On sale now at amazon.com

Putin's Mafia Statecraft

By Brian Whitmore
October 27, 2015

In the past couple years, Russian hackers have launched attacks on a French television network, a German steelmaker, the Polish stock market, the White House, the U.S. House of Representatives, the U.S. State Department, and The New York Times.
And according to press reports citing Western intelligence officials, the perpetrators weren't rogue cyber-pranksters. They were working for the Kremlin.
Cybercrime, it appears, has become a tool of Russian statecraft. And not just cybercrime.
Vladimir Putin's regime has become increasingly adept at deploying a whole range of practices that are more common among crime syndicates than permanent members of the UN Security Council.
In some cases, as with the hacking, this involves the Kremlin subcontracting organized crime groups to do things the Russian state cannot do itself with plausible deniability. And in others, it involves the state itself engaging in kidnapping, extortion, blackmail, bribery, and fraud to advance its agenda.
Spanish prosecutor Jose Grinda has noted that the activities of Russian criminal networks are virtually indistinguishable from those of the government.
"It's not so much a mafia state as a nationalized mafia," Russian organized crime expert Mark Galeotti, a professor at New York University and co-host of the Power Vertical Podcast, said in a recent lecture at the Hudson Institute.
Hackers, Gangsters, And Goblins
According to a report by the FBI and U.S. intelligence agencies, Russia is home to the most skilled community of cybercriminals on the globe, and the Kremlin has close ties to them.
"They have let loose the hounds," Tom Kellermann, chief security officer at Trend Micro, a Tokyo-based security firm, told Bloomberg News.
Citing unidentified officials, Bloomberg reported that Russian hackers had stepped up surveillance of essential infrastructure, including power grids and energy-supply networks, in the United States, Europe, and Canada.
Dmitri Alperovitch, co-founder of the security firm CrowdStrike, noted recently that the Russian security services have been actively recruiting an army of hackers.
"When someone is identified as being technically proficient in the Russian underground," a pending criminal case against them "suddenly disappears and those people are never heard from again," Alperovitch said in an interview with The Hill, adding that the hacker in question is then working for the Russian security services.
"We know that’s going on," Alperovitch added.
And as a result, criminal hackers "that used to hunt banks eight hours a day are now operating two hours a day turning their guns on NATO and government targets," Kellermann of Trend Micro told The Hill, adding that these groups are "willingly operating as cyber-militias."
The hacking is just one example of how the Kremlin effectively uses organized crime as a geopolitical weapon.
Moscow relied heavily on local organized crime structures in its support for separatist movements in Transdniester, Abkhazia, South Ossetia, and Donbas.
In the conflict in eastern Ukraine, organized crime groups served as agents for the Kremlin, fomenting pro-Russia unrest and funneling arms to rebel groups.
In annexed Crimea, the Kremlin installed a reputed gangster known as "The Goblin" as the peninsula's chief executive.
And of course there is the case of Eston Kohver, the Estonian law enforcement officer who was investigating a smuggling ring run jointly by Russian organized crime groups and the Russian Federal Security Service.
Kohver was kidnapped in Estonia September 2014, brought across the Russian border at gunpoint, and convicted of espionage. He was released in a prisoner exchange last month.
The Geopolitics Of Extortion
But Putin's mafia statecraft doesn't just involve using and colluding with organized crime groups.
It often acts like an organized crime group itself.
In some cases this involves using graft as a means of control. This is a tactic Moscow has deployed throughout the former Soviet space, involving elites in corrupt schemes -- everything from shady energy deals or money-laundering operations -- to secure a "captured constituency."
This is a tactic Russia attempted to use in Georgia following the 2003 Rose Revolution and in Ukraine after the 2004 Orange Revolution, where "corruption and shadow networks were mobilized to undermine the new leadership's reform agenda," according to James Greene in a 2012 report for Chatham House.
This was particularly successful in Ukraine, where opaque gas deals were used "to suborn Ukraine's post-Orange Revolution new leadership," Greene wrote.
And Putin is clearly hoping to repeat this success in eastern Ukraine today -- especially after elections are held in the rebel areas of Donbas.
"His bet in the eastern Ukraine local election, if it ever takes place, won't be on the rebel field commanders but on local oligarchs who ran the region before the 2014 'revolution of dignity.' Through them, he will hope to exert both economic and political influence on Kiev." political commentator Leonid Bershidsky wrote in Bloomberg View.
In addition to graft, Moscow has also effectively utilized blackmail -- making the international community a series of offers it can't refuse.
It's a neat trick. First you create instability, as in Ukraine, or exasperate existing instability, as in Syria.Then offer your services to establish order.
You essentially create demand -- and then meet it. You get to act like a rogue and be treated like a statesman.
It's how protection rackets operate. And it has become one of the pillars of Putin's foreign policy.
"It’s the geopolitics of extortion, but it’s probably working," Galeotti told Voice of America in a recent interview.
"He’s identifying a whole series of potential trouble spots around the world, places that matter to the West, and is essentially indicating that he can either be a good partner, if they’re willing to make a deal with him, or he can stir up more trouble."

