Surkov leaks

Document leak of Vladislav Surkov's emails
Vladislav Surkov

In October 2016, Ukrainian hacker group CyberHunta leaked over a gigabyte of emails and other documents alleged to belong to Russian political operative and senior Kremlin official Vladislav Surkov.[1] Known as Russia's "grey cardinal", Surkov served as a political adviser to President Vladimir Putin in the conflict in eastern Ukraine and is the architect of Russia's ideology of sovereign democracy.[1][2]

The document leak included over 2,300 emails from Surkov's inbox.[3] The emails illustrate Russian plans to politically upset Ukraine and the coordination of affairs with major opposition leaders in separatist east Ukraine.[4][2] The release included a document sent to Surkov by Denis Pushilin, former Chairman of the People's Council of the Donetsk People's Republic, listing casualties during 2014.[3] It also included a 22-page outline of "a plan to support nationalist and separatist politicians and to encourage early parliamentary elections in Ukraine, all to undermine the government in [Kyiv]."[5]

The Kremlin has said that the leaked documents are fake.[6]

Authenticity

Washington think tank Atlantic Council's Digital Forensic Research Lab analysed the emails. They determined that they were genuine, based partially on the routing information.[7] Independent website Bellingcat also determined the authenticity of the emails.[8]

Russian entrepreneur Yevgeny Chichvarkin confirmed that his emails from the document dump were authentic, saying "Yes, this is my original text."[7] Russian journalist Svetlana Babaeva also verified that her three emails from the leak were genuine.[9]

Kremlin press secretary Dmitry Peskov suggested that the emails did not belong to Surkov, saying that he "does not use email."[10][11] Oleksandr Tkachuk of Security Service of Ukraine stated that they had managed to "authenticate a number of documents in the release" but could not confirm the authenticity of the entire batch of documents.[12]

Publication

The leaked correspondence was obtained by alliance of hacktivists calling themselves the Ukrainian Cyber Alliance. They secured the release of thousands of emails and documents in a 1GB Microsoft Outlook data file. Which were then analyzed by a second group, Inform Napalm, an open-source journalistic investigative group, and finally published online in three batches.[13][14]

The first two batches, known as 'the Surkov Leaks' were published on the internet on 25 October and 3 November 2016, included correspondence from Surkov's office email account. The third batch was published on 2 November 2017, these contained correspondence from Surkov's first deputy, Inal Ardzinba and Kharkiv Communist Party leader Alla Aleksandrovska.[13][14] The material made available was from September 2013 to November 2014, when Russia was pursuing its 'Novorossiya' project. Inform Napalm reported that the hackers also were in possession of documents from 2015 and 2016 that were being analysed by intelligence agencies and were not released due to their operational value.[14]

New batches of emails from the leak were further published in November 2017[15] and April 2018.[16]

Contents

The document leak was a Microsoft Outlook data file (.PST) that included 2,337 emails from the inbox of Surkov's [email protected]. The released material covers a period from September 2013 to November 2014. The email address appears to have been an office account run by Surkov's aides, including "Masha" and "Yevgenia".[3] Among the documents were scans of Surkov's and his family's passports.[17] While the vast majority of the emails comprise routine briefings and schedules, a small handful are of geopolitical significance or potentially incriminating.[3] These emails illustrate Russian plans to politically destabilize Ukraine and the coordination of affairs with major opposition leaders in separatist east Ukraine.[4]

An email sent to Surkov and others on 14 June 2014 by Denis Pushilin, the former Chairman of the People's Council of the Donetsk People's Republic, contains a document listing casualties that occurred from 26 May to 6 June 2014.[3] The list of casualties includes a row for an unnamed soldier listed as "VDV Pskovsky" ("ВДВ Псковский"), a designation for a deployment of Russian Airborne Troops (VDV) from the city of Pskov.[10] Paratroopers based in Pskov were thought to be among the first of Russia's covert casualties in Ukraine in 2014. The Pskov-based 76th Guards Air Assault Division was awarded the Order of Suvorov by Putin for unspecified tasks in August 2014.[18]

An email sent to Surkov from a Russian government account on 18 June 2014 detailed the practicalities of Russia absorbing a portion of Ukraine. An email attachment included a briefing paper titled "On the Risks of an Economic Blockade of the LNR and DNR". The paper noted that 30% of the Donbas electrical supply comes from power plants in Zaporizhzhya. The document includes suggestions to supplement electrical supply in Donbas with power from the Rostov Nuclear Power Plant in Russia. The document's author also suggested increasing iron ore shipments and connecting Donbas to the Voronezh Oblast electricity grid.[19]

One of the emails to Surkov from Konstantin Malofeev[20] contained a list of recommended candidates for positions in the separatist government prior to their appointments.[7]

The documents also included a spreadsheet containing the budget for a newspaper in Donetsk.[7]

