And FSB's attack surface is less than 1% of CIA's. Much fsb work is farmed out to contractors, the offensive stuff that CIA keeps in house. CIA people chat via email, messaging and by voice. FSB people chat in person. That's why russian hackers are always traveling while CIA hackers keep having thier stuff leaked.
Great points. I don't know many details of how they operate. Someone told me they still rely on paper-based methods in order to avoid some types of electronic surveillance.
In theory, 50% offense and 50% defense should be the only budget for a sane operation.
Russia remains a black spot, due to the language/kyrilic alphabet? And they do most secret stuff with typewriters and photocopies these days, so i've heard. Snowdens revelations had a big impact there.
1) I kinda doubt Russian hackers code on typewriters.
2) Cyrillic is an alphabet, not magic incomprehensibility dust. There are plenty of Russian speakers who are not beholden to their spooks.
3) Assange has an agenda in addition and orthogonal to fighting secrecy. I'm not saying he's insincere; I'm saying that some leaks are clearly more equal than others. It would not surprise me in the least if he were to sit on some leaks in order to not piss off a source providing others, especially around hard deadlines.
It's much harder to leak Russian stuff because a lot of it is in paper form. After Snowden revelations, Russians returned to typewriters for all their top secret stuff [0]:
>A source at Russia's Federal Guard Service (FSO), which is in charge of safeguarding Kremlin communications and protecting President Vladimir Putin, claimed that the return to typewriters has been prompted by the publication of secret documents by WikiLeaks, the whistle-blowing website, as well as Edward Snowden, the fugitive US intelligence contractor.
>The FSO is looking to spend 486,000 roubles – around £10,000 – on a number of electric typewriters, according to the site of state procurement agency, zakupki.gov.ru. The notice included ribbons for German-made Triumph Adlew TWEN 180 typewriters, although it was not clear if the typewriters themselves were this kind.
>“After scandals with the distribution of secret documents by WikiLeaks, the exposes by Edward Snowden, reports about Dmitry Medvedev being listened in on during his visit to the G20 summit in London, it has been decided to expand the practice of creating paper documents.”
>Unlike printers, every typewriter has its own individual pattern of type so it is possible to link every document to a machine used to type it.
Now, their hacking tools are obviously not in paper form but I bet they're much more tightly controlled than the CIA/NSA tools. They probably have a much smaller team of people who have access to such tools so it's much harder for them to leak. It's also easier to do counterintelligence on people who do have access and you can bet every one of those people is monitored to some degree.
US has thousands of contractors who work for CIA/NSA/DIA and other intelligence agencies and many, supposedly, can easily walk out with some of the most sensitive documents that the USG possesses. [1] One of these contractors, supposedly, leaked out these files to WikiLeaks [2]. FBI is now on a hunt to figure out who it was.
Russians don't have a huge network of contractors. I couldn't find the exact figure but by a quick estimation, Russians have 100x less people doing the intelligence work. They also have much, much smaller budgets because of their economy. So it's easier for them to keep secrets from leaking.
CIA probably (most definitely?) has moles inside of FSB so FSB secrets do leak. Just not to WikiLeaks.
> Russians returned to typewriters for all their top secret stuff
That's what they're telling people, I wonder how much truth there is to it. At the very least it provides a plausible cover story for when people ask why there aren't big leaks.
I guess you don't wonder that much why there is no leaks from large criminal syndicates and criminal structures in general. So the special agencies in Russia not just derived from USSR, but also built on corruption like any other government structure.
So like in usual organised crime most of people in charge are relatives or close friends and different spheres of influence are controlled by different groups of them. Most work there to make money on corporate raid or government contracts.
There is always wars for power between different groups inside those agencies which make people working there more careful about everything they doing since others always watching. So just like most of criminals they tend to not leave tons of documents in their email.
PS: And one more reason is obviously fact that no one want to end up drinking polonium tea or just get few bullets in back. Criminals don't have problem with killing traitors or those who failed to keep secrets.
Not sure why they'd need a cover story for not having big leaks. It's not like US intentionally leaks things either. Anybody is free to try and hack their systems just the same way people hack US ones.
While it's not some magical spy software during few last years there was plenty of leaks from inside the government and recent arrests was covered pretty well by western press:
Leaks include president Medvedev personal email and his secretary email, then Vladislav Surkov secretary emails and multiple entrepreneurs related to Kremlin. Though I doubt there was a lot of interest to them outside of Russia.
Apparently, he claimed on Fox News that he had something on Trump, but that it wasn't interesting enough to release it.
Not saying that this is a regular trend or something, but it seems like there is some evidence from Assange himself that they don't publish everything they have verified.
Let's says someone sent them important documents and they wouldn't publish them for no obvious reason.
Don't you think the source wouldn't try other channels and/or go public with Wikileaks behavior?
Or more bad news for the Trump administration with evidence of communication etc coming from Russian servers? ;)
Further down someone asked: "What would be the advantage to making your exploits appear to come from other countries?". If you want to sow doubt about the validity of evidence presented this seems like a good way to do so (not that we shouldn't be skeptical given the tools available).
LOL