Years back to a few decades ago or so, at- least in the world stage, Russia was known for the stand-off posture it played during the cold war, against the western countries, mainly the USA. When I grow up, these stories were popular. News or stories about the long lasting cold war era, stories of nuclear war, thousands of times more destructive H-bomb, sophisticated nuclear-launchers, submarines and so on were all associated with a story about US- Russia, and it was all threatening and it still is for that matter.
Now, Russia is back on news again, seemingly in a different way, for the same purpose. Particularly for the past 6 years, since one year before the 2016 election, news of misinformation, disinformation, hacking, spying, election fraud, illegal election contribution funds and finally to the election and impeachment of the US president is all tied to Russia. Russia’s act of distortion in any areas of found-vulnerability is imminent and it’s not an independent scenario, in-fact it’s part of a broader scoop.
A research conducted by a policy researcher Bilyana Lilly and a defence analyst Joe Cheravitch, under the title ‘’ the past, present and future of Russia’s cyber strategy and forces’’ clearly puts the current cyber-attacks are part of a broader and deeper strategy. The research put it as ‘’ Cyber operations attributed to Moscow are not conducted in a strategic vacuum. They are enabled and shaped by broader geopolitical considerations and the institutional culture of Russia’s military, intelligence, and political leadership, as well as by Moscow’s evolving approach to asymmetric interstate competition that falls short of all-out conflict’’ (lilly/cheravitch). According to this research, the current cyber-operations originating from Russia are the continuation of the past strategic, organized and state-sponsored political, military and intelligence hit jobs.
Another research from NATO by Janne and Melnychuck explains how Russia sees the cyber-space and treat it accordingly. ‘’ Russia sees activities in cyberspace as a subset to the all-encompassing framework of ‘information confrontation,’ which is derived from the Russian understanding of relations between states and, more specifically, a subset of the struggle between great powers for influence in the world. It added information from a Russian thinkers as, ‘’the information confrontation is constant and ongoing, and any means can be used to gain superiority in this confrontation. Activities in cyberspace are one of several tools of warfare in the information environment, including psychological operations, electronic warfare (EW), and kinetic action’’. In practice, cyberspace can be used both for physical attacks on infrastructure, and cognitive attacks such as disinformation. However, the center of gravity in the information confrontation lies in peoples minds and perception of events, both domestically and internationally.
Before exploring the details of the cyber domain to which Russia is practically exploiting, it’s important to understand the basics of Russia’s mind-set toward the importance of waging a cyber- war against the assumed adversaries. According to Bilyana Lilly and Joe Cheravitch, Russia put information warfare as part of its military tool. Russia’s military doctrine has shifted from previously only armed to hybrid warfare (armed and non-armed) approach, which the non-armed is mainly the information warfare. The Russia’s definition of information warfare according to Lilly/ Cheravitch, is ‘’ …the confrontation between two or more states in the information space with the purpose of inflicting damage to information systems, processes and resources, critical and other structures, undermining the political, economic and social systems, a massive psychological manipulation of the population to destabilize the state and society, as well as coercing the state to take decisions for the benefit of the opposing force (Ministry of Defense of the Russian Federation 2011).
Let’s look at the practical implementation of the above definition on the recent cyber- attacks on the USA. Prior to the 2016 election, Russia carried out comprehensive cyber campaign to shape US presidential election out comes. These attacks were based on the intention of causing damage on the information system of the USA which can mainly weaken the technical, psychological and cognitive components. According to the Washington post article written on Jan 6, 2017(Miller, Entous) Russia conducted Putin’s personally ordered cyber-attack against the USA which undermines the public faith in the USA’s democratic process. This was first done through hacking the emails of a political party and dumping them through the wiki leak, in order to drive the already heated political tension between parties. This was followed by an intensive public campaign against the politically un- preferred nominee (Clinton) to the Russian state. Social media became the main tools for misinformation, disinformation, and general distortion of facts to exacerbate the already polarized political opinion. Here it clear that the cognitive and psychological components are in-action.
