Russia descended into chaos following the fall of the Berlin Wall and the dissolution of the Soviet Union in 1991, resulting in the dissolution of the infamous Committee for State Security (KGB). While the West emerged victorious from the Cold War, the threat of the West only grew for the newly formed Russian Federation.
For Boris Yeltsin, the first president of the Russian Federation, there was a pressing need for a powerful security service abroad to actively work to prevent threats. Out of this need and a proactive defensive strategy in responding to NATO’s eastward campaign, the Federal Security Service (FSB) was founded in 1995.
When Vladimir Putin became the President, he strengthened the intelligence services and bolstered the operational agility and freedom of the FSB and Foreign Intelligence Service of the Russian Federation (SVR) after the turn of the century. All of this occurred while Westerners believed the intelligence war was over.
Currently, the Russian security and intelligence agencies continue to actively engage in intelligence operations abroad, and the effects of these operations are very evident in international politics. This post will list the top 5 Russian security and intelligence agencies currently active in the cyber universe.
1. Federal Security Service (FSB)
The Federal Security Service (FSB), which reports directly to Russia’s President, is the country’s primary domestic security agency, in charge of internal security and counterintelligence, as well as other aspects of state security and intelligence gathering in some countries, primarily those of the Commonwealth of Independent States (CIS).
Its missions include defending Russia against foreign cyber operations and monitoring domestic criminal hackers, which it does in collaboration with the Ministry of Internal Affairs’ Department K. In recent years, the FSB’s mission has been expanded to include foreign intelligence collection and offensive cyber operations.
Cyber experts have dubbed FSB hackers Berserk Bear, Energetic Bear, Gamaredon, TeamSpy, Dragonfly, Havex, Crouching Yeti, and Koala. Two main centers reportedly oversee the FSB’s information security and cyber operations. The 16th Center, which houses most of the FSB’s signals intelligence capabilities, is the first. The 18th Center for Information Security, which oversees domestic operations and security but conducts foreign operations, is also part of the FSB.
According to media reports, FSB units can manufacture advanced malware tools and have been documented manipulating exposed malware to imitate other hacking teams and hide their activities. According to reports, the FSB is in charge of training and research institutes that support the FSB’s cyber mission. According to media reports, the FSB has close ties to criminal and civilian hackers, which it reportedly uses to augment and staff its cyber units.
2. Foreign Intelligence Service (SVR)
The Russian Foreign Intelligence Service (SVR) is the country’s main civilian foreign intelligence agency tasked with gathering information outside the CIS. It reports directly to Russia’s President. It is in charge of gathering foreign intelligence via human/electronic signals and cyber methods while maintaining strict secrecy.
Most cyber operations allegedly linked to the SVR have centered on intelligence gathering. The SVR is also known for having advanced technical skills, frequently attempting to gain and maintain access inside compromised networks. SVR hackers have been dubbed APT 29, Cozy Bear, and the Dukes by cyber experts.
3. Federal Protective Service (FSO)
The Federal Protective Service (FSO) is an agency tasked by law to ensure the physical and electronic security of many high-ranking government and state officials, including the Russian President. It reports directly to Russia’s President. The FSO is primarily responsible for defending Russian government networks and has extensive electronic capabilities to ensure that Russian government communications are secure.
4. GRU
The Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU), formerly the Main Intelligence Directorate, is Russia’s primary and largest military intelligence agency, in charge of the country’s military intelligence service and special forces.
Its mission is to ensure that the President of the Russian Federation’s authority in mobilization training and mobilisation in the Russian Federation is carried out according to Federal Law. According to reports, GRU cyber units control several research institutes that aid in developing hacking tools and malware. These units have been dubbed APT (Advanced Persistent Threat) 28, Fancy Bear, Voodoo Bear, Sandworm, and Tsar Team by cyber analysts.
5. Internet Research Agency
The Internet Research Agency, or Glavset in Russian Internet slang, is a private organization based in Olgino founded in mid-2013 with funding from Kremlin-connected oligarch Yevgeniy Prighozin and has supported Russian government disinformation and propaganda operations.
This group, also known as a troll farm or troll factory, engages in online influence operations on behalf of Russian business and political interests, primarily through social media channels, and focuses on disinformation by impersonating domestic activists and people. The terms “Olgino’s trolls” and “Trolls from Olgino” have become generic terms for this group’s trolls who spread pro-Russian propaganda.