![](\"https:\/\/media.wired.com\/photos\/62561aad4d62eb1d9cf1c3d3\/master\/pass\/Russia-Troops-Data-Publishing-Security-1239544105.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Matt Burgess| Date: Wed, 13 Apr 2022 11:00:00 +0000<\/strong><\/p>\n Matt Burgess<\/a><\/span><\/span><\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n Names, birthdays, passport<\/span> numbers, job titles\u2014the personal information goes on for pages and looks like any typical data breach. But this data set is very different. It allegedly contains the personal information of 1,600 Russian troops who served in Bucha, a Ukrainian city devastated during Russia\u2019s war and the scene of multiple potential<\/a> war crimes<\/a>.<\/p>\n The data set is not the only one. Another allegedly contains the names and contact details of 620 Russian spies who are registered to work at the Moscow office of the FSB, the country\u2019s main security agency. Neither set of information was published by hackers. Instead they were put online by Ukraine\u2019s intelligence services, with all the names and details freely available to anyone online. \u201cEvery European should know their names,\u201d Ukrainian officials wrote in a Facebook post as they published the data.<\/p>\n Since Russian troops crossed Ukraine\u2019s borders at the end of February, colossal amounts of information about the Russian state and its activities have been made public. The data offers unparalleled glimpses into closed-off private institutions, and it may be a gold mine for investigators, from journalists to those tasked with investigating war crimes. Broadly, the data comes in two flavors: information published proactively by Ukranian authorities or their allies, and information obtained by hacktivists. Hundreds of gigabytes of files and millions of emails have been made public.<\/p>\n \u201cBoth sides in this conflict are very good at information operations,\u201d says Philip Ingram, a former colonel in British military intelligence. \u201cThe Russians are quite blatant about the lies that they'll tell,\u201d he adds. Since the war started, Russian disinformation has<\/a> been<\/a> consistently debunked<\/a>. Ingram says Ukraine has to be more tactical with the information it publishes. \u201cThey have to make sure that what they're putting out is credible and they're not caught out telling lies in a way that would embarrass them or embarrass their international partners.\u201d<\/p>\n Both the lists of alleged FSB officers and Russian troops were published online by Ukraine\u2019s Central Intelligence Agency at the end of March and start of April, respectively. While WIRED has not been able to verify the accuracy of the data\u2014and Ukrainian cybersecurity officials did not respond to a request for comment\u2014Aric Toler, from investigative outlet Bellingcat, tweeted<\/a> that the FSB details appear to have been combined from previous leaks and open source information. It is unclear how up-to-date the information is.<\/p>\n Regardless, it appears to be one of the first times a government has doxed<\/a> thousands of military personnel in one fell swoop. Jack McDonald, a senior lecturer in war studies at King\u2019s College London who has researched privacy in war<\/a>, says that, throughout history, nations have kept lists of their opponents or tried to create them. But these have often been linked to counterinsurgency efforts and were typically not made public. \u201cOpenly publishing such lists of your opponent, particularly at the scale that digital operations appear to allow, that seems very new,\u201d McDonald says.<\/p>\n While doxing is, generally speaking, one of the most toxic online behaviors<\/a> and can ruin lives, the stakes are different in war, when the gloves are essentially off<\/a>. McDonald says that publishing peoples\u2019 names and personal details during wartime is a \u201cmurky area\u201d ethically, but that there may be justification for it when linked to a military institution or war crimes. Violating people\u2019s privacy is \u201cvery low down the list\u201d of how someone may be harmed during conflict, McDonald says. He adds that verifying who is on a list and excluding the possibility that it contains incorrect information is important to not causing additional harm. Demonstrating the complexity of the issue, Google blocked access to a PDF of Ukraine\u2019s alleged lists of Russian troops in Bucha because the file violated its policies against the publication of people\u2019s private information. Asked about the decision to block the document, Google declined to comment further.