Emma Best, better known as the leader and cofounder of freewheeling leaking organization Distributed Denial of Secrets (DDoSecrets), hasn’t been sleeping much lately. That’s partly because of the doom-laden news cycle of war, pandemic, global warming and more war. But it’s also because Best is doing something that’d give anyone’s frayed nerves an extra jolt: joining in the information war being fiercely fought online by Russia and Ukraine.
On Thursday, Best’s Wikileaks-esque entity published what it claimed was a huge trove of files stolen by a member of the Anonymous hacktivist collective from Russia’s censorship agency, Roskomnadzor. That includes a massive number of emails and attachments. Forbes last week looked at how Roskomnadzor has demanded that American companies—Google, in particular—censor content over the last decade, from Ukrainian protests on YouTube to content from the Jehovah’s Witnesses, deemed a terror organization in Russia. If its internal data has been spilled online, it could expose just how far its internet censorship extends.
The agency hadn’t responded to a request for comment at the time of publication.
The data in the Roskomnadzor leak appears significant at over 800 gigabytes, totaling 340,000 files in the first batch released today. They don’t cover Roskomnadzor’s national operation, but within the Russian Republic of Bashkortostan, the country’s most populous republic (though one that doesn’t have autonomy).
DDoSecrets is getting the information out now, as it fears Russia could soon be cut off from the wider internet. In recent days, major internet backbone providers have pulled out of the country, threatening its connectivity to servers outside of Russia. “The source, a part of Anonymous, urgently felt the Russian people should have access to information about their government. They also expressed their opposition to the Russian people being cut off from independent media and the outside world,” DDoSecrets’ release read.
When asked whether they were worried about entering the information war at such a critical time, and by publicly releasing information from a Russian government body, Best—who uses the pronoun “they”—simply pointed Forbes to a GIF of a cute animated monster hitting a keyboard, and a message from her Twitter profile that read: “Бáба-Ягá UwU,” or, in English, “Baba Yaga UwU.” Baba Yaga is an enigmatic character from Slavic folklore, often depicted as a fierce woman. UwU is an emoticon for a cute face. The jokey oxymoron signifies Best’s sometimes arch nature, combined with the knowledge that they’re doing something that’s likely to upset certain authorities.
It’s not the first time DDoSecrets has leaked data on Russia. In 2019, it published a massive cache of emails and files that Best’s organization said came from Russian politicians, journalists, oligarchs, religious figures and nationalists/terrorists in Ukraine.” Much of it focused on Russia’s operations in Ukraine after the annexation of Crimea in 2014 and some was allegedly stolen in a hack on Russia’s Ministry of Internal Affairs.
Best isn’t leaking out of any patriotic duty, however. It’s previously been happy to publish data on U.S. organizations, in particular the police. “I don’t long for any nationality,” Best adds. “I’m not happy to be called an American. It’s accurate. I’m not happy about it.” Why not? “Imperialism. Uber-capitalism. Neo-colonialism, military expansion, pansurveillance, militarization of police, the police system itself.”
Forbes has not been able to independently verify the latest leak, which follows the release of emails and schematics allegedly stolen from Belarusian weapons manufacturer Tetraedr, just days after Russia invaded. (Tetraedr hasn’t responded to a request for comment.) But DDoSecrets, an organization built on the premise of almost total transparency of data Best believes is in the public interest, has not yet been caught out disseminating any major fakery. It’s previously made headlines publishing data from breaches of police departments following protests at the killing of George Floyd, and, more controversially, from ransomware crews’ victims, whose files were published when they refused to pay the ransom. Best says it has “received some corrections for descriptions of some datasets that help clarify them. . . . Several sets have fakes, but we label them proactively.”
At a time when there are plenty of erroneous claims as to the legitimacy of cyberattacks on Ukrainian and Russian entities, and incessant claims of “fake news” on both sides, that’s not a bad record to have. Best said the data came from a hacker aligned with the hacktivist crew Anonymous and there was nothing to indicate the leak was a fake so far.
“We were able to verify it came from the . . . office the source identified,” they added. “We think the source was earnest and so far haven’t found any flaws in the data.”
Not that Best isn’t aware of the possibility that the information in this latest leak could have been tampered with. “With file sets this large, it’s always possible that something could be modified or planted,” they added.
There’s also the possibility that the release simply creates more noise, though DDoSecrets has its supporters. David Betz, professor of war in the modern world at King’s College London, said that he was supportive of Wikileaks and, at first glance, felt the same about Best’s latest publication. “I think it’s positive. Censors should be exposed,” Betz said.
But anyone diving into the data should be careful, Best warned. The email attachments within the files could be laden with malware. DDoSecrets’ site has a number of linked tools that can help users with their security, though, like any technology, they’re not guaranteed to keep downloaders safe.
As with the wild information war around the Russia-Ukraine conflict, approach with caution.