The DOJ indicted a Russian national for his role in “Project Lakhta,” a campaign to undermine the U.S. election…and mine some cryptocurrency along the way. It is the latest evidence of Russia’s willingness to use cyber criminals to conduct state-sponsored espionage.
A global pandemic, mass social unrest, economic crisis, and a divisive presidential election: there is no better time for Russia to be chumming the waters for political mayhem. And, if a newly released indictment is any indication, that’s exactly what experts say is happening.
With a little over fifty days until election day, the U.S. Department of Justice (DOJ) on Thursday charged Artem Mikhaylovich Lifshits, a Russian national, for his alleged role in a conspiracy to use the stolen identities of U.S. persons to open fraudulent accounts at banking and cryptocurrency exchanges.
Lifshits was a part of “Project Lakhta,” a Russia-based campaign of political and electoral interference operations that dates to 2014. The project encompasses a range of activities including the Internet Research Agency (IRA), which gained notoriety for disinformation campaigns around the 2016 U.S. presidential election.
Project Lakhta Endures
According to the court document, Project Lakhta’s stated goal is to “disrupt the democratic process and spread distrust towards candidates for political office and the political system in genera disrupt the democratic process and spread distrust towards candidates for political office and the political system in general.”
Lifshits worked as a manager of The Translator Department, which directed Project Lakhta’s influence operations – operations that are still ongoing, according to G. Zachary Terwilliger, U.S. Attorney for the Eastern District of Virginia.
“This case demonstrates that federal law enforcement will work aggressively to investigate and hold accountable cyber criminals located in Russia and other countries, which serve as safe-havens for this type of criminal activity,” Terwilliger said in a statement.
“Lifshits participated in this fraud in order to further Project Lakhta’s malign influence goals and for his own personal enrichment,” said Assistant Attorney General for National Security John C. Demers in a statement.
Lifshits is just the latest Russian national indicted for crimes linked to foreign interference in U.S. domestic politics. Thirteen members of the Internet Research Agency were indicted in 2018 for influence campaigns as part of Robert Meuller’s probe into Russian activities in the 2016 election. Given Russia doesn’t extradite its citizens to the US, legal maneuvers do little to stamp out the work of hackers like Lifshits, a 27-year-old living in St. Petersburg, Russia.
Russia Taps Hackers-for-Hire
Lifshits’ mixture of financial fraud and political influence allegations are characteristic of Russian cyber operations, the authorities said.
“This case provides a clear illustration of how these malicious actors fund their covert foreign influence activities and Russia’s status as a safe-haven for cyber criminals who enrich themselves at others expense,” said Assistant AG Demers.
Earlier this year, Facebook identified Russian campaigns linked to cyber criminal groups in Nigeria and Ghana. Within Russia, robust black markets for info-ops exist in which operators are driven by financial incentives, according to research by firm Recorded Future.
The issue expands beyond Russia. Even beyond the “big-four” (Russia, China, Iran, North Korea), nations in the Middle East, Asia, and South America are showing evidence that hacker-for-hire groups are on the rise.
While attribution of these campaigns to electoral outcomes is difficult if not impossible, Project Lakhta’s work demands to be taken seriously. Microsoft warned last week that China and Iran are working to move the needle on elections as well.