<\/p>\n \u201cWhen you think about what comes after the war, these lists might be a big feature of it,\u201d McDonald says. The lists\u2014if the information they contain is accurate\u2014may provide a starting point for investigators looking into potential war crimes in Ukraine. For instance, a name could be linked to a photo, which is linked to a social media account, or footage that places someone in a particular location or event. Each piece of information could act as a tiny piece in a much larger puzzle. Researchers are already racing to save and archive thousands of TikToks, Telegram messages, and social media posts<\/a> in formats that can be used as evidence. (Although it is unlikely that Russia would extradite<\/a> anyone accused of crimes to face trials.)<\/p>\n More immediately, the lists may be useful in other ways. \u201cIt shows the Russians that they've got access to it,\u201d Ingram says. For people in Ukraine, he says, the publication of the data indicates that Ukraine\u2019s intelligence authorities are monitoring threats against them. And internationally, the information could be useful to intelligence agencies, such as the US Central Intelligence Agency or the UK's MI6. \u201cThey don't have everything,\u201d Ingram says. \u201cIt\u2019s always good to get information from a different source\u2014even if you think you have it already\u2014because what it does is it corroborates the sources that you've got.\u201d<\/p>\n Andy Greenberg<\/span><\/span><\/p>\n Tom Simonite<\/span><\/span><\/p>\n Albert Fox Cahn<\/span><\/span><\/p>\n Ukraine\u2019s use of information warfare has been lauded since Russia invaded\u2014from President Volodymyr Zelensky\u2019s videos<\/a> to the \u201cGhost of Kyiv\u201d<\/a>\u2014but it has not been the only nation actively publishing information about the war. US and UK intelligence officials have regularly been trying to disrupt Vladimir Putin\u2019s efforts by taking the unusual approach of declassifying information\u2014from revealing potential false flag operations<\/a> to publishing stats on Russian military losses<\/a>. \u201cThe purpose of that activity is to highlight the costs to the Russian population at home and to impose costs on individual actors,\u201d says Jessica Brandt, a fellow at the Brookings Institution\u2019s Center for Security, Strategy, and Technology. \u201cBut doxing, in general, makes me uncomfortable.\u201d<\/p>\n And information published by global intelligence services is only the beginning. Since the war started, Ukraine has mobilized a volunteer IT Army<\/a> that has targeted Russian websites and companies, aiming to take their services offline. Ukraine\u2019s digital ministry has also become a polished war machine<\/a>. Hactivists have also been busy<\/a>. In the early days of the conflict, the hacker collective Anonymous declared it was in a \u201ccyber war\u201d against the Russian government, and it has claimed credit for attacks that have knocked sites offline and defaced others\u2014despite the potential for unintended consequences<\/a>. This activity has led to the publication of huge volumes of information about Russian-linked businesses and government bodies.<\/p>\n Transparency activists at the group Distributed Denial of Secrets, or DDoSecrets<\/a>, have published more than a dozen data sets linked to Russia since Putin\u2019s troops invaded Ukraine in late February. \u201cPutin put a target on the back of Russian interests, and they\u2019re getting hit all at once,\u201d DDoSecrets cofounder Emma Best wrote in a statement posted to Twitter<\/a>. DDoSecrets secrets has published more than 700 gigabytes of data from the Russian government and more than 3 million Russian emails and documents, Best says<\/a>.<\/p>\n DDoSecrets also claims to have published more than 360,000 files from Roskomnadzor, the Russian media regulator; 62,000 emails from an investment firm owned by a sanctioned Russian individual; 900,000 emails from VGTRK, a state-owned broadcaster; 230,000 emails from the Russian Ministry of Culture; and 250,000 emails from the Ministry of Education. The list goes on. Best\u2019s statement says DDoSecrets is concerned with improving transparency \u201cwhere it\u2019s lacking and to publish datasets in the public interest, regardless of its point of origin.\u201d<\/p>\n \u2018Hack and leak\u2019 operations are not uncommon\u2014think of North Korea\u2019s hack against Sony<\/a>, or any number of ransomware extortions<\/a>\u2014but Russia has not often been a target of such operations. The Russian government has largely given cybercriminals based in the country a free pass as long as they don\u2019t target companies within its borders. Brandt says some of the information published has parallels to Russia\u2019s own hacking and leaking of \u201cweaponized information,\u201d citing the 2016 DNC hack<\/a> as an example.<\/p>\n Over time, the published files could prove to be a gold mine for researchers wanting to understand how the Russian state operates, including its approach to censorship and media control. They may also provide a blueprint for future information operations in other countries, or other wars. For now, though, they\u2019ve exposed Russia to an unprecedented degree. \u201cFrankly,\u201d Best wrote, \u201cwe\u2019ve never seen this much data out of Russia before\u201d<\/p>\n