What Is the GRU (And Why We Should Be Very Afraid of It!)

Back in the 1980s, the West was terrified of two Soviet intelligence agencies. The first was the KGB, who ran spy rings and handled internal security (especially the border police and the gulags). It was effective but something of a blunt instrument. Even inside Russia its name was sometimes jokingly translated as Kontora Grubykh Banditov or “Office of Crude Bandits.” The KGB's main job was preserving the USSR by suppressing dissent and gathering information about foreign threats. It had a pretty merciless reputation and much of its impact came from a widespread belief that it was always watching.

The second organisation was the GRU, or military intelligence. Unlike the KGB, this was not political in origin. Its aim was to give the Russian army a spearhead for attacks on the West, either by gathering information about NATO forces, or through possible sabotage and infiltration missions. If World War Three had started, GRU teams were ready to cross Western borders and eliminate missile sites. It preferred to operate in the shadows and was largely unknown, at least until a couple of high ranking defectors started to explain its origins and operations. The GRU ran spy rings, terrorist groups, and was behind the Spetsnaz—Special Forces commandos who were (allegedly) ten time harder than the Texas Rangers on a mean day. They made ideal bad guys and got played a lot by Dolph Lundgren.

After the fall of Communism and the collapse of the USSR, the KGB re-branded itself as the FSB. Its role changed from suppressing dissent, to internal security. It used decades of blackmail material to hold the collapsing system together, without much success. When Vladimir Putin became president, its fortunes rose, and former KGB men became oligarchs with a place at the top table. The police state had turned into a ‘klepocracy.’

What happened to the GRU was much less clear. The collapse of the Warsaw Pact meant Russia’s links with its former allies were weakened, often turning hostile. It became harder for GRU to carry out a military function. When Russia went to war with Georgia, the GRU was unable to supply much information of any value. Spending cutbacks also reduced the amount of odd experimental equipment it was able to use, like midget submarines and glider tanks. In fact, as far as many people could see, the GRU pretty much collapsed and went away.

Except…

The GRU had always been responsible for electronic communications, and in particular, for intercepting satellite communications by other countries. As the need for machine-gun armed commandos declined, the GRU made use of its technological knowledge to develop an entirely new strategy, which is referred to as ‘hybrid warfare.’ Its clear that they are becoming as adept at this as they ever were at jumping out of helicopters or charging across the arctic circle with dog sleds. What’s even more worrying is that unlike conventional warfare (which you begin by declaring hostilities through your embassy) hybrid warfare is an ongoing process. Even in peacetime, it does kind of help if your rivals are disorganized.

Hybrid warfare is a very dangerous mixture of physical threat and psychological dirty tricks. It involves using cyber-attacks to destabilize your opponent, to build up opposition groups, and effectively paralyze the political conversation. This renders the enemies military capability pointless. To put it bluntly—if your banking system collapses, who do you nuke? British government Cybersecurity officials tell us they are dealing with around ten major attacks a day, many of them launches by groups connected to GRU. So how does this kind of warfare work?

In one scenario, Russian hackers could manipulate the political climate in the US, getting it to a point where it's gridlocked with internal disputes. A series of attacks on the financial sector would then create panic at home, which become a priority. If Russia then wanted to act in support of Russian nationals in a border state, it would be very hard for the US to respond.

Sounds unlikely? This is basically what happened in the Ukraine.

If this is the case, and the GRU is so dangerous—why does it seem to be working in such a completely inept way? How come its elite hackers have been caught in a van using a WiFi hotspot outside the Organisation for the Prohibition of Chemical Weapons? How come its assassination team in Salisbury were caught on CCTV camera and didn’t—you know—actually assassinate their target? Is it that the GRU are bungling idiots making very basic errors in field craft?

The quick answer seems to be—some of them are, yes. But the truth is also simpler than that. A lot of espionage work relies on luck, and exploits the most fundamental weaknesses in any system. There are still people working with sensitive material who have passwords so obvious they can be hacked. Businesses linked to government sites that have not downloaded up to date security patches and so effectively leave the door open. Hacking is sometimes electronic equivalent of walking around the building looking for an open window. But that works. As can putting nerve agent on someone door handle.

Two blown operations have made the GRU look stupid, and its likely that Colonel-General Korobov has had some very tense conversations with the president. I wouldn’t like to have been in his shoes at the time. But this should not make us too comfortable. The GRU is still a very large, technically savvy organisation, and the scale of its operations mean its successes will easily outweigh its failures. When it achieves its aims—which it does far more than I like to think about—that doesn’t make the headlines.