Attacks on critical infrastructures of European – and not only – countries, train derailments and other interferences in the operation of railway networks to hacker attacks and blocking of computers at international airports were allegedly planned for a number of years and even before the war in Ukraine, Russian experts in new technologies and cyber security.

The group of elite Russian hackers even allegedly acted in the period 2016-2021 at the behest of the three Russian secret services: the military intelligence service GRU, the internal intelligence service FSB and the external intelligence service SVR.

The new facts that come to light from an international research network in which, among others, German media also participated – specifically the magazine Spiegel, the newspaper Süddeutsche Zeitung and the public network ZDF – they come from leaks of thousands of classified documents by a whistleblower, revealing the scope of extensive Russian plans for cyberattacks on multiple targets.

Penetrating European and international giants

A key role in the recruitment and coordination of the network of Russian “experts” was played by the small Russian IT company NTC Vulkan, which otherwise went unnoticed. Based on the leaks, it is interesting to note that the Russian hackers were also working for large European and international companies, such as Amazon or the German Siemens based in Munich, which even responded to the request of the newspapers that participated in the investigation that it could not provide further information for reasons of personal data protection.

Of particular concern is the case of Amazon’s subsidiary, Amazon Web Services, which is considered one of the largest cloud service providers in the world. In fact, according to SZ, the Ukrainian government is said to have been a client of this company. Vulkan employees appear to have also been hired by international travel portals and trivago.

However, the validity of the revelations that are now coming to light, as well as the authenticity of the leaked documents about shadowy Russian actions in cyberspace, are currently being confirmed by several secret services.

In a first reaction, the German Minister of the Interior Nancy Feser, speaking to Spiegel, believes that the legislative framework should be tightened as well as the controls for companies that deal with cyber security issues and are related to the smooth operation of critical infrastructure.