• Research
  • Strategic Europe
  • About
  • Experts
Carnegie Europe logoCarnegie lettermark logo
EUDemocracy
  • Donate
{
  "authors": [
    "Tim Maurer",
    "Henry Farrell"
  ],
  "type": "legacyinthemedia",
  "centerAffiliationAll": "dc",
  "centers": [
    "Carnegie Endowment for International Peace"
  ],
  "collections": [
    "Cyber and Digital Policy"
  ],
  "englishNewsletterAll": "ctw",
  "nonEnglishNewsletterAll": "",
  "primaryCenter": "Carnegie Endowment for International Peace",
  "programAffiliation": "TIA",
  "programs": [
    "Technology and International Affairs"
  ],
  "projects": [],
  "regions": [
    "North America",
    "United States",
    "Russia",
    "Iran"
  ],
  "topics": [
    "Political Reform",
    "Security",
    "Foreign Policy",
    "Technology"
  ]
}

Source: Getty

In The Media

Don’t Believe What Putin Is Saying About ‘Patriotic’ Russian Hackers

With the recent allegations about Russia’s military intelligence targeting U.S. voting software suppliers, more and more details are becoming available about what looks like a comprehensive, multifaceted operation targeting U.S. elections in 2016.

Link Copied
By Tim Maurer and Henry Farrell
Published on Jun 7, 2017

Source: Washington Post

The last two days have seen two major developments regarding Russian hacking. First, Russian President Vladimir Putin tacitly admitted that Russian hackers might have influenced the U.S. election, but claimed that any hackers were just patriots, acting independently of the Russian government. Then The Intercept published a leaked NSA report stating that Russian military intelligence had tried to penetrate U.S. voting systems. Tim Maurer co-directs the Cyber Policy Initiative at the Carnegie Corporation, and is the author of the forthcoming Cambridge University Press book “Cyber Mercenaries.” I asked him a series of questions about these dramatic events.

President Putin, in an interview, suggested that patriotic Russian hackers had perhaps acted entirely independently of the Russian government. He also claimed that state hackers have never interfered with foreign elections. How credible are these claims, given your research and the newly leaked NSA report?

Many Russian hackers, including those engaged in cybercrime, are politically motivated and patriotic. It is therefore possible that they could act autonomously of the government while their actions still benefit the Kremlin. However, the January 2017 joint report of the U.S. intelligence community paints a very different picture detailing that the Russian government was directly involved in interfering with the U.S. elections in 2016. Moreover, even if Russian hackers acted independently, it doesn’t meant that Moscow couldn’t have stopped them given the power of its security services, especially after President Obama’s warnings.

Why might Putin have wanted to admit that Russian hackers were involved in the U.S. election, even if he doesn’t admit that they were likely working with the state in some way?

With the recent allegations about Russia’s military intelligence targeting U.S. voting software suppliers, more and more details are becoming available about what looks like a comprehensive, multifaceted operation targeting U.S. elections in 2016. After the Kremlin tried to deflect initial reports about the Kremlin’s involvement as “nonsense,” such attempts are losing their effectiveness as more and more details to the contrary come to light. Bear in mind that this issue is not only closely watched in the U.S. but around the world and Moscow needs to be mindful of the court of public opinion not just in Washington but elsewhere, be it Beijing, New Delhi or Berlin. With Putin now pointing to Russian hackers acting independently of the Russian government, he might be trying to maintain plausible deniability while also identifying a potential scapegoat (that he might eventually be willing to sacrifice on the geopolitical altar).

Has Russia tried in the past to take advantage of how hard it is to attribute hacks specifically to states or private actors?

Yes, absolutely. For years, there have been rumors about how Moscow has created a permissive environment for hackers to operate as long as they would refrain from hitting targets in Russia. The Kremlin’s sanctioning of such activity in turn provides the government with the ability to mobilize such private actors when needed. For example, the March 2017 U.S. indictment of three Russian and one Canadian hackers is one of the most detailed accounts of how such relationships (allegedly) work. According to the indictment, a Russian national, sought by the FBI as one of its Cyber Most Wanted, was working with two agents of the Russian FSB to hack Yahoo accounts while also being allowed to make personal profit on the side through credit card fraud, spam, and redirecting search traffic.

