For years, Dmitriy Sergeyevich Badin sat atop the FBI’s most wanted list. The Russian government-backed hacker has been suspected of cyber attacks on Germany’s Bundestag and the 2016 Olympics, held in Rio de Janeiro.
A few weeks into Russia’s invasion of Ukraine, his own personal information—including his email and Facebook accounts and passwords, mobile phone number and even passport details—was leaked online.
Another target since the war broke out two months ago has been the All-Russia State Television and Radio Broadcasting Company, known as a voice of the Kremlin and home to Vladimir Solovyov, whose daily TV show amplifies some of the most extreme Russian government propaganda.
On March 30, almost a million emails spanning 20 years of the broadcaster’s history were leaked onto the internet.
The unveiling of their secrets was part of a widespread assault taking place in cyberspace, as Russian companies and government bodies were swarmed by hordes of pro-Ukrainian hackers, many of them new and previously unknown players to cyber-security experts.
The result has been hundreds of millions of documents spilling out from targets as varied as Transneft, a huge oil pipeline operator close to the Russian government; Russia’s Ministry of Culture; Belarusian power supplier Elektrotsentrmontazh; and an arm of the Russian Orthodox Church that has backed the war in Ukraine.
“Russia is being hacked at an unprecedented scale by a lower tier of attacker, and there are tens of terabytes of data that’s just falling out of the sky,” said Juan Andres Guerrero-Saade, principal threat researcher at SentinelOne, a cyber security group.
“Historically, [Russia] was being systematically popped by a higher tier—the Five Eyes [intelligence alliance comprising the US, UK, Canada, Australia, and New Zealand] and Chinese government—but right now, the breadth of leaks is just breathtaking,” added Guerrero-Saade.
For more than a decade, Ukrainian government, financial and other systems were pummeled by Russian state-backed hackers. Only in recent years—with the backing of the US government, the intensive training of its own security agencies and the support of a volunteer army of local computer programmers—have Ukrainian defenses matched Russian aggression.
Now, Russia itself is being hunted in the cyber arena by pro-Ukraine hackers, opportunistic criminal groups and, as some security researchers suspect, government-backed entities from western countries.
Some have banded together in relatively simple “denial of service attacks,” which bombard Russian websites with traffic in order to take them down. In response, Russian companies from banks to railway ticketers and media outlets temporarily fenced themselves off the global internet, ensuring their sites could only be accessed from within Russia.