Researchers have discovered an extensive international hacking campaign that steals documents from its targets and repackages them as disinformation aimed at undermining civil society and democratic institutions, according to a study released Thursday, The Washington Post reports:
Although the study by the Citizen Lab at the Munk School of Global Affairs at the University of Toronto does not demonstrate a direct tie to the Kremlin, it suggests that the attackers are aiming to discredit the Kremlin’s opponents. … The study details the hack in October of the email log-in details of David Satter, a renowned Kremlin critic who in 2016 published a book that links Putin’s rise to power with a series of deadly apartment bombings in Russia in 1999….The study describes how the pro-Russian hacking group CyberBerkut posted Satter’s emails, some of them carefully altered to create a false narrative of a U.S. government plot to plant negative articles about Putin’s regime in the Russian media.
“The motivations behind Russian cyberespionage are as much about securing Putin’s kleptocracy as they are geopolitical competition,” said Ronald Deibert, professor of political science and director of the Citizen Lab. “This means journalists, activists and opposition figures — both domestically and abroad — bear a disproportionate burden of their targeting.”
The researchers examine how a report sent to the National Endowment for Democracy (NED) (above) about Radio Liberty’s Russian investigative reporting project was modified with false information prior to being released.