Russian Hackers Are Using ‘Tainted’ Leaks to Sow Disinformation – ANDY GREENBERG 05.25.17. 11:51 AM

Getty Images

Over the past year, the Kremlin’s strategy of weaponizing leaks to meddle with democracies around the world has become increasingly clear, first in the US and more recently in France. But a new report by a group of security researchers digs into another layer of those so-called influence operations: how Russian hackers alter documents within those releases of hacked material, planting disinformation alongside legitimate leaks.

A new report from researchers at the Citizen Lab group at the University of Toronto’s Munk School of Public Affairs documents a wide-ranging hacking campaign, with ties to known Russian hacker groups. The effort targeted more than 200 individuals, ranging from Russian media to a former Russian prime minister to Russian opposition groups, and assorted government and military personnel from Ukraine to Vietnam. Noteworthy among the leaks: A Russia-focused journalist and author whose emails were not only stolen but altered before their release. Once they appeared on a Russian hactivist site, Russian state media used the disinformation to concoct a CIA conspiracy.

The case could provide the clearest evidence yet that Russian hackers have evolved their tactics from merely releasing embarrassing true information to planting false leaks among those facts. “Russia has a long history of experience with disinformation,” says Ron Deibert, the political science professor who led Citizen Lab’s research into the newly uncovered hacking spree. “This is the first case of which I am aware that compares tainted documents to originals associated with a cyber espionage campaign.”

Go Phish

In his 2003 book Darkness at Dawn, journalist David Satter alleged that Vladimir Putin had arranged for Russian security forces to bomb apartment buildings in Moscow in 1999, in an attempt to incite war with Chechnya. In October of last year, Satter received a phishing email that spoofed a message from Google security requiring him to enter his Gmail account credentials, the same tactic used to breach the inbox of Clinton campaign chairman John Podesta last year. Satter, too, fell for the ruse.

Article continues: