10:12 Oct. 26, 2016
What the leaked inbox of the Kremlin's "Grey Cardinal" tells us about the war in the Donbas
a Ukrainian hacker group called "Cyber Hunta" released a cache of emails linked to the Kremlin's "grey cardinal" — Vladislav Surkov. This political operative is well known in the West as the creator of Russia's "sovereign democracy" and has been the point-man for Russia's management, and sometimes direct control, of the so-called states of South Ossetia, Abkhazia, and the self-declared Donetsk and Luhansk People's Republics.
The hacked inbox was for firstname.lastname@example.org, which was handled by his secretaries or assistants, including a "Masha" (Mariya) and "Yevgenia" (last names unclear). The majority of the emails are briefings from Surkov's assistants, such as Aleksandr Pavlov. Some of these briefings include:
— "Information about the current internal political developments in the Republic of Abkhazia, Republic of South Ossetia, Ukraine, and the Republic of Moldova"
— "Ukraine: a calendar of announced events"
— Weekly briefing: "current picture of the situation in Ukraine"
— Weekly briefing: "Abkhazia and South Ossetia: events of the day, that have caught public attention"
However, there are also some bits of revealing information hidden under piles of minutiae, including a list of casualties in the Donbass sent from a high-ranking separatist official, expense reports for a government office in Donetsk, and requests for edits on documents that later be published under the guise of independent individuals.
After the release of the emails, and a previous publication of a PDF file and screenshots of the inbox, there were reasons to doubt the authenticity of the hack. The Ukrainian Security Service (SBU) stated that the hacks were authentic, but this is hardly a reliable indication. However, with the publication of a nearly-1gb Outlook data file (.PST) (including the inbox, outbox, drafts, deleted email, spam, etc.), it is fairly clear that the emails are authentic. It is quite easy to fake screenshots, PDF documents, and other files, but faking email inboxes is quite difficult. Within the email files (.MSG files, in this instance) is header information, which shows us the "history" of each email — where it originated, which servers it moved through, and so on.