Russian hackers in the Soviet domain Hacking has long been in the public eye, news reports of foreign gangs or lone teens in bedrooms seemingly able to take down governments with a few keystrokes. One of the more recent major cyberattacks is the recent theft of credit card data from US chain Target over the December holidays, in an attack that originated in Russia.
Nor is this an isolated incident – leading online security website The Hacker News provides a section dedicated to news about the Russian hacking and cyberwarfare scene. However, is there something more to cyber attacks originating in Russia and their chosen targets? There have been a few clear examples of nationalism being the push for Russian-based cyber attacks. In 2007 the government of Estonia was subject to a DDoS attack following the moving of a Soviet war memorial, which led to protests from Estonia’s Russian communities. The same was seen again in 2008, accompanying the Russian invasion of Georgia.
While both of the aforementioned attacks were on the now-independent governments of former Soviet states, there may be further ties with the soviet Union behind many Russian hacking groups. Unlike now non-existant countries such as Yugoslavia and East Germany, the Soviet Union domain address – .su – still exists, and is still in use. On this domain one can find many nationalist or pro-Soviet websites, such as the youth group Nashi’s official page to an entire site dedicated to Stalin and his accomplishments.
Also existent on the .su domain are large numbers of hackers. Allegedly more than half of the sites engaged in cyberwarfare, attacks, and hacking use the domain name. But why? Initially, it seems that it was an issue of monitoring and laxer laws – in 2011 those in charge of the .ru domain began to enforce stricter rules on what could and could not be hosted in their authority. It then made sense for those engaged in cybercrime to migrate to the lesser-moderated .su name.
This would, then, suggest that nationalism has little to do with the choice of using .su. However, it has been suggested that .su still exists due to politics and Soviet nostalgia, and its Soviet connections seems to have some impact on the choice of some hackers to host their information with the suffix. As has been pointed out, many lesser-used and under-moderated domain names exist outside of that assigned to the Soviet Union, yet the majority of hackers based in Russia instead opt for the domain that, while assigned to a country that no longer exists, is more heavily moderated than some. While .su may provide practical advantages, it is hard to ignore the implications of sophisticated international attacks originating from a Soviet domain name.