Russia’s cyber espionage poses a major threat compared to most other countries as its special services have a long history of conducting cyber operations and are constantly exploring inventive new ways to breach information systems, develop malware and disguise their activities, while also continuing to use previously successful methods. They consistently invest resources in cyber capabilities and quickly learn from their mistakes, adapt their attack methods, replace exposed attack infrastructure, etc.
Examples of Russian special services’ cyber operations that were published in 2021:
- 2019–2021 Russian foreign intelligence (Sluzhba vneshney razvedki Rossiyskoy Federatsii; SVR) cyber espionage operation. SVR gained access to tens of thousands of information systems of targets through the US company SolarWinds. Other services were used in the attack. The stolen data mainly came from the US. The exact impact is still unknown. 
- 2017–2020 Russian military intelligence (Glavnoye (Razvedyvatelnoye) Upravlenie Generalnogo Shtaba Vooruzhonnyh Sil RF; GRU) cyber operation in France. 
- 2017–2021 Russian influence operations in Europe. 
- 2019–2021 Large-scale GRU cyber espionage operation to brute-force thousands of user passwords for Microsoft services. Both the public and private sectors were targeted. 
- 2021 Russian security service (Federalnaya sluzhba bezopasnosti RF; FSB) cyber espionage operations in Ukraine. 
- 2021 Repeated SVR phishing campaigns in the West. 
The targets of the Russian special services, on the other hand, still lack adequate cybersecurity measures and are more likely to address their shortcomings only after being affected by a cyber operation of significant impact. To date, the targets of cyber operations have unfortunately failed to understand the need to continually maintain and invest in cybersecurity.
Owing to the Russian special services’ activities, the Kremlin likely has a good overview of Western thinking, situational interpretations and concerns. This provides the decision-makers with suggestions on where and how to focus pressure to achieve their foreign policy goals.
Stages of a cyber espionage operation conducted by Russian special services
A simplified description of the stages of a cyber espionage operation conducted by Russian special services follows. It is a general description of the Russian special services’ cyber capabilities and does not apply to all Russian special services’ centres that are capable of conducting operations in cyberspace.