Ukraine hackers claim huge Kremlin email breach

  • Published
Media caption,

The pair told the BBC that hacking was "more ethical" than "killing people with guns and tanks"

Two Ukrainians have given details of emails they helped to hack belonging to top Russian officials at the Kremlin.

Several emails they claim to have cracked are linked to Vladislav Surkov, one of the architects of Russia's current political system.

He is also a key Kremlin figure in Moscow's intervention in Ukraine.

The self-styled "hactivists" claim they have no link to the Ukrainian state or security services but refuse to say how they hacked into Mr Surkov's inboxes.

In amongst the thousands of emails, a proportion of which the BBC has been given access to, are small details.

Taken together they support the notion that Russia controls the separatist authorities in eastern Ukraine, who have been fighting a war with Kiev since the spring of 2014.

Read more on Russia and Ukraine

Moscow has consistently distanced itself from the separatist militias, describing the conflict as a "civil war".

What's in the emails?

There are documents which, it is claimed, are budgets for the breakaway pro-Russian "republics" in eastern Ukraine.

There is an alleged plan for Moscow to provide fuel to the separatist-held regions to deal with shortages.

And there is a list of separatist politicians, which was apparently sent to Mr Surkov's office. The implication is that Russia has a say in who governs separatist-held eastern Ukraine.

Attached to one an email, allegedly sent by the separatist leader Denis Pushilin in January of this year, is a map of Ukraine carved up into three regions. The eastern part is marked as "Novorossiya" (New Russia). The central region is labelled "Malorossiya" (Lesser Russia).

Image caption,

An email allegedly sent by a separatist leader shows Ukraine carved up into New Russia (green), Lesser Russia (yellow) and Galicia (red)

Image caption,

Leaked documents appear to show monthly budgets for interior ministries, security structures and pensions in Donetsk and Luhansk - in Ukrainian hryvnia and Russian roubles

In the words of Eliot Higgins, a British journalist and founder of the website Bellingcat, there is "nothing in there which is individually hugely dramatic". He characterises much of the information leaked so far as "day-to-day boring business".

However, Mr Higgins believes that, taken as a whole, the emails are significant.

"We haven't seen a hack of this type before, showing so much direct linkage between the Kremlin and separatists on the ground."

Taken with previous evidence that the Russian military has been involved in the war in eastern Ukraine and supplied weapons to the separatists, Moscow's actions in Ukraine are, according to Eliot Higgins, "at this point completely undeniable".

Other emails suggest that Russia was interested in fostering discontent and organising and paying for protests in Ukraine's second biggest city Kharkiv, which lies close to the Russian border.

Could they be forgeries?

Analysts argue that the sheer volume of mundane material contained in the emails adds to the hack's authenticity.

A more colourful confirmation of the emails' credibility comes from an invitation sent to Mr Surkov in 2014, to a party at which singer Robbie Williams performed.

Image source, Getty Images
Image caption,

Robbie Williams performed in Moscow in 2014

Robbie Williams was photographed singing at the event in Moscow, which according to the email was paid for by the owner of Chelsea Football Club, Roman Abramovich.

For Ruslan Deynychenko, from the Ukrainian website Stopfake.org, the number of documents and the number of events and people mentioned make it "hard to imagine" that is has been faked.

"It is beyond reasonable doubt that the emails come from Mr Surkov's office," said Mr Deynychenko.

He thinks "there are too many documents, and too many events and people mentioned" for it to be a fake.

Image source, AFP
Image caption,

Analysts believe many of the emails emanate from staff working for key Kremlin figure Vladislav Surkov (left)

The emails leaked so far relate to two inboxes: prm_surkova@gov.ru and pochta_mg@mail.ru. The hackers say they have run checks on information in the second inbox and established that it belongs to one of Mr Surkov's staff.

The inboxes contain thousands of mundane emails, from people such as IT office workers.

The emails have the relevant coding and details of the servers they were routed through, which would be incredibly difficult to fake.

In response to the initial leak of emails last week, President Vladimir Putin's spokesman Dmitry Peskov was quoted by the Russian news agency Tass as saying Vladislav Surkov does not use email.

At a briefing with journalists he said that Mr Surkov, whom he has known for 10 years, "is always being said to have said or done something… often it is not true."

But the revelations are not expected to stop after this second leak of emails, linked to Mr Surkov, a secretive but powerful man in Moscow, sometimes referred to as President Putin's "grey cardinal".

The BBC understands the emails of two other top Kremlin officials have allegedly also been hacked and that the content of those is still to be published.

When we asked the Ukrainian hackers whether their actions were ethical, one of them laughed.

"Is it ethical to kill people with guns and tanks?" he replied. "I guess not… so hacking is more ethical than killing people."

The Russian government denies all the allegations contained in the emails and made in this article.