Summary
Overview
This episode examines Russia's GRU military intelligence unit and its sophisticated hack-and-leak operation targeting the 2016 US presidential election. The discussion traces how the GRU evolved from Cold War espionage to aggressive cyber operations, testing techniques in Ukraine before deploying them against American political targets. The episode details how GRU hackers successfully infiltrated the Democratic National Committee, the Democratic Congressional Campaign Committee, and John Podesta's personal email account through carefully crafted phishing attacks, setting the stage for one of the most consequential active measures operations in history.
Introduction to the GRU and Russian Cyber Capabilities
The episode introduces the GRU (Main Directorate of the General Staff), Russian military intelligence, as one of the world's most aggressive spy organizations. Unlike other former Soviet intelligence services that were disbanded and reformed, the GRU maintained continuity from Soviet times. The organization is known for bold, often reckless operations including poisonings, sabotage, and cyber attacks, symbolized by their sinister logo featuring a black bat with wings covering the globe.
- The GRU is Russian military intelligence, technically now called GU but still referred to as GRU, with deep roots going back decades
- The GRU maintained continuity from Soviet times, unlike the KGB which split into the FSB (domestic) and SVR (foreign intelligence)
- The GRU's seal features a sinister black bat covering most of the globe, displayed prominently at their headquarters known as the Aquarium
- GRU operations include the Skripal poisoning (2018), Crimea invasion, parcel bombings, Navalny poisoning, Montenegro coup attempt (2016), and providing money to Taliban militants
" You have to wonder what the GRU guys think they're doing at an organization that has an evil looking black bat with its wings covering the entire world. "
" I would say one of the more insane spy organizations operating today in the world. "
The Evolution of Russian Hacking: From Espionage to Active Measures
Russian cyber operations have deep historical roots, beginning with KGB operations in the 1980s. The discussion distinguishes between traditional cyber espionage (stealing secrets) and the newer, more aggressive approach of hack-and-leak operations designed to influence and disrupt. Ukraine served as a testing ground for these techniques starting in 2014, with the GRU attempting to manipulate election results and even attacking critical infrastructure like Ukraine's electrical grid.
- The first known Russian hacking case was in the 1980s when the KGB hired East German teenagers to hack into the early US research internet
- In the 1990s, the Moonlight Maze campaign became the first state-backed espionage campaign the US saw against its secrets
- By 2008, Russian hackers were being deployed alongside military operations, with APT28 (Fancy Bear) linked to the GRU
- In May-June 2014, the GRU penetrated Ukraine's Electoral Commission network and attempted to fake election results, planning to declare a nationalist leader won with 37% of the vote
- In December 2015, the GRU sabotaged Ukraine's electricity grid, causing hundreds of thousands to lose power during winter
" Ukraine of 2014 and 2015 is kind of a petri dish for the kinds of things that the Russians will end up doing in the U.S. "
📚 5 more sections below
Sign up to unlock the complete summary with all insights, key points, and quotes
Get this summary + all future The Rest Is Classified episodes in your inbox
100% Free • Unsubscribe Anytime
Sign up now and we'll send you the complete summary of this episode, plus get notified when new The Rest Is Classified episodes are released—delivered straight to your inbox within minutes.