders of France and Germany in the so-called Normandy Format. After extensive talks in Minsk, Belarus, the agreement was signed on 5 September 2014 by representatives of the Trilateral Contact Group and, without recognition of their status, by the then-leaders of the self-proclaimed Donetsk People's Republic (DPR) and Luhansk People's Republic (LPR). This agreement followed multiple previous attempts to stop the fighting in the region and aimed to implement an immediate ceasefire.

Fancy Bear is a Russian cyber espionage group. Cybersecurity firm CrowdStrike has said with a medium level of confidence that it is associated with the Russian military intelligence agency GRU. The UK's Foreign and Commonwealth Office as well as security firms SecureWorks, ThreatConnect, and Mandiant, have also said the group is sponsored by the Russian government. In 2018, an indictment by the United States Special Counsel identified Fancy Bear as GRU Unit 26165. This refers to its unified Military Unit Number of the Russian army regiments. The headquarters of Fancy Bear and the entire military unit, which reportedly specializes in state-sponsored cyberattacks and decryption of hacked data, were targeted by Ukrainian drones on July 24, 2023, the rooftop on an adjacent building collapsed as a result of the explosion.

<span class="mw-page-title-main">Myrotvorets</span> Ukrainian website

Myrotvorets or Mirotvorets is a Ukrainian Kyiv-based website that publishes a running list, and sometimes personal information, of people who are considered by authors of the website to be "enemies of Ukraine", or, as the website itself states, "whose actions have signs of crimes against the national security of Ukraine, peace, human security, and the international law". The website was launched in December 2014 by Ukrainian politician and activist Georgy Tuka. The publishing of personal information on the site has been criticized by human rights organizations.

<span class="mw-page-title-main">InformNapalm</span> Citizen journalism web site

InformNapalm is a volunteer initiative to inform Ukrainian citizens and the foreign public about the Russo-Ukrainian War and the activities of the Russian special services as well as the militants of DPR, LPR, and Novorossiya. The team members are engaged in a wide range of other volunteer activities. Authors publish materials in 30 languages, including Japanese and Chinese.

The Democratic National Committee cyber attacks took place in 2015 and 2016, in which two groups of Russian computer hackers infiltrated the Democratic National Committee (DNC) computer network, leading to a data breach. Cybersecurity experts, as well as the U.S. government, determined that the cyberespionage was the work of Russian intelligence agencies.

The 2016 Democratic National Committee email leak is a collection of Democratic National Committee (DNC) emails stolen by one or more hackers operating under the pseudonym "Guccifer 2.0" who are alleged to be Russian intelligence agency hackers, according to indictments carried out by the Mueller investigation. These emails were subsequently leaked by DCLeaks in June and July 2016 and by WikiLeaks on July 22, 2016, just before the 2016 Democratic National Convention. This collection included 19,252 emails and 8,034 attachments from the DNC, the governing body of the United States Democratic Party. The leak includes emails from seven key DNC staff members dating from January 2015 to May 2016. On November 6, 2016, WikiLeaks released a second batch of DNC emails, adding 8,263 emails to its collection. The emails and documents showed that the Democratic Party's national committee favored Clinton over her rival Bernie Sanders in the primaries. These releases caused significant harm to the Clinton campaign, and have been cited as a potential contributing factor to her loss in the general election against Donald Trump.

<span class="mw-page-title-main">Russian interference in the 2016 United States elections</span>

The Russian government was one of several foreign governments that interfered in the 2016 United States elections, with the goals of sabotaging the presidential campaign of Hillary Clinton, boosting the presidential campaign of Donald Trump, and increasing political and social discord in the United States. According to the U.S. intelligence community, the operation—code named Project Lakhta—was ordered directly by Russian president Vladimir Putin. The "hacking and disinformation campaign" to damage Clinton and help Trump became the "core of the scandal known as Russiagate". The 448-page Mueller Report, made public in April 2019, examined over 200 contacts between the Trump campaign and Russian officials but concluded that there was insufficient evidence to bring any conspiracy or coordination charges against Trump or his associates.

<span class="mw-page-title-main">Battle of Svitlodarsk</span> 2016 battle in the Donbas war

The Battle of Svitlodarsk took place during the war in Donbas near Svitlodarsk, Donetsk Oblast in 2016. It was described as the "bloodiest battle in 5 months".

This is a timeline of events related to Russian interference in the 2016 United States elections, sorted by topics. It also includes events described in investigations into the many suspicious links between Trump associates and Russian officials and spies. Those investigations continued in 2017, the first and second halves of 2018, and 2019, largely as parts of the Crossfire Hurricane FBI investigation, the Special Counsel investigation, multiple ongoing criminal investigations by several State Attorneys General, and the investigation resulting in the Inspector General report on FBI and DOJ actions in the 2016 election.

