An international team of researchers on Monday published evidence that Kremlin critic Alexei Navalny was poisoned by a Russian state security team. It comes after another recent report by Russian journalists struck at Putin himself, alleging that a woman who had mysteriously become a millionaire business magnate was the Russian president’s former lover and the mother of his daughter.
These and other reports are notable not only for what they expose, but for what their very existence implies: that determined investigators can find real evidence of malfeasance among the Russian elite. They show that underneath Putin’s bravado there is also a vulnerable underbelly.
Four years after evidence emerged of interference by Moscow in the 2016 U.S. presidential election, Russian hacking has become a familiar subject in the United States. And the story continues to develop. The Washington Post and others reported Monday that Russian government hackers were believed to have breached a large number of U.S. government agencies as part of a large-scale electronic espionage campaign that may have started as early as the spring.
The hackers appeared to have first breached SolarWinds, a Texas-based maker of network-monitoring software used widely by the U.S. government. The hackers then exploited that access to include malware in automatic updates of systems used by the federal government. The infiltration was only discovered after California-based FireEye, one of the world’s top cybersecurity firms, admitted to having been breached by Russian hackers.
Officials have linked the hackers to a Russian group known as APT29 or Cozy Bear — a part of that nation’s foreign intelligence service, the SVR, the same hackers suspected of hacking the Democratic National Committee in 2016, part of the Russian campaign to influence the election that year. The Russian government denies all allegations. But few believe it, and the scale of the attack leads to big questions.
“Could hackers have obtained nuclear secrets? [Coronavirus] vaccine data? Blueprints for next-generation weapons systems?” Frank Bajak, an Associated Press investigative journalist, wrote this week.
The very same day news of the hacks emerged, the investigative website Bellingcat released a report containing reams of evidence suggesting that a clandestine group in Russia’s FSB, a successor to the Soviet-era KGB, had poisoned and almost killed Navalny in August.
Bellingcat, along with partner publications (Insider in Russia, Der Spiegel in Germany and CNN in the United States) had uncovered a granular level of detail about how the operation was carried out and who had done it. CNN’s Clarissa Ward even turned up on the doorstep of a suspected assassin — a powerful act of defiance against Russia’s security services.
“I know who wanted to kill me,” Navalny said in a video message after the report was released. “I know where they live. I know where they work. I know their real names. I know their fake names. I have photographs of them.” The big question was: How were investigators able to out these covert operators?
It turns out that most of the secrets lay in loose Russian control of private data, coupled with the endemic government corruption in the country. “Much of the information we used for our investigations could never be found in most Western countries, but in Russia, is readily available either for free or a fairly modest fee,” the Bellingcat team wrote in a long article describing their methods.
Anyone with a “a few hundred euros” can buy months of phone data for Russian security officers in the FSB, allowing anyone to trace their movements. The Russian government seemed to acknowledge this Tuesday, when Prime Minister Mikhail Mishustin told a leading telecoms firm that it was “very important” to protect personal data.
This doesn’t invalidate the impact of the SolarWinds hack, which could have long-term implications. The suspected Russian espionage raises serious questions about Washington’s multibillion-dollar detection system Einstein, which is designed to spot these very threats. (As some observers have noted, the United States probably does this sort of espionage too.)
But investigative revelations do place the hack in context. In some ways, the stories are intertwined. Russian journalists Andrei Soldatov and Irina Borogan argued that the Kremlin-backed interference in the 2016 U.S. election was a response to the impact of the Panama Papers, a leak of financial data that showed corruption among the Russian elite.
Russian corruption is enabled by lax rules and enforcement, which also helps journalists uncover the corruption, as Bellingcat has now demonstrated more than once. Some of the most impressive investigative journalism in the world is being done by Russian reporters and activists, despite the government restrictions and threats they face.
The revelations from Navalny that then-prime minister Dmitry Medvedev owned undeclared palaces and yachts presaged his resignation. Russian reporters even broke the news about the St. Petersburg “troll factory” interfering in the 2016 U.S. election. One of the reporters who broke that story, Andrey Zakharov, also led the reporting on the Russian president’s suspected ex-lover.
As Navalny’s poisoning shows, those who seek to do this work can be putting their lives on the line. But in doing so, they turn the tables on a government that often trades in corruption and subterfuge.