14 July 2017

Yandex: Tool of Russian Disinformation and Cyber Operations in Ukraine


By: Sergey Sukhankin

The recent decision by Ukrainian President Petro Poroshenko to ban popular Russian social networks VKontakte (VK) and Odnoklassniki, on May 15 (see EDM, June 7), provoked serious debate both inside Ukraine and abroad. Now that the initial anxiety over that ban has somewhat subsided, it is worth analyzing other, less commented-on but no less important, elements of the decree.

Aside from social networks, Poroshenko’s May 15 decree bans Russian Internet search engine giant Yandex, some information technology (IT) programs, as well as anti-virus software (including Kaspersky and Doctor Web) that have allegedly been undermining Ukrainian information and cyber security. According to Colonel Oleksandr Tkachuk, from the Security Service of Ukraine (SBU), approximately 300 of the largest Ukrainian companies and corporations use Russian IT programs “directly controlled by the Russian Federal Security Service [FSB]” (Espreso.tv, April 27). Moreover, the Ukrainian side has suffered huge financial losses as a direct result of using Russian products. In his interview, the head of the information security division of the National Security and Defense Council of Ukraine, Valentin Petrov, noted that Ukraine annually spends approximately one billion hryvnas (roughly $39 million) on Russian IT and software products (Ukrinform.ua, May 17).

In terms of the challenges to Ukrainian information and cyber security from Russian IT programs and software, Yandex may pose the greatest threat. Yandex has become the fourth largest online search tool in the world and enjoys unparalleled popularity in the post-Soviet space, with populations in Russia, Ukraine, Belarus and Kazakhstan being the main users. Multiple reports have alleged that the Russian special and intelligence services routinely use Yandex to “manipulate the collective and individual conscious of Ukrainian citizens” (Sprotyv.info, May 29). Reportedly, this is accomplished by implementing search tools and mechanisms that aim to prioritize anti-Ukrainian and anti-Western online content to Yandex’s Ukrainian-based users. Also, it has been argued that private Yandex e-mail accounts and other data passing through Yandex-offered web services are monitored and actively used by the FSB and Russian hackers to design effective cyber attacks against “critical infrastructure, public institutions and individuals.”

Indeed, the Kremlin has been investing heavily in putting the domestic Internet sphere (Runet) under direct government control and is attempting to subjugate the Russian IT and software industry to its own interests. The infamous “Shaltay Boltay affair” that made public a large tranche of e-mails allegedly belonging to Vladislav Surkov—the architect of the “Russian Spring”—explicitly showed the true level of dependence of the entire Russian IT industry on the FSB (see EDM, February 9). Also, recent remarks by President Vladimir Putin, comparing Russian hackers to artists and true patriots (RT, June 1), reveals the apparent attitude of the authorities in Moscow toward cyber crimes committed in the name of the Russian state.

In April, an alliance of Ukrainian independent journalists and investigators outlined the main reasons why Russian IT and software products (especially Yandex) are a dangerous weapon in the hands of Moscow. These can be summarized in three key points (Informnapalm.org, April 27): 

Yandex is fully controlled by the Kremlin. Since 2009, when the corporation was practically monopolized by the state through a deal carried out by Sberbank (a state-owned Russian banking and financial services company), the Russian state wields powerful financial leverage through which it can control internal money flows inside the Russian Federation. The key role here is played by Yandex Money, Russia’s largest electronic payment service operating on the Runet. It is worth remembering that on multiple occasions (the most well-known ones in 2011 and 2017) Moscow has used its control over Yandex Money to undercut the Russian opposition by “freezing the purses” of its leaders. 

Yandex is determined to conquer the Ukrainian market irrespectively of costs and expenditures. Notably, Yandex has been able to develop a broad range of “supplementary apps” to its popular search engine. Aside from Yandex Money and Yandex Mail, the company also offers Yandex Direct, Yandex Browser, Yandex Maps, Yandex News, Yandex Video and several others. According to research into user statistics, the outbreak of war in southeastern Ukraine (Donbas) and the illegal annexation of Crimea apparently has had very little effect on the number of users of Yandex among Ukrainians. Meanwhile, Russian expenditures on Yandex for Ukraine is counted in the tens of millions of US dollars (Vaua.org, April 5). 

Yandex is a far greater threat to Ukraine than the banned Russian social networks. Analysis by the Ukrainian experts suggests that such apps as Yandex Maps, Yandex Mail as well as Yandex Navigator are the main tools Russia uses for the purpose of cyber intelligence and espionage. Given the experience of military clashes in the Donbas region during 2014–2015 and the initial effectiveness of the Russia-backed separatists to take control of Ukrainian territory, this allegation may, indeed, ring true. Incidentally, concerns that Russia might use some Yandex apps for military purposes have been expressed by the Ukrainian side on numerous occasions (Ukrinform.ru, May 17). 

In addition to Yandex and other IT and software products, Kyiv announced that 1C Company, the leading Russian business software producer, is accused of “cyber espionage and cyber attacks” as well as connections to the Russia-backed separatist forces in Donetsk and Luhansk regions. As such, 1C Company will also be banned in Ukraine (Sprotyv.info, May 17).

In the end, two main conclusions emerge: First, Ukrainian authorities are increasingly cognizant of both apparent and less visible threats posed by Ukraine’s heavy and unconditional dependence on Russian software and IT products. However, to achieve a long-lasting effect, Kyiv will need to act much more decisively while confronting the Russian side in cyberspace. For this purpose, the creation of a single organ with a broad scope of powers and responsibilities (something akin to the Russian Roskomnadzor) might be considered. Second, every dependency is reversible. The examples of the growing popularity of Facebook in Ukraine (Watcher.com.ua, May 30) and the country’s revitalizing domestic military-industrial complex (see EDM, May 2) represent two distinct trends, both galvanized by Russia’s ongoing aggression against Ukraine. The trend toward extricating Ukraine from Russia’s socio-economic grasp is thus becoming more definitive with each passing year.

No comments: