MOSCOW — A gigabyte of leaked emails this week to a top aide of Russian President Vladimir Putin reveal direct political and financial ties with pro-Russian separatists in eastern Ukraine.
Putin has consistently denied any connection to the separatists, whether with military or financial support. Fighting has raged in eastern Ukraine for two years, since rebels in the Donetsk and Lugansk regions proclaimed their independence from Ukraine and sought to join Russia. More than 9,600 people have been killed.
A Ukrainian group calling itself CyberHunta hacked into the account of an assistant to presidential aide Vladislav Surkov and uploaded more than 2,000 emails this week. Surkov, although under sanctions for his role in the separatist conflict, traveled this month to Berlin alongside Putin for a summit on Ukraine.
The hacked emails include a June 2014 list of casualties from the separatist Donetsk People’s Republic (DNR) in eastern Ukraine, sent by then-chairman, Denis Pushilin. Another email from Pushilin that same month listed expenses to set up DNR’s Ministry of Information.
Kremlin spokesman Dmitry Peskov dismissed the emails as fake in comments to Russian news agencies, saying that Surkov does not use email. But Ukraine’s National Security Service said Wednesday that the emails were real.
The leaks followed reports from U.S. intelligence agencies that Russia was responsible for a series of hacks on American officials. Some analysts suggested the Surkov leaks could be a retaliation.
Vice President Biden told NBC’s Meet the Press this month that the United States would be “sending a message” that Putin would recognize.
“He’ll know it,” Biden said. “And it will be at the time of our choosing. And under the circumstances that have the greatest impact.” U.S. intelligence officials told NBC News of plans for unprecedented cyber covert action against Russia.
“Although we are a long way from having any evidence of this — if we ever will — I cannot help but wonder if this is the kind of response that U.S. policymakers have been hinting at, following the various hacks blamed on Russia, either working through Ukrainians or simply handed to them,” said Mark Galeotti, senior researcher at the Institute of International Relations in Prague.
“This kind of a leak is enough to warn the Russians than the USA has certain capabilities and is willing to use them," he said. "Welcome to the world of proxy cyberwars.”
The separatist conflict broke out in Ukraine in spring 2014, after Russia annexed Ukraine’s breakaway Crimea. This came after months of protests that had brought down the government of Putin-ally Viktor Yanukovich and replaced him with a more pro-Western government headed by Ukraine President Petro Poroshenko.
The leaked correspondence includes a PDF with a list of vetted candidates for leadership of the Donetsk republic, sent in May 2014 by an employee of a company owned by Russian oligarch Konstantin Malofeyev, who allegedly financed pro-Russian separatists.
Pushilin was suggested for parliamentary speaker, and Igor Strelkov, the military commander of the rebel forces, was recommended for defense minister.
Although there was no other evidence of interaction between Putin aide Surkov and Malofeyev’s employee, three days later — when the DNR government was announced — both Pushilin and Strelkov landed the posts suggested in the email.
Surkov served as deputy chief of staff and then first deputy from 1999 to 2011 and was widely responsible for Kremlin ideology during that stint. Since 2013, he has been an aide to Putin, responsible for ties with Ukraine as well as two republics that declared their independence from former Soviet Georgia in 2008.
The hackers also posted screenshots of a document from another account linked to Surkov, a seven-page plan to “destabilize the socio-political situation in Ukraine.” Unlike the other emails, which experts say are unlikely to be fake given the amount of detail they contain, the authenticity of this document has come under question.
Aric Toler, an analyst from the Atlantic Council’s Digital Forensic Research Lab, said he was able to authenticate the bulk of the emails. “They didn’t get to Surkov directly,” he said of the hackers. “They got into the inbox handled by his assistants.”
Toler, however, had doubts about the authenticity of the destabilization report, which CyberHunta said came from a personal account of Surkov.
“I’ve seen no evidence that it's real,” Toler said in a message to USA TODAY. “It could be — the hackers have promised to release more emails later on — but this document (if it is real) was sent after the end of the inbox that has been leaked.”