On 25 August 2014, a Russian official forwarded an email to Surkov from Russian Reporter editor Vitaly Leybin. The email bore the title "corrections in the text" and concerned a letter to the Ukrainian government from the "public representatives of the Donbas." A nearly identical article, purportedly from citizens living in Ukraine, appeared in Russian Reporter days later with only minor changes. Within the week, the letter had appeared on Russia Today and other Russian websites.[3]

One of the documents included in the leak was a 22-page outline of "a plan to support nationalist and separatist politicians and to encourage early parliamentary elections in Ukraine, all with the aim of undermining the government in [Kyiv]."[5]

See also

References

  1. ^ a b Windrem, Robert (27 October 2016). "Payback? Russia gets hacked, revealing top Putin aide's secrets". NBC News. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  2. ^ a b Hosaka, sanshiro (2019). "Welcome to Surkov's Theater: Russian Political Technology in the Donbas war". Nationalities Papers. 47 (5). cambridge: 750–773. doi:10.1017/nps.2019.70. S2CID 214289953. Archived from the original on 2022-02-13. Retrieved 2022-02-25.
  3. ^ a b c d e f Digital Forensic Research Lab (25 October 2016). "Breaking Down the Surkov Leaks – DFRLab". Medium. Atlantic Council. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  4. ^ a b Murdock, Jason (27 October 2016). "Surkov leaks: Thousands of hacked emails reportedly from high-ranking Kremlin official published". International Business Times UK. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  5. ^ a b Standish, Reid (25 October 2016). "Hacked: Putin Aide's Emails Detail Alleged Plot to Destabilize Ukraine". Foreign Policy. Archived from the original on 11 March 2017. Retrieved 11 March 2017.
  6. ^ Walker, Shaun (26 October 2016). "Kremlin puppet master's leaked emails are price of return to political frontline". The Guardian. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  7. ^ a b c d Kramer, Andrew E. (27 October 2016). "Ukrainian Hackers Release Emails Tying Top Russian Official to Uprising". The New York Times. Archived from the original on 13 August 2017. Retrieved 3 March 2017.
  8. ^ DFRLab (26 October 2016). "Breaking Down the Surkov Leaks". Medium.
  9. ^ Amos, Howard (26 October 2016). "Hackers: emails show ties between Kremlin, Ukraine rebels". Associated Press. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  10. ^ a b Sharkov, Damien (27 October 2016). "Kremlin denies Putin aide's email was hacked—'he does not use email'". Newsweek. Archived from the original on 29 October 2016. Retrieved 28 October 2016. 'I familiarized myself (with the leak),' he said. 'A curious document. I can say that it is not him.'
  11. ^ "Песков опроверг сообщения о взломе почты Суркова". Interfax (in Russian). 26 October 2016. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  12. ^ Schreck, Carl (26 October 2016). "Kremlin Brushes Off E-Mail Leak Allegedly Showing Russian Hand In Ukraine Conflict". RadioFreeEurope/RadioLiberty. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  13. ^ a b Seely, Robert; Shandra, Alya (July 2019). "The Surkov Leaks: The Inner Workings of Russia's Hybrid War in Ukraine". Royal United Services Institute. Archived from the original on 2021-10-07. Retrieved 2022-02-25.
  14. ^ a b c Bjorn, Falcon (25 October 2016). "SurkovLeaks: 1GB mail cache retrieved by Ukrainian hacktivists (English)". Inform Napalm. Archived from the original on 28 October 2016. Retrieved 28 October 2016.
  15. ^ "Осколки "Русского мира"". StopFake.org (in Russian). 2017-11-13. Archived from the original on 2017-11-13. Retrieved 2017-11-13.
  16. ^ Fisher, Lucy; Haynes, Deborah (2018-04-02). "Leaked emails expose Russian dirty tricks". The Times. ISSN 0140-0460. Archived from the original on 2018-04-02. Retrieved 2018-04-02.
  17. ^ Gallagher, Sean (27 October 2016). "Some hacked e-mails, documents from Putin advisor confirmed as genuine". Ars Technica. Archived from the original on 25 February 2022. Retrieved 15 June 2017.
  18. ^ "Russian reporters 'attacked at secret soldier burials'". BBC News. 27 August 2014. Archived from the original on 25 February 2022. Retrieved 21 June 2018.
  19. ^ MacDonald, Euan (28 October 2016). "Surkov briefed on countering Ukrainian blockade of 'separatist republics'". KyivPost. Archived from the original on 31 October 2016. Retrieved 30 October 2016.
  20. ^ "Ukrainian hackers leak emails that show ties between Kremlin, rebels | Toronto Star". Toronto Star. Associated Press. 26 October 2016. Archived from the original on 27 October 2016. Retrieved 30 October 2016.

External links

  • v
  • t
  • e
Hacking in the 2010s
← 2000s Timeline 2020s →
Major incidents
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
HacktivismAdvanced
persistent threatsIndividualsMajor vulnerabilities
publicly disclosed
Malware
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
  • v
  • t
  • e
Background
Main events
Impact and reactions
Cyberwarfare
Media
Related
  • Category