Ex-head of Russia’s Komi Republic to remain in detention

RIA Novosti, Vitaliy Belousov

MOSCOW, October 21 (RAPSI) – The Moscow City Court on Wednesday upheld the detention of Vyacheslav Gaizer, former head of Russia’s  Komi Republic who stands charged with fraud and organized crime related violations, RAPSI reported from the courtroom.
Gaizer will remain in jail until November 18.
Defense lawyer Oleg Lisayev asked the court to place his client under house arrest because Gaizer suffers from several diseases which may result in serious consequences such as infarct, stroke, gastrorrhagia or active gastric ulcer.
Earlier, the Investigative Committee reported terminating the activity of a criminal group led by the head of the Republic of Komi, Vyacheslav Gaizer.
Nineteen people are defendants in the case, including Gaizer’s deputy and Igor Kovzel, Chairman of the Republican State Council, and Konstantin Romadanov, Deputy Chairman of the Komi government.
Gaizer denies the charges. Several high-ranking officials have been arrested in the fraud and organized crime case, as well as several business people that the Investigative Committee called “finance technologists.”
During 80 searches in Komi, St. Petersburg and Moscow, the Investigative Committee and the Federal Security Service confiscated over 60 kg of jewelry, 150 watches worth $30,000 to $1 million each, over 50 stamps and seals from offshore corporations, and financial documents legalizing over 1 billion rubles ($16 mln) in stolen money transferred to the offshore zone.
Investigators have also opened against Gaizer a criminal case on money laundering.

On September 30, President Vladimir Putin signed a decree to relieve Gaizer of his duties because of loss of trust.

