In October 2016, Ukrainian hacker group CyberHunta leaked over a gigabyte of emails and other documents alleged to belong to Russian political operative and senior Kremlin official Vladislav Surkov. [1] Known as Russia's "grey cardinal", Surkov served as a political adviser to President Vladimir Putin in the conflict in eastern Ukraine and is the architect of Russia's ideology of sovereign democracy. [1] [2]
The document leak included over 2,300 emails from Surkov's inbox. [3] The emails illustrate Russian plans to politically upset Ukraine and the coordination of affairs with major opposition leaders in separatist east Ukraine. [4] [2] The release included a document sent to Surkov by Denis Pushilin, former Chairman of the People's Council of the Donetsk People's Republic, listing casualties during 2014. [3] It also included a 22-page outline of "a plan to support nationalist and separatist politicians and to encourage early parliamentary elections in Ukraine, all to undermine the government in [ Kyiv ]." [5]
The Kremlin has said that the leaked documents are fake. [6]
Washington think tank Atlantic Council's Digital Forensic Research Lab analysed the emails. They determined that they were genuine, based partially on the routing information. [7] Independent website Bellingcat also determined the authenticity of the emails. [8]
Russian entrepreneur Yevgeny Chichvarkin confirmed that his emails from the document dump were authentic, saying "Yes, this is my original text." [7] Russian journalist Svetlana Babaeva also verified that her three emails from the leak were genuine. [9]
Kremlin press secretary Dmitry Peskov suggested that the emails did not belong to Surkov, saying that he "does not use email." [10] [11] Oleksandr Tkachuk of Security Service of Ukraine stated that they had managed to "authenticate a number of documents in the release" but could not confirm the authenticity of the entire batch of documents. [12]
The leaked correspondence was obtained by alliance of hacktivists calling themselves the Ukrainian Cyber Alliance. They secured the release of thousands of emails and documents in a 1GB Microsoft Outlook data file. Which were then analyzed by a second group, Inform Napalm, an open-source journalistic investigative group, and finally published online in three batches. [13] [14]
The first two batches, known as 'the Surkov Leaks' were published on the internet on 25 October and 3 November 2016, included correspondence from Surkov's office email account. The third batch was published on 2 November 2017, these contained correspondence from Surkov's first deputy, Inal Ardzinba and Kharkiv Communist Party leader Alla Aleksandrovska. [13] [14] The material made available was from September 2013 to November 2014, when Russia was pursuing its 'Novorossiya' project. Inform Napalm reported that the hackers also were in possession of documents from 2015 and 2016 that were being analysed by intelligence agencies and were not released due to their operational value. [14]
New batches of emails from the leak were further published in November 2017 [15] and April 2018. [16]
This section needs expansionwith: content from November 2017 and April 2018 batches. You can help by adding to it. (October 2021) |
The document leak was a Microsoft Outlook data file (.PST) that included 2,337 emails from the inbox of Surkov's prm_surkova@gov.ru. The released material covers a period from September 2013 to November 2014. The email address appears to have been an office account run by Surkov's aides, including "Masha" and "Yevgenia". [3] Among the documents were scans of Surkov's and his family's passports. [17] While the vast majority of the emails comprise routine briefings and schedules, a small handful are of geopolitical significance or potentially incriminating. [3] These emails illustrate Russian plans to politically destabilize Ukraine and the coordination of affairs with major opposition leaders in separatist east Ukraine. [4]
An email sent to Surkov and others on 14 June 2014 by Denis Pushilin, the former Chairman of the People's Council of the Donetsk People's Republic, contains a document listing casualties that occurred from 26 May to 6 June 2014. [3] The list of casualties includes a row for an unnamed soldier listed as "VDV Pskovsky" ("ВДВ Псковский"), a designation for a deployment of Russian Airborne Troops (VDV) from the city of Pskov. [10] Paratroopers based in Pskov were thought to be among the first of Russia's covert casualties in Ukraine in 2014. The Pskov-based 76th Guards Air Assault Division was awarded the Order of Suvorov by Putin for unspecified tasks in August 2014. [18]
An email sent to Surkov from a Russian government account on 18 June 2014 detailed the practicalities of Russia absorbing a portion of Ukraine. An email attachment included a briefing paper titled "On the Risks of an Economic Blockade of the LNR and DNR". The paper noted that 30% of the Donbas electrical supply comes from power plants in Zaporizhzhya. The document includes suggestions to supplement electrical supply in Donbas with power from the Rostov Nuclear Power Plant in Russia. The document's author also suggested increasing iron ore shipments and connecting Donbas to the Voronezh Oblast electricity grid. [19]
One of the emails to Surkov from Konstantin Malofeev [20] contained a list of recommended candidates for positions in the separatist government prior to their appointments. [7]
The documents also included a spreadsheet containing the budget for a newspaper in Donetsk. [7]
On 25 August 2014, a Russian official forwarded an email to Surkov from Russian Reporter editor Vitaly Leybin. The email bore the title "corrections in the text" and concerned a letter to the Ukrainian government from the "public representatives of the Donbas." A nearly identical article, purportedly from citizens living in Ukraine, appeared in Russian Reporter days later with only minor changes. Within the week, the letter had appeared on Russia Today and other Russian websites. [3]
One of the documents included in the leak was a 22-page outline of "a plan to support nationalist and separatist politicians and to encourage early parliamentary elections in Ukraine, all with the aim of undermining the government in [ Kyiv ]." [5]
Vladislav Yuryevich Surkov is a Russian politician and businessman. He was First Deputy Chief of the Russian Presidential Administration from 1999 to 2011, during which time he was often viewed as the main ideologist of the Kremlin who proposed and implemented the concept of sovereign democracy in Russia. From December 2011 until May 2013, Surkov served as the Russian Federation's Deputy Prime Minister. After his resignation, Surkov returned to the Presidential Executive Office and became a personal adviser of Vladimir Putin on relationships with Abkhazia, South Ossetia and Ukraine. He was removed from this duty by presidential order in February 2020.
