What it’s like when the Russians hack your company and turn you into a fake news conspiracy story on state TV

Vladimir Putin shooting a Kalashnikov rifle. AP
  • A year ago, the Russians hacked the Institute for Statecraft, a foreign policy think tank.
  • The non-profit company’s internal documents – including salaries and employee contact lists – were published on the web.
  • Edited versions of the documents were used for conspiracy-mongering stories by state run media organisation RT and some UK-based news sites.
  • The institute is still struggling to get back to full functionality.
  • Go to Insider’s front page for more stories.

By the time the Institute for Statecraft had been hacked, it was too late.

A large cache of the Institute’s internal documents were dumped all over the web – on Scribd, the document-sharing web site, and on Cyber Guerilla, a dumping ground for material allegedly obtained by the “Anonymous” hacking collective.

The hack was probably by the Russians, given the Scotland-based Institute’s focus on studying Russian state military and counterintelligence services, and its longstanding ties to the UK Foreign Office.

Before the Institute’s staff could figure out how much data had been taken, or how the theft was done, pro-Russian media began cranking out conspiracy theories.

The institute was a “psyop network” that “played a key role in monitoring and moulding media narratives after the poisoning of double agent Sergei Skripal,” RT said.

In another story, the “shadowy” charity “smeared” Labour party leader Jeremy Corbyn, RT insisted.

And in a third, the institute was also the “government sock-puppet” behind complaints over bias to Britain’s TV regulator.

Perhaps the worst example was a column on Medium that asked whether the Institute was “behind the Salisbury Poisoning?

The Russians were one step ahead, getting their version of the story out first

The truth was more mundane. The institute didn’t “smear” Corbyn. Rather, it had once tweeted a newspaper story that said Corbyn was a “useful idiot” because “his open visceral anti-Westernism helped the Kremlin cause, as surely as if he had been secretly peddling Westminster tittle-tattle for money.”

Anyone can complain to Ofcom about bias on TV. And, obviously, the institute did not poison the Skripals. That definitely was the Russians.

“Greetings! We are Anonymous”

The leaked documents were positioned – edited and re-ordered – as if they exposed the institute for taking taxpayers’ money and using it to publish anti-Labour propaganda.

“Greetings! We are Anonymous,” said the announcement on Cyber Guerilla.

“We have warned the UK government that it must conduct an honest and transparent investigation into the activity of the Integrity Initiative and the Institute for Statecraft … The outrageously illicit use of the British taxpayers’ money to organise a smear campaign against Jeremy Corbyn and entire Labour party must not remain unpunished!”

Institute for statecraft
The Institute for Statecraft’s website remains offline more than a year after it was hacked. Institute for Statecraft

In fact, the institute is a studious foreign policy research institute founded by ex-military men who believe that Western government officials need to be better-educated about how Russia’s spies and servicemen work. It publishes white papers and holds conferences. Its researchers brief parliamentary inquiries and write books.

Its staff pose only one danger to the Kremlin: They are dedicated to facilitating meetings between Russia experts and Western government officials whose job is to guide Russia strategy in Europe and the US. It particularly focuses on Russian “active measures” in the West, electoral integrity, and disinformation.

The hacked information was mundane – contact lists, salaries – but a goldmine for a foreign intelligence service

Ironically, as any employee of the institute will tell you, hacking is one of the main weapons Russia routinely deploys in the West.

There were six or more separate dumps of material from the Institute for Statecraft in total, made across several months dating back to November 2018. Russia Today and Channel One in Moscow, along with some UK media outlets, played it up as a big deal, exposing UK Foreign Office funding of an “infowars unit.” In reality, the documents themselves are pretty boring.

Mostly they consist of contact lists, internal salaries, and funding request forms. The kind of information that is a huge yawn in terms of news, but for a foreign intelligence service would be gold.

Many of the names and numbers in the documents are contacts for civilian and military officials in several European governments.

Chaos is the plan

It’s not clear how the hackers got into the institute’s IT systems. Most hacks occur via phishing – sending fake emails that purport to be from someone you know, to encourage recipients to give up useful access information or download malware.

They can be very sophisticated. And even when they are not, it only takes one person in an entire organisation, to make a mistake – as former White House chief of staff John Podesta found out in 2016 when his private emails to Hillary Clinton were published by Wikileaks.

But why did the hackers push a line about smearing Jeremy Corbyn’s Labour party?

That’s just how Russian counterintelligence works. While Russian spies do occasionally assassinate foreign experts and opposition spies, most of their work is disinformation.

The more we argue amongst ourselves, the less we pay attention to what’s going on in Crimea or Donetsk

They like to sow division and confusion inside opposing countries, so politicians and the media waste their time arguing among themselves rather than paying attention to what’s going on in Crimea, or Donetsk, or Salisbury.

On any given issue, Russian social media accounts will support pro and con, creating as many different divisions and debates as possible. Creating chaos, absorbing energy and time, that’s the gameplan.

And it works.

This stuff has real-life consequences. The institute’s website remains offline. (The institute did not immediately respond to a message requesting comment.)

Shortly after the hack, it was the subject of a debate in the House of Commons in which Labour MP Emily Thornberry complained that the institute may have misused taxpayers’ money to attack the Labour party – the very line suggested by “Anonymous” on the Cyber Guerilla web site.

Alan Duncan, the former Minister of State for Foreign Affairs, struggled to get her to focus on the extent of Russian disruption: “The current Russian disinformation activity is precisely the sort of disinformation that this project is designed to counter,” he said.

“It is regrettable, but perhaps rather unsurprising, that some have been fooled, and have used this to make accusations about British politics in exactly the way hoped for in this malign activity.”