Russian "Enigma" of the XXI сentury: Telegram’s сonnection to the Kremlin
Since the beginning of Russia’s full-scale invasion of Ukraine, Telegram has gained a significant impact on the Ukrainian audience. Nearly a million users downloaded the app in the month after February 24, 2022. Today, 88% of Ukrainians use this messenger. Nowadays, Telegram for us is the source of news, warnings about missiles flying close to one’s location, fundraising by volunteers, and access to uncensored information from the battlefield in each phone.
But is our trust in a convenient tool, although it has ties to the aggressor country, justified in the context of the full-scale war?
The cipher war. Why does Russia need a global messenger?
During the World War II, information was transmitted over the radio, and its interception was possible. Therefore, in order to keep the data — plans and orders — secret, they were transmitted in encrypted form. To do this, the belligerents used sophisticated machines that converted plain text into a secret code. For example, Hitler’s Germany and Japan used the cipher generated by the Enigma machine. This cipher was believed impossible to decode, so the Nazis were not afraid to transmit the most secret information using it.
The Enigma encryption machine used by the Nazis during World War II
Image: Central Intelligence Agency
The Allies really could not break the German encryption code for a long time. But when in the end the British succeeded, they cautiously guarded this secret so that the enemy did not realize that they had full access to the secret information dissemination system.
To do this, the British government even had to sacrifice its military: knowing from deciphered intercepts about individual plans to attack British convoys, the command did nothing to avoid danger. Consciously allowing for individual defeats, the British had the whole picture of the battle. They used the knowledge of the Nazis’ plans at a crucial moment. Thus, it was possible to end the war with a victory over Nazism almost a few years earlier.
But what does the story of Hitler’s Enigma have in common with Russia’s Telegram?
The closed MTProto encryption protocol, the dubious jurisdiction of Telegram, the “dark” history of its financing, as well as the current ties of senior managers of the social network with Russia even after their alleged forced departure from their homeland; all this raises doubts about the veracity of official statements by the Telegram administration about the “super reliability” of their messenger.
Being closely connected with the Kremlin regime that launched a full-scale war in Europe, Telegram can also be a kind of operation “Enigma of the XXI century,” which is being implemented right now by Russian special services.
This raises concerns about whether the Kremlin will use the messenger with 800 million users as a tool in its war against Ukraine and later — in the global hybrid war against the West, implementing the Bolshevik ideology “We’ll light a fire through all the world.”
Durov’s centre of attraction
Pavel Durov publicly disassociates himself from any ties to the Russian authorities. He presents himself as a victim of the Putin regime, including for his political position. When in 2014, Durov announced that he refused to provide personal data of Ukrainian users of Vkontakte at the request of Russian security forces, the Kremlin completely took over Durov’s network.
Back then, Vkontakte came under the wing of United Capital Partners, which was managed by the board of directors of the Rosneft state corporation (which means the Kremlin). Finally, from 2014 to 2021, the controlling stake belonged to Alisher Usmanov and his Mail.ru Group — a billionaire and one of the richest people in Russia and “Putin’s favourite oligarch,” as he was called by the Western media.
In December 2021, Radio Liberty reported that a controlling stake in VK (which controls, including the largest Russian social network Vkontakte) was bought by the Sogaz group, the owners of which are Putin’s friend Yuri Kovalchuk, the dictator’s nephew Mikhail Shelomov, and Gazprom. In addition, a large block of shares belongs to the Russian state-owned company Rostec, which is headed by Sergei Chemezov, Putin’s KGB colleague. In March 2022, all foreigners left the company’s board of directors. Thus, there is no doubt of the full control of the Vkontakte social network by the Kremlin.
In 2022, a representative of Durov, in a comment to the American Forbes, noted that Pavel had left Russia many years ago and was not going to return. Today, Durov also holds French, UAE, and Saint Kitts and Nevis citizenship.
After the start of the full-scale invasion in 2022, Pavel Durov published a post on his page in which he assured that the privacy of users was a priority for Telegram, despite his former career and life in Russia. Although, he did not condemn Russia’s aggression then, calling the war a “tragic conflict.”
“9 years ago I defended the private data of Ukrainians from the Russian government — and lost my company and my home. I would do it again without hesitation.”
However, as aptly pointed out by Moxie Marlinspike (an American cybersecurity expert, cryptographer, co-founder of the Signal messenger, and author of the signal encryption protocol used in Signal, WhatsApp, Google Messages, Facebook Messenger, and Skype), although the Telegram team is no longer based in Russia, they may still have family members there and, therefore, be vulnerable to the Russian government.
Moreover, members of the Telegram team do not shy away from the company of Russian politicians, both during public events and in private meetings. Thus, Russia remains the “centre of attraction” of Durov’s team.
Money from warm countries: financing from an Arab fund through Russia
Identifying the sources of funding for Telegram is a difficult task because the company attracts its investors privately. However, the names of some individuals and organizations that were indicated as investors in the messenger appeared in the media repeatedly.