Interpol: Cyber Crime from Russia, E. Europe Expands

Sophisticated attacks on banks, handhelds increasing

BY: Bill Gertz 

Cyber crime originating from Russia and Eastern Europe is increasing in both scale and sophistication, according to a senior Italian police investigator.
“The way cyber crime has changed criminality is the biggest challenge for us. It is a huge challenge to face this criminal phenomenon,” said Paolo Sartori, who works with Interpol in Romania against cyber crime in Russia and Eastern Europe.
Cyber crime is even changing the nature of traditional organized crime groups who are using hackers to make fast, relatively easy money.
Sartori, speaking at a cyber security conference in Lugano, Switzerland, outlined the nature of Russian cyber crime activities that are increasingly focusing on the use of malicious software in handheld devices, as well as through cyber extortion and theft of credit card numbers. The two-day conference was hosted by Franklin University Switzerland and KNC consulting.
Authorities also are concerned about the ability of terrorist groups to conduct cyber attacks.
“We are very concerned about attacks against military and civilian infrastructures, denial of service, recruitment, propaganda, training, financing, and operational logistics support to terrorist groups and extremist movements,” Sartori said.
However, cyber crime is exploding as computer and software engineers turn to crime in Eastern Europe, Russia, and many of the former Soviet states where legitimate jobs are scarce and law enforcement and legal systems are ill-equipped to address the problem.
Sartori said six of the top 10 countries that experienced the most Internet fraud were located in Eastern Europe and the former Soviet Union.
Two new schemes for cyber criminals are cyber extortion and mobile bank account application hacking.
“Cyber extortion is one of the fields they are very, very active,” Sartori said.
In cyber extortion, hackers remotely take over a company computer network and then offer to release the control for a fee that is often less that it would cost the company to have the problem repaired.
“Many firms choose to comply with the demand rather than taking the risk of losing customers,” Sartori said.
Another indicator of the growth of cyber crime is the fact that software Trojans that can break into computer networks have decreased in cost from around $250 several years ago to as little as $50 today.
“This means that many, many criminals are now appearing in the criminal field,” Sartori said.
Cyber criminals also seek to protect their reputations for selling quality stolen products. For example, one group was selling stolen Platinum and Gold MasterCards for $35 each.
Russian hackers also have been successful in breaking into ATM cash machines and having them issue money.
On mobile applications, “originating from Russia we saw a significant increase in the number of mobile applications designed to steal money from bank accounts,” Sartori said. “And the majority of the attacks on bank accounts focused on the Android smart phone.”
Cyber criminals from Eastern Europe also are active in hacking Bitcoin, an untraceable crypto currency used online.
Several recent investigations succeeded in taking down a Ukrainian cyber crime ring that targeted U.S. banks in Puerto Rico and Oman. Stolen data from bank clients was used to clone credit cards.
Another operation busted a Romanian hacker group that carried out more than 34,000 fraudulent bank withdrawals between February and December 2013. A third case involved hackers from Latvia, Romania, and Russia who created a virus the affected over a million computers.
Criminal hackers also are hiring themselves out. The cost to hire a criminal hacker is between $100 and $300 for cyber attacks on business computers. The hackers for hire avoid breaking into government and military computers because it is too dangerous and the profitability is lower.
Sartori said Russian banks and financial institutions that two or three years ago were very difficult to work with investigators in the west appear to be trying to be more open with authorities. Reported losses for Russian banks from cyber attacks reached $68 million, he said, noting that cyber attacks on Russian banks total more than 300,000 operations.
In Russia, authorities estimate about 20,000 people are engaged in cyber crime activities, mainly involving bank fraud, along with cyber extortion schemes, and fake pharmaceutical email scams.
The Russian hackers also are hiring English speakers to sound more credible and to improve communications.
One of the reasons for the rise in cyber crime is the low rate of prosecution and punishment. For example, in Ukraine, of the 400 people arrested for Internet and bank fraud, only eight were convicted.
The region also has a large pool of people with very advanced information technology skills. Cyber criminals “are very well prepared and very well motivated,” Sartori said, noting that some arrests involved catching hackers at universities who were on the way to take exams.
In Russia, the lack of legitimate high-tech jobs is another cause for increased cyber crime rates.
“In Russia and other former Soviet Union and Eastern European economies, top university graduates are reportedly paid by organized crimes up to 10 times more than from legitimate jobs,” he said.
One hacker confessed that hacking remains one of the few good jobs left in Russia.
Additionally, another problem contributing to cyber crime is that hacking is culturally accepted in the east. “It’s not considered a crime in the countries. It’s regarded as just another job,” Sartori said. “There is not a culture to consider these guys as criminals, as robbers, as killers. They are considered professionals as others.”
Police charged with tracking and halting the cyber crime group face difficulties from the small and flexible structure of the crime groups, which can often be as small as five people, operating from different European countries.
“They are organizing very efficient global teams and supply chain management,” Sartori said. “They are very well adapted to global strategies and global collaboration between different groups.”
The wide range of crime activities from the region include email spam, child pornography, fraud and phishing, cyber extortion, disclosure of personal and confidential data, compromise of resources and web defacements, compromise network systems and websites, denial of service, and unlawful e-commerce and services.
Cyber criminals collaborate with counterfeit product makers in China and Asia, as well as in Russia and former Soviet republics.
The use of malware through infected Internet Protocol addresses and URLs is another tool for cyber criminals.
The use of anonymization tools, like Tor, and encryption are making it difficult for authorities to counter the problem.
The combination of operating from several different countries and having a flexible organization makes it “very hard for us to focus on where they are working because they have their headquarters in one country but other people are working in another country. So this is one of the problems that we have,” the Interpol investigator said.
Within cyber crime groups, members are assigned specialized roles, such as creating malware, cracking into networks, handling security credentials, and laundering the proceeds of the crimes.
Like traditional crime groups, cyber criminals conduct predatory operations then leave, often without leaving traces of their activities.
Proceeds from the criminal activities also are not invested in locations where the crimes were committed.
Sartori said authorities in Europe are seeking to increase the specialization of their investigators charged with counter cyber crime and setting up international joint teams.
Last month a Russian man pleaded guilty to cyber crime charges involving attacks on payment processors, retailers, and financial institutions that netted over 160 million stolen credit card numbers.
The hacker, Vladimir Drinkman, admitted to the global hacking activities to U.S. authorities.
The Justice Department said the Drinkman case was the largest hacking case prosecuted in the United States. His crimes cost an estimated loss of $300 million to people and companies.
“Our close cooperation with our international partners makes it more likely every day that we will find and bring to justice cyber criminals who attack America — wherever in the world they may be,” said Assistant Attorney General Leslie Caldwell. “I am confident that this type of international cooperation that led to this result will be the new normal.”
Two other men in the case are being sought by authorities, and a third, Dmitriy Smilianets, has been in federal custody since 2012.