<span class="mw-page-title-main">Russo-Ukrainian cyberwarfare</span> Informatic component of the confrontation between Russia and Ukraine

Cyberwarfare is a component of the confrontation between Russia and Ukraine since the Revolution of Dignity in 2013-2014. While the first attacks on information systems of private enterprises and state institutions of Ukraine were recorded during mass protests in 2013, Russian cyberweapon Uroburos had been around since 2005. Russian cyberwarfare continued with the 2015 Ukraine power grid hack at Christmas 2015 and again in 2016, paralysis of the State Treasury of Ukraine in December 2016, a Mass hacker supply-chain attack in June 2017 and attacks on Ukrainian government websites in January 2022.

<span class="mw-page-title-main">Ukrainian Cyber Alliance</span>

The Ukrainian Cyber Alliance is a community of Ukrainian cyber activists from various cities in Ukraine and around the world. The alliance emerged in the spring of 2016 from the merger of two cyber activists, FalconsFlame and Trinity, and was later joined by the group RUH8 and individual cyber activists from the CyberHunta group. The hacktivists united to counter Russian aggression in Ukraine.

Anonymous, a decentralized international activist and hacktivist collective, has conducted numerous cyber-operations against Russia since February 2022 when the Russian invasion of Ukraine began.

References

  1. 1 2 Windrem, Robert (27 October 2016). "Payback? Russia gets hacked, revealing top Putin aide's secrets". NBC News. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  2. 1 2 Hosaka, sanshiro (2019). "Welcome to Surkov's Theater: Russian Political Technology in the Donbas war". Nationalities Papers. 47 (5). cambridge: 750–773. doi:10.1017/nps.2019.70. S2CID   214289953. Archived from the original on 2022-02-13. Retrieved 2022-02-25.
  3. 1 2 3 4 5 6 Digital Forensic Research Lab (25 October 2016). "Breaking Down the Surkov Leaks – DFRLab". Medium. Atlantic Council. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  4. 1 2 Murdock, Jason (27 October 2016). "Surkov leaks: Thousands of hacked emails reportedly from high-ranking Kremlin official published". International Business Times UK. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  5. 1 2 Standish, Reid (25 October 2016). "Hacked: Putin Aide's Emails Detail Alleged Plot to Destabilize Ukraine". Foreign Policy. Archived from the original on 11 March 2017. Retrieved 11 March 2017.
  6. Walker, Shaun (26 October 2016). "Kremlin puppet master's leaked emails are price of return to political frontline". The Guardian. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  7. 1 2 3 4 Kramer, Andrew E. (27 October 2016). "Ukrainian Hackers Release Emails Tying Top Russian Official to Uprising". The New York Times. Archived from the original on 13 August 2017. Retrieved 3 March 2017.
  8. DFRLab (26 October 2016). "Breaking Down the Surkov Leaks". Medium .
  9. Amos, Howard (26 October 2016). "Hackers: emails show ties between Kremlin, Ukraine rebels". Associated Press. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  10. 1 2 Sharkov, Damien (27 October 2016). "Kremlin denies Putin aide's email was hacked—'he does not use email'". Newsweek. Archived from the original on 29 October 2016. Retrieved 28 October 2016. 'I familiarized myself (with the leak),' he said. 'A curious document. I can say that it is not him.'
  11. "Песков опроверг сообщения о взломе почты Суркова". Interfax (in Russian). 26 October 2016. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  12. Schreck, Carl (26 October 2016). "Kremlin Brushes Off E-Mail Leak Allegedly Showing Russian Hand In Ukraine Conflict". RadioFreeEurope/RadioLiberty. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  13. 1 2 Seely, Robert; Shandra, Alya (July 2019). "The Surkov Leaks: The Inner Workings of Russia's Hybrid War in Ukraine". Royal United Services Institute. Archived from the original on 2021-10-07. Retrieved 2022-02-25.
  14. 1 2 3 Bjorn, Falcon (25 October 2016). "SurkovLeaks: 1GB mail cache retrieved by Ukrainian hacktivists (English)". Inform Napalm. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  15. "Осколки "Русского мира"". StopFake.org (in Russian). 2017-11-13. Archived from the original on 2017-11-13. Retrieved 2017-11-13.
  16. Fisher, Lucy; Haynes, Deborah (2018-04-02). "Leaked emails expose Russian dirty tricks". The Times. ISSN   0140-0460. Archived from the original on 2018-04-02. Retrieved 2018-04-02.
  17. Gallagher, Sean (27 October 2016). "Some hacked e-mails, documents from Putin advisor confirmed as genuine". Ars Technica. Archived from the original on 25 February 2022. Retrieved 15 June 2017.
  18. "Russian reporters 'attacked at secret soldier burials'". BBC News. 27 August 2014. Archived from the original on 25 February 2022. Retrieved 21 June 2018.
  19. MacDonald, Euan (28 October 2016). "Surkov briefed on countering Ukrainian blockade of 'separatist republics'". KyivPost. Archived from the original on 31 October 2016. Retrieved 30 October 2016.
  20. "Ukrainian hackers leak emails that show ties between Kremlin, rebels | Toronto Star". Toronto Star. Associated Press. 26 October 2016. Archived from the original on 27 October 2016. Retrieved 30 October 2016.

Further reading