Last week's events concerning the pro-Kremlin disinformation campaign


US and UK intelligence accused Russia of brute cyber campaigns in a joint advisory.

Russia cybercrime gang likely behind the largest global ransomware attack to date.

To complement recent Black Sea drills, Ukraine and the US announce land military exercises.

Moscow declares several American, French, British and Czech organisations "undesirable" foreign institutions.

Good Old Soviet Joke

A mummy was found in Egypt. The archaeologists could not determine its origin. Then a Soviet advisor offered his help. The mummy was delivered to the Soviet embassy. In two hours the Soviet advisor appeared and said, "His name was Amenkhotep 23 rd."

"How did you find out?"

"He confessed," the advisor said.

Facebook Twitter

Follow us on Facebook or Twitter!

Policy & Research News

US and UK intelligence accused Russia of brute cyber campaigns

US and UK intelligence accused Russian military hackers of cyber campaigns in the United States and Europe. A joint advisory was published by the US National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the British National Cyber Security Centre (NCSC).

The campaign is focused on the collection and exfiltration of data including emails and further log-in information. Hackers try to access systems by logging in with different passwords, they are alleged to use specialist software to scale up the efforts and they use Virtual Private Networks and Tor to hide what they are doing. According to the joint advisory, “after gaining remote access, many well-known tactics, techniques, and procedures (TTPs) are combined to move laterally, evade defences, and collect additional information within target networks”. The group responsible for these attacks belongs to the 85th Main Special Service Center of the GRU, military unit 26165, which is also known as Fancy Bear, APT28, or Strontium.

Intelligence services identified hundreds of targets including British political parties and the Norwegian parliament. Both public and private sectors were targeted at least from mid-2019. Among targets were government departments and militaries, law firms, energy companies, media, political parties, higher education institutions, think tanks, etc. Russian hackers attacked cloud-based software and services such as Microsoft Office, but other service providers and on-premises email servers were not spared as well. According to Microsoft, the same campaign targeted US and UK organizations involved in political elections. Authorities suggest that the best way to deal with these threats is to use multi-factor authentication and automatically lock accounts if too many wrong guesses have been made.

Facebook Twitter

Follow us on Facebook or Twitter!

US Developments

Russian cybercrime gang likely behind the largest global ransomware attack to date

On July 2nd, the technology of American IT provider Kaseya became the target of a widespread cyber attack. As Kaseya’s technology is utilized by numerous companies across the world, the attack on its software affected 200 US-based businesses and likely over a thousand businesses worldwide, rendering this event the single largest global ransomware attack to date. However, despite the unprecedented breadth of this cybercrime, Kaseya’s CEO Fred Voccola explained that no critical infrastructure was compromised. Rather, numerous smaller organizations were afflicted, with at least 17 countries confirming businesses affected by the incident. 

The attack was conducted by the REvil cybercrime gang, a group expected to be based in Russia. While Voccola refrained from going into detail on the attack, he affirmed that it was not simply a phishing scam, instead contending “the level of sophistication here was extraordinary,” according to the Associated Press. While Biden declared that it appears the incident was not Kremlin-directed, he asserted that the US would respond if evidence emerged linking the attack to the Russian government.

To complement recent Black Sea drills, Ukraine and the US announce land military exercises

On Monday, July 5th, Ukraine and the US, in tandem with Poland and Lithuania, revealed plans to conduct a large land military drill in western Ukraine. Dubbed Three Swords-2021, the drill is slated to last from July 17- July 30 and include over 1,200 personnel. This follows last week’s announcement of Sea Breeze 2021––a series of joint naval drills in the Black Sea involving Ukrainian forces and NATO partners. 

Amid these initiatives, Russia announced on July 3 that it has begun conducting its own military exercises in the Black Sea; Russian warplanes carried out live-fire drills to practice bombing enemy vessels. Additionally, Russia announced it tested Crimea’s air defence systems. Both actions can be viewed as a response to the joint military drills between Ukraine and NATO powers and the Kremlin’s allegations that a British ship entered its territory when it passed alongside Russian-occupied Crimea––a move Putin views as a “provocation.”

Kremlin's Current Narrative

Moscow declares several American, French, British and Czech organisations "undesirable" foreign institutions

The Russian Prosecutor-General's Office declared Bard College, the American partner of the Faculty of Liberal Arts and Sciences of St Petersburg University, as one of the soon to be formally 40 "undesirable" foreign organizations in Russia. The decision mentioned that Bard College "represents a threat to the constitutional order and security of the Russian Federation." Daniil Kotsyubinsky, the instructor at the faculty, called the decision “nothing more than self-defeating state paranoia”. Several days after, 5 more organisations were added to the list of "undesirable" foreign organizations, including Future of Russia Foundation, Khodorkovsky Foundation et Oxford Russia Fund based in the UK, a French association called European Choice and a Prague-based international NGO Spolecnost Svobody Informace, Z.S.

The General Prosecutor’s Office received the request in March 2021, which mentioned that the College had alleged connections “with foreign NGOs under the control of George Soros and conducting destructive activities on Russia’s territory.” Sputnik France writes that the College has received a $500-million donation this April from the Open Society Foundations (similarly declared an “undesirable” foreign organisation in 2015).  Russian outlet Meduza found out that the initiative of including the College in the list belongs primarily to Alexander Ionov, the founder of the Anti-Globalization Movement of Russia. University of Ottawa professor Paul Robinson writes in an op-ed for RT “Unless it was based on privileged and as-yet-unreleased information, the best guess is that it reflects a growing sentiment within the Russian state that it is under siege from the West and that anything that could be a potential fifth column within Russia needs to be eliminated.”

The Moscow Times reports that Russia's Criminal Code will undergo new amendments following the adoption of a law in June, which makes it easier to open criminal cases for alleged affiliation with “undesirable” organizations. These amendments follow a statement published by the Russian Foreign Ministry earlier this year, which among other measures to counter American sanctions, mentions as a priority “halting the activities in the Russian Federation of American foundations and NGOs controlled by the Department of State and other US government agencies”.

Do you like our work?

Our effort to protect liberal democracy across Europe is dependent on private donations.

Support us

Kremlin Watch is a strategic program of the European Values Center for Security Policy, which aims to expose and confront instruments of Russian influence and disinformation operations focused against the liberal-democratic system.

For comments. suggestions or media inquiries, please contact the Head of the Kremlin Watch Program Veronika Víchová at 

Facebook Twitter
Facebook Twitter

European Values Center for Security Policy

Facebook Twitter Youtube