Russian Whistleblower ‘May Have Been Murdered by Spies’, Says Barrister

A Russian whistleblower who died unexpectedly while jogging may have been poisoned by Russian spies with a rare toxin from the gelsemium elegans plant, a pre-inquest hearing was told on Monday.
Perepilichnyy, who reportedly received death threats for blowing the whistle on an alleged multi-million dollar tax fraud scheme by Russian officials, was said to be healthy prior to the incident.
Not long after Perepilichnyy’s death in 2012, lawyers for the investment fund Hermitage Capital Management suggested the supergrass could have been murdered for helping them reveal the story of a stolen multimillion.
Perepilichnyy had worked with Hermitage Capital to expose a group of high-profile Russian tax executives, giving details of US$ 230 million allegedly embezzled in a huge money laundering operation.
A pre-inquest hearing was told Monday that Federal’naya Sluzhba Bezopasnosti (FSB), Russia’s security agency, could have been involved in his death.
Representing Hermitage Capital, Geoffrey Robertson QC told the coroner: “We will not be seeking to put forth any information that is irrelevant.
“A Russian dies in Britain, that is not relevant. If that Russian dies by an obscure poison known only by the FSB, that is relevant.
“The FSB is the core element of Russian Government that was involved in the [Alexander] Litvinenko case and may well be involved in this case. It is a secret service that Hermitage has upset and [has] left itself open to reprisals.”
Barrister Henrietta Hill QC claimed at a previous hearing that Perepilichnyy was on an underworld hit list.
She compared his case to those of Sergei Magnitsky, an auditor for Hermitage Capital who died in police custody, and Alexander Litvinenko, a murdered Russian spy who specialized in tackling organized crime.
Bill Browder, co-founder of Hermitage Capital, told the Guardian he had repeatedly told authorities that Perepilichnyy’s death was suspicious.
Browder claims he had been given unconfirmed reports that a needle puncture was found on Perepilichnyy’s neck.
However, the family of the late businessman has claimed there is no evidence to suggest Perepilichnyy was murdered.
The pre-inquest hearing also heard that tests to confirm substances found in Perepilichnyy’s stomach were still underway.

A further pre-inquest hearing will take place in November and the full inquest is expected to begin, at the earliest, in February of next year.