Sergey Naryshkin, the director of the SVR (Russia’s civilian foreign intelligence service), wrote this in the Moskovsky Komsomolets newspaper on Wednesday:
Celebrating the SVR’s 100th anniversary this week, one imagines that Naryshkin will be elated. Gaining covert access ports to the networks of thousands of U.S. government and private entities, the SVR has scored a huge win.
An aristocrat of unquestioned loyalty to Vladimir Putin, Naryshkin has a penchant for both creative and not-so-creative deception. But he’s also deeply anti-American in ideology. So, while Naryshkin values the SVR’s traditional intelligence operations (such as its successful political influence efforts in Britain and its espionage on the Nord Stream II energy pipeline), he’ll see the SolarWinds hack as something truly special — especially terrible for the United States, that is, and especially wonderful for the SVR.
The U.S. and its closest allies believe this hack was conducted by a unit known as “Cozy Bear” — or what the U.S. government refers to as “Advanced Persistent Threat-29/APT29.” As I understand it, Cozy Bear is a segregated or “compartmented” unit of the SVR’s cyberdirectorate with a direct line of authority to Naryshkin. Most of the original analysis on Cozy Bear’s operations was facilitated by an exceptional intelligence effort by the Dutch AIVD intelligence service. In the SolarWinds case, Cozy Bear covertly inserted malware into a Solar Winds cybersecurity update to its “Orion” software. This manipulation of Orion, which is used by many U.S. government and corporate entities, allowed the SVR to establish a direct command link to the networks of various U.S. entities. While the SVR apparently only took advantage of a few dozen of its Orion access ports, it did so very effectively. The added concern is that the SVR has other, still-undetected intrusions separate from SolarWinds.
Put another way, the SVR has spent the past few months as an IT manager of various top U.S. institutions. The U.S. will have to retaliate, or Putin’s cost-benefit analysis for authorizing such operations will shift against us.
To reemphasize, this is a big win for the SVR. Naryshkin is likely to award his Cozy Bear officers with the SVR’s “distinction” medal. Yet, there’s another reason that Naryshkin will be celebrating: the timing of his win alongside the failings of his competitors. The SVR’s success comes after two exceptionally embarrassing botched operations by its main Russian intelligence service competitors.
While the SVR is succeeding with software hacks, the FSB domestic security service and the GRU military intelligence service have been embarrassing themselves with Novichok attacks. Greatly advancing my reporting on Sept. 10, the Bellingcat investigative outlet this week proved how the FSB was responsible for the August assassination attempt against Alexei Navalny. In the next 18 months, the U.S. government is also likely to expose another deniable unit of the FSB for the so-called “brain attacks” affecting U.S. diplomats in Cuba, China, and Russia. If it is made public, that attribution will almost certainly lead to new sanctions against the Kremlin.
Then, there’s the GRU, which has failed to overcome the embarrassment of its March 2018 assassination attempt against a former British intelligence agent. The GRU also seems to keep getting caught in other assassinations. The U.S. collective intelligence community’s confidence level is not high, but the GRU is also believed more likely than not to have paid insurgents to kill U.S. service personnel in Afghanistan. Again, if the GRU’s plot can be proven, Putin will suffer new sanctions.
So, although the SVR will enjoy the embarrassment that the U.S. National Security Agency is now suffering for failing to earlier detect its activity on U.S. government servers, Naryshkin will be equally happy with how the GRU and the FSB are being humiliated. The SVR, the FSB, and the GRU take their interservice rivalry to a very destructive level, undermining each other and prioritizing Putin’s short-term favor above their long-term mission sets (the SVR has a chip on its shoulder that Putin was never a member of the KGB’s foreign intelligence directorate).
The measure of this rivalry makes bureaucratic and ideological turf wars between U.S. intelligence services look like a love fest in comparison. It even leads the Russian services to sometimes leak their own intelligence successes in order to curry popular favor. But this SolarWinds win is something special.
For now, at least, Naryshkin is surely the darling of the Kremlin.