In your forthcoming book, you talk about three relationships that states can have with purportedly independent hackers — delegation, orchestration and sanctioning. What are the differences between these kinds of relationships?

The difference is essentially the degree of detachment between the state and the hackers. Delegation describes relationships where the state keeps the private actor on a very tight leash. Think of conventional private military and security contractors. There is a growing market of private cybersecurity contractors offering defensive and offensive tools and services with such ties to governments. Orchestration describes murkier relationships. The private actor is not under the state’s effective control but rather orchestrated by the latter and supported through funding, tools or information. Iran is a good case study for such proxy relationships, which are not unique to cyberspace and hackers but emulate states’ conventional interactions with nonstate actors. Finally, sanctioning is about what counterterrorist experts have called passive support; a situation where a state is not actively supporting a nonstate actor but knows of its existence and activities, yet does not take action against to stop them or is willing to cooperate to stop them.

Which of these relationships best describes interactions between the Russian state and non-state employed Russian hackers?

Sanctioning, or passive support, best describes the environment in Russia. The Russian government is turning a blind eye to the activities of Russian hackers as long as they focus on targets abroad. Nevertheless, Russian security agencies maintain a vast and effective network to crack down on hackers if necessary. In fact, when I met with security researchers and hackers in Ukraine in 2015, they suggested that some Russian hackers were leaving the region and moving abroad to countries in Southeast Asia and elsewhere precisely so they could worry less about the FSB showing up on their doorstep any second.

This interview was originally published by the Washington Post.

About the Authors

Tim Maurer

Former Senior Fellow, Technology and International Affairs Program

Dr. Tim Maurer was a senior fellow in Carnegie’s Technology and International Affairs program.

Henry Farrell

Authors

Tim Maurer
Former Senior Fellow, Technology and International Affairs Program
Tim Maurer
Henry Farrell
Political ReformSecurityForeign PolicyTechnologyNorth AmericaUnited StatesRussiaIran

Carnegie does not take institutional positions on public policy issues; the views represented herein are those of the author(s) and do not necessarily reflect the views of Carnegie, its staff, or its trustees.

More Work from Carnegie Europe

  • Commentary
    Strategic Europe
    Why Europe Cannot Negotiate a New Yalta with Russia

    While Russia is not ready to sue for peace on Europe’s terms, it could still either seek a ceasefire in Ukraine or try escalation. Brussels needs to prepare for both and prioritize that preparation over normative discussions.

      Kadri Liik

  • Agentic AI Anthropic bot
    Paper
    When AI Agents Attack: Autonomous Cyber Operations and Europe’s Governance Gap

    Autonomous AI agents are increasingly prevalent in cyberspace. The EU needs a real-time monitoring strategy, to invest in AI defenses, and to reduce its strategic dependence on U.S. frontier models.

      Raluca Csernatoni, Patryk Pawlak

  • Commentary
    Strategic Europe
    Taking the Pulse: Has Meloni Broken MAGA’s Civilizational Axis?

    When Giorgia Meloni very publicly rebuked Donald Trump’s disparaging remarks about her, it surprised many who saw her as a European extension of Trumpism. Is the spat a sign of trouble in the radical right’s transatlantic axis?

      • Rym Momtaz

      Rym Momtaz, ed.

  • Turkey ship Istanbul Bosporus Straits Black Sea
    Article
    Managing Montreux: Turkey and the Russia-Ukraine War in the Black Sea

    For ninety years, Turkey has been positioned as the principal gatekeeper of Black Sea security. As a result, European and NATO efforts to support Ukraine will require closer engagement with Ankara.

      Thomas de Waal

  • Commentary
    Strategic Europe
    Geopolitical Europe Needs Air-Conditioning

    Western Europe’s dual-use infrastructure melted down during its latest heat wave. If a predicted hot weather event can take the continent by surprise, what chance does it have to withstand unexpected geopolitical crises?

      • Rym Momtaz

      Rym Momtaz

Get more news and analysis from
Carnegie Europe
Carnegie Europe logo, white
Rue du Congrès, 151000 Brussels, Belgium
  • Research
  • Strategic Europe
  • About
  • Experts
  • Projects
  • Events
  • Contact
  • Careers
  • Privacy
  • For Media
  • Gender Equality Plan
Get more news and analysis from
Carnegie Europe
© 2026 Carnegie Endowment for International Peace. All rights reserved.