Russia using criminal networks to operate in Europe - expert

Organised crime groups have been used to launch cyberattacks for the Kremlin, an expert on Russia security affairs says.

Moscow
Image: Cybercrime gangs with assets in Moscow are being leveraged by the Kremlin
Why you can trust Sky News

There is growing evidence that the state security apparatus in Russia is using existing criminal networks in Europe to pursue its agenda, including cybercrime gangs.

The connections between the Kremlin and organised criminal organisations operating across Europe mean that organised crime must be considered as much of a security issue as a criminal one, according to Dr Mark Galeotti.

Dr Galeotti, who is an expert on Russian security affairs and a senior researcher at the Institute of International Relations in Prague, warned of the growing problem while speaking to the European Council on Foreign Relations, a European-focused think-tank.

He said that Russian-based organised crime groups have been used to launder money, launch cyberattacks, and even carry out targeted assassinations on behalf of the Kremlin.

"Today, Russian criminals operate less on the street and more in the shadows: as allies, facilitators and suppliers for local European gangs and continent-wide criminal networks," Dr Galeotti wrote in his paper on the matter.

This has allowed the Kremlin to put pressure upon criminal organisations which have assets in Moscow and are well-placed to influence street-level gangs to carry out activities beneficial to the Kremlin.

While this predominantly means that crime groups operate as wholesale suppliers of heroin from Afghanistan, it also has ramifications when it comes to cybercrime.

More from Science & Tech

Speaking to Sky News, Dr Galeotti said it was "very clear" that the state security apparatus was leaning on existing cybercriminal assets for its own purposes.

"We've seen them being used in the massive DDoS attacks on Estonia back in 2007, and then in Georgia, and most recently in Ukraine."

DDoS (Distributed Denial of Service) attacks are a form of cyberattack in which an attacker sends the target computer server more traffic than it can handle, essentially preventing the server from responding to legitimate traffic.

In 2007, much of Estonia's government infrastructure was effectively shut down by such an attack, which the Estonian government subsequently blamed on Russia.

The attacks on the Ukrainian banking system, an activity which had both espionage and criminal intentions, was "one of the areas where we actually have seen evidence that there's fairly close collusion between the state and the cyber-gangsters," according to Dr Galeotti.

There was an interesting divide, however, in how Russian threat actors behaved, he added.

"The interesting thing is, there are two primary state hacking groups in Russia. There's one within the GRU, Russia's military intelligence, and there's also one within the Russian Federal Security Service, the FSB.

"Now, the GRU went the traditional route by hiring smart youngsters and training them up and so forth, but the FSB basically took criminal hackers and said 'Well you can go to prison or you can come and join the FSB', and not surprisingly they did the latter."

While that gave the FSB a head-start with skills, Dr Galeotti said that a series of court cases and arrests had recently taken place because these hackers have begun to carry out criminal activities on the side.

"When we see state agencies doing properly criminal activities, sometimes it's simply because they've hired criminals and guess what, they're still criminals at heart."

Sky News has requested a statement from the Russian embassy in London.