Thus, among the investors of TON (Telegram cryptocurrency) were Russians David Yakobashvili and oligarch Roman Abramovich. The first is under Ukrainian sanctions, and the second is included in the sanctions lists of the European Union, the United States, Switzerland, Canada, Ukraine and other countries. Both have close ties to the Kremlin.
Source: Dealroom
Telegram investors include sanctioned David Yakobashvili, Roman Abramovich, and Mubadala Capital and Abu Dhabi Catalyst Partners, Arab funds with a long history of cooperation with Russians.
Among the investors who saw the potential in Telegram, there are many representatives of the UAE. Namely, two investment funds that bought messenger bonds worth USD 150 mln are often mentioned: Mubadala and Abu Dhabi Catalyst Partners (a fund created by Mubadala and the American investment company Falcon Edge Capital).
In particular, the Emirati company Mubadala worked closely with Russia, creating a USD 2 bln fund in 2013 together with the Russian Direct Investment Fund (RDIF) to invest in long-term projects in various sectors of the Russian economy.
Mubadala also invested in Pulkovo Airport in Russia, SIBUR projects (chemical holding company), En+, and Gazprom Neft. The fund’s total portfolio in Russia is estimated at USD 3 bln, according to Reuters. In March 2021, the media reported that the Mubadala Foundation, together with the RDIF, invested in Telegram. However, the management of Telegram denied the information about investments from the RDIF.
After the start of the full-scale Russian invasion of Ukraine, Mubadala announced that it was suspending its investments in Russia. However, Khaldun Mubarak, a senior manager of Mubadala, said in March 2023 that the Russian invasion would not stop the fund’s desire to be a global investor. Therefore, today Telegram is still present in Mubadala’s portfolio, as are the rest of the mentioned Russian companies.
An interesting detail: at the beginning of 2024, the Russian authorities “wrote off” the arrears of fines that they had previously imposed on Telegram and Western technology companies. The corresponding entry disappeared from the database of the Federal Bailiff Service. Telegram did not pay off any debts, assuring Reuters that they did not know why the debts were written off because the company had no assets in Russia, no offices, and no employees. However, in reality, this is not the case: Telegram and Russia are still linked by money, technological resources, and people. Russia still manages to find workarounds to invest in Telegram.
Traffic in Russian hands
Telegram uses only companies of Russian origin for traffic networks. Network traffic (may also be referred to as data traffic or simply traffic) is the amount of data that moves through the network over a period of time. Any application that we use on the Internet (like Telegram) must transmit data packets over the network to function accordingly. Network administrators can control traffic — prioritize or monitor traffic (measure its volume and data types).
So, Telegram uses two companies for such a task — RETN and LLC GLOBALNET. Both are of Russian origin.
A monitoring group of the information space of one of the units of the Armed Forces of Ukraine noticed in January 2024 the facts of external interference in the work of local Telegram channels of the occupied Berdiansk, Melitopol, and Mariupol. It was from there that the monitoring group obtained information about the strikes, destruction, loss of personnel, equipment, and matériel of the Russians. But at one point, without the knowledge of the administrators of these channels, entire posts, photos and videos, comments in the channels and chats of condominiums, which were monitored, were deleted.
During the special operation Bryansk Massacre, when, within 5 minutes, the Air Force of the Armed Forces of Ukraine destroyed 5 Russian aircraft in May 2023, all local Telegram channels closed the discussion. It is still unknown whether this happened as a result of outside interference, or if it was just an initiative of the channel administrators.
Similarly, during Prigozhin’s “campaign” against Moscow, only three of Wagner’s 15 channels, which were monitored, continued to function. There were also failures in the operation of Telegram throughout Russia.
Using Telegram in a combat zone means giving Russians access to one’s geolocation, multimedia, and correspondence history, even if it was deleted. The Russians themselves confirm this. Thus, at the end of 2023, a leading Russian TV channel released a news story in which it boasted that Russian security forces had access to deleted correspondence on Telegram of detained Ukrainians.
And the very fact that Telegram and Vkontakte are one of the two social networks that the Russian leadership officially allowed its military to use says a lot.
Bad form or safety issues?
The Ukrainian community of cyber specialists DC8044 stated recently that it was “moving” from Telegram to another platform for communication due to the dubious jurisdiction of this messenger and ties with the Kremlin.
The President of Ukraine, the Air Force, the State Emergency Service, the Main Intelligence Directorate, the Centre for Strategic Communication under the MCIP and other state organizations began to develop their own channels on WhatsApp and other resources.
The trend has been set. Using a Russian information product now is like playing marked cards when the opponent fully knows your next moves. In conditions of war, this becomes not just bad form, but a problematic issue of national security.
If Elon Musk, having access to Starlink, was able to disrupt the attack of Ukrainian drones on the ships of the Black Sea Fleet of Russia, then what steps can the team of Russian Pavel Durov, who continues to be dependent on the Kremlin, take in this war of Russia against Ukraine?
Center for Strategic Communication and Information Security