Russia: A Sophisticated Adversary
The threat to U.S. technology from Russia will continue over the coming years as Moscow attempts to bolster an economy struggling with endemic corruption, state control, and a loss of talent departing for jobs abroad. Moscow’s military modernization efforts also likely will be a motivating factor for Russia to steal U.S. intellectual property. An aggressive and capable collector of sensitive U.S. technologies, Russia uses cyberspace as one of many methods for obtaining the necessary know-how and technology to grow and modernize its economy. Other methods include the following:
- Use of Russian commercial and academic enterprises that interact with the West;
- Recruitment of Russian immigrants with advanced technical skills by the Russian intelligence services; and
- Russian intelligence penetration of public and private enterprises, which enable the government to obtain sensitive technical information from industry.
Russia uses cyber operations as an instrument of intelligence collection to inform its decision-making and benefit its economic interests. Experts contend that Russia needs to enact structural reforms, including economic diversification into sectors such as technology, to achieve the higher rate of gross domestic product growth publicly called for by Russian President Putin. In support of that goal, Russian intelligence services have conducted sophisticated and large-scale hacking operations to collect sensitive U.S. business and technology information. In addition, Moscow uses a range of other intelligence collection operations to steal valuable economic data:
- In 2016, the hacker “Eas7” confided to Western press that she had collaborated with the Russian Federal Security Service (FSB) on economic espionage missions. She estimated that “among the good hackers, at least half works (sic) for government structures,” suggesting Moscow employs cyber criminals as a way to make such operations plausibly deniable.
- Moscow has used cyber operations to collect intellectual property data from U.S. energy, healthcare, and technology companies. For example, Russian Government hackers last year compromised dozens of U.S. energy firms, including their operational networks. This activity could be driven by multiple objectives, including collecting intelligence, developing accesses for disruptive purposes, and providing sensitive U.S. intellectual property to Russian companies.
- Since at least 2007, the Russian state-sponsored cyber program APT28 has routinely collected intelligence on defense and geopolitical issues, including those relating to the United States and Western Europe. Obtaining sensitive U.S. defense industry data could provide Moscow with economic (e.g. in foreign military sales) and security advantages as Russia continues to strengthen and modernize its military forces.