Konstantin Valeryevich Malofeev is a Russian businessman and the chairman of the non-governmental and pro-monarchist organisation called the Society for the Development of Russian Historical Education "Double-Headed Eagle". He is the chairman of the media group Tsargrad, dedicated to Russian Orthodox Christianity and supporting Russian president Vladimir Putin. He is a co-founder of the international investment fund Marshall Capital Partners, member of the board of trustees of the non-profit partnership Safe Internet League and chairman of the Saint Basil the Great Charitable Foundation.
The ongoing Russo-Ukrainian War began in February 2014. Following Ukraine's Revolution of Dignity, Russia occupied and annexed Crimea from Ukraine and supported pro-Russian separatists fighting the Ukrainian military in the Donbas War. These first eight years of conflict also included naval incidents and cyberwarfare. In February 2022, Russia launched a full-scale invasion of Ukraine and began occupying more of the country, starting the biggest conflict in Europe since World War II.
The Donetsk People's Republic is a republic of Russia, comprising the occupied parts of eastern Ukraine's Donetsk Oblast, with its capital in Donetsk. The DPR was created by Russian-backed paramilitaries in 2014, and it initially operated as a breakaway state until it was annexed in 2022. The entire territory of DPR is viewed as sovereign territory of Ukraine by nearly all UN member states.
Igor Vsevolodovich Girkin, also known by the alias Igor Ivanovich Strelkov, is a Russian political prisoner, army veteran and former Federal Security Service (FSB) officer who played a key role in the Russian annexation of Crimea, and then in the Donbas War as an organizer of militant groups in the Donetsk People's Republic (DPR).
Media portrayals of the Russo-Ukrainian War, including skirmishes in eastern Donbas and the 2014 Ukrainian revolution after the Euromaidan protests, the subsequent 2014 annexation of Crimea, incursions into Donbas, and the full-scale invasion of Ukraine in 2022, have differed widely between Ukrainian, Western and Russian media. Russian, Ukrainian, and Western media have all, to various degrees, been accused of propagandizing, and of waging an information war.
Novorossiya or New Russia, also referred to as the Union of People's Republics, was a project for a confederation between the self-proclaimed Donetsk People's Republic (DPR) and the Luhansk People's Republic (LPR) in Eastern Ukraine, both of which were under the control of pro-Russian separatists.
The Minsk agreements were a series of international agreements which sought to end the Donbas war fought between armed Russian separatist groups and Armed Forces of Ukraine, with Russian regular forces playing a central part. After a defeat at Ilovaisk at the end of August 2014, Russia forced Ukraine to sign the first Minsk Protocol, or the Minsk I. It was drafted by the Trilateral Contact Group on Ukraine, consisting of Ukraine, Russia, and the Organization for Security and Co-operation in Europe (OSCE), with mediation by the leaders of France and Germany in the so-called Normandy Format. After extensive talks in Minsk, Belarus, the agreement was signed on 5 September 2014 by representatives of the Trilateral Contact Group and, without recognition of their status, by the then-leaders of the self-proclaimed Donetsk People's Republic (DPR) and Luhansk People's Republic (LPR). This agreement followed multiple previous attempts to stop the fighting in the region and aimed to implement an immediate ceasefire.
Fancy Bear is a Russian cyber espionage group. Cybersecurity firm CrowdStrike has said with a medium level of confidence that it is associated with the Russian military intelligence agency GRU. The UK's Foreign and Commonwealth Office as well as security firms SecureWorks, ThreatConnect, and Mandiant, have also said the group is sponsored by the Russian government. In 2018, an indictment by the United States Special Counsel identified Fancy Bear as GRU Unit 26165. This refers to its unified Military Unit Number of the Russian army regiments. The headquarters of Fancy Bear and the entire military unit, which reportedly specializes in state-sponsored cyberattacks and decryption of hacked data, were targeted by Ukrainian drones on July 24, 2023, the rooftop on an adjacent building collapsed as a result of the explosion.
Myrotvorets or Mirotvorets is a Ukrainian Kyiv-based website that publishes a running list, and sometimes personal information, of people who are considered by authors of the website to be "enemies of Ukraine", or, as the website itself states, "whose actions have signs of crimes against the national security of Ukraine, peace, human security, and the international law". The website was launched in December 2014 by Ukrainian politician and activist Georgy Tuka. The publishing of personal information on the site has been criticized by human rights organizations.
InformNapalm is a volunteer initiative to inform Ukrainian citizens and the foreign public about the Russo-Ukrainian War and the activities of the Russian special services as well as the militants of DPR, LPR, and Novorossiya. The team members are engaged in a wide range of other volunteer activities. Authors publish materials in 30 languages, including Japanese and Chinese.
The Democratic National Committee cyber attacks took place in 2015 and 2016, in which two groups of Russian computer hackers infiltrated the Democratic National Committee (DNC) computer network, leading to a data breach. Cybersecurity experts, as well as the U.S. government, determined that the cyberespionage was the work of Russian intelligence agencies.
The 2016 Democratic National Committee email leak is a collection of Democratic National Committee (DNC) emails stolen by one or more hackers operating under the pseudonym "Guccifer 2.0" who are alleged to be Russian intelligence agency hackers, according to indictments carried out by the Mueller investigation. These emails were subsequently leaked by DCLeaks in June and July 2016 and by WikiLeaks on July 22, 2016, just before the 2016 Democratic National Convention. This collection included 19,252 emails and 8,034 attachments from the DNC, the governing body of the United States Democratic Party. The leak includes emails from seven key DNC staff members dating from January 2015 to May 2016. On November 6, 2016, WikiLeaks released a second batch of DNC emails, adding 8,263 emails to its collection. The emails and documents showed that the Democratic Party's national committee favored Clinton over her rival Bernie Sanders in the primaries. These releases caused significant harm to the Clinton campaign, and have been cited as a potential contributing factor to her loss in the general election against Donald Trump.
The Russian government was one of several foreign governments that interfered in the 2016 United States elections, with the goals of sabotaging the presidential campaign of Hillary Clinton, boosting the presidential campaign of Donald Trump, and increasing political and social discord in the United States. According to the U.S. intelligence community, the operation—code named Project Lakhta—was ordered directly by Russian president Vladimir Putin. The "hacking and disinformation campaign" to damage Clinton and help Trump became the "core of the scandal known as Russiagate". The 448-page Mueller Report, made public in April 2019, examined over 200 contacts between the Trump campaign and Russian officials but concluded that there was insufficient evidence to bring any conspiracy or coordination charges against Trump or his associates.
The Battle of Svitlodarsk took place during the war in Donbas near Svitlodarsk, Donetsk Oblast in 2016. It was described as the "bloodiest battle in 5 months".
This is a timeline of events related to Russian interference in the 2016 United States elections, sorted by topics. It also includes events described in investigations into the many suspicious links between Trump associates and Russian officials and spies. Those investigations continued in 2017, the first and second halves of 2018, and 2019, largely as parts of the Crossfire Hurricane FBI investigation, the Special Counsel investigation, multiple ongoing criminal investigations by several State Attorneys General, and the investigation resulting in the Inspector General report on FBI and DOJ actions in the 2016 election.
Cyberwarfare is a component of the confrontation between Russia and Ukraine since the Revolution of Dignity in 2013-2014. While the first attacks on information systems of private enterprises and state institutions of Ukraine were recorded during mass protests in 2013, Russian cyberweapon Uroburos had been around since 2005. Russian cyberwarfare continued with the 2015 Ukraine power grid hack at Christmas 2015 and again in 2016, paralysis of the State Treasury of Ukraine in December 2016, a Mass hacker supply-chain attack in June 2017 and attacks on Ukrainian government websites in January 2022.
The Ukrainian Cyber Alliance is a community of Ukrainian cyber activists from various cities in Ukraine and around the world. The alliance emerged in the spring of 2016 from the merger of two cyber activists, FalconsFlame and Trinity, and was later joined by the group RUH8 and individual cyber activists from the CyberHunta group. The hacktivists united to counter Russian aggression in Ukraine.
Anonymous, a decentralized international activist and hacktivist collective, has conducted numerous cyber-operations against Russia since February 2022 when the Russian invasion of Ukraine began.
'I familiarized myself (with the leak),' he said. 'A curious document. I can say that it is not him.'