While preparing this research paper, even though the critical infrastructure of the USA is a target of Russian cyber-attack on its own term, I learned Russian main areas of the cyber- transgression against the USA and other allies are mostly in the psychological and cognitive sides of the attack.
Below is a Principles of Russia’s ‘information confrontation playbook, which connects the current cyber-aided attacks on the democratic institutions of the United States to a broader former Soviet Union perception of information as a means to galvanize its domestic population and to win over global public opinion by misdirection (Janne, Melnychuck). This play book is divided in to three theories; active measure, reflexive control, and maskirovska. According ‘’Russia’s strategy in the cyberspace’’(Janne, Melynychuck);
‘Active measures’ (aktivnyye meropriyatiya) refers to operations aiming at affecting other nations’ policies. This however should not to be mistaken with public diplomacy, in which practically all states continuously engage. The difference between the two is that whereas the aims and sources of public diplomacy activities are open, active measures tend to be undertaken secretly, violate laws and involve blackmail, bribes, disinformation, and the exploitation of a target nation’s individuals and political influence.
The theory of reflexive control seeks to lead the target to unknowingly act in a predefined manner, often against their-own interest. This could be done by influencing the adversary’s channels of information and sending them messages which shift the flow of information in Russia’s favor. The adversary, acting on a manipulated information space, makes a decision that has at its core been incited by Moscow. A country’s susceptibility to reflexive control largely emanates from unchecked access to its information space by all actors, where false or misleading information is often not attributable and control measures are limited. Democratic information spaces are especially vulnerable to such efforts.
Another method of information confrontation inherited from the Soviet-era is known as maskirovka, which includes concealment and deception. Used primarily as a military term, the aim of maskirovka is to convince the adversary of the presence of objectives or units in places where they are not. The idea behind such actions is to lead the target into error, force them to take measures not corresponding to reality, and to disrupt their C2 and undermine their troops’ morale. Traditionally, it was the GRU (the Main Intelligence Directorate) that was responsible for maskirovka, but military operations in Ukraine indicate that various state and non-state actors have been involved in such actions, including the FSB (the Federal Security Service) and the Night Wolves. Moreover, maskirovka is not solely limited to military targets anymore, but also includes the civilian population.
Other acts of Russian cyber- intrusion are exploiting and targeting publicly known vulnerabilities. Report published on April 15, 2021 by NSA/CSS (NSA/CSS), under a title ‘’ Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks’’ exposes the vulnerability look-out effort by Russian foreign intelligence services. The report highlights the National Security Agency (NSA), the Cyber security and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released a Cyber security Advisory, on “Russian SVR Targets U.S. and Allied Networks.’’ It also noted the U.S. Government’s formal attribution of the Solar-Winds supply chain compromise and related cyber espionage campaign. ’The report finally advised in the mitigation measure which can be taken and highlighted these vulnerabilities as critically important as U.S. and allied networks are constantly scanned, targeted, and exploited by Russian state-sponsored cyber actors. The method used are such as via -WellMess malware, VMware. (NSA/CSS)
As a conclusion, Russian sponsored cyber threat is profoundly imminent. All possible means at disposal will not remain un-used. Even the so called criminal’s actors, like REvil, and Darkside are believed to be operated from Russia, without any fear of accountability, if not directly claimed to be aided by the host-state. As for me, Russia’s cognitive warfare is more-imminent and something that have to be prioritized more than others. The fact is the fear for infrastructural vulnerability has technically been there since Russia developed nuclear-heads intercontinental missiles which can strike the main land therefore it’s not a new issue. In addition to that I believe attacking-nations know the attack in infrastructure of a sovereign nation (for example entire country black-out, for days) can be considered as too far move (red-line), therefore may be some reluctance to do so, as not to declare war on others. So, the question is how you handle when cyber-attack and intrusions are working against the social fabric of a nation, distorted information, fake-news, and other means which can destroy not an institution but values of a nation. They are deep and subtle and they are not easily to quantify it for mitigation. Cognitive Warfare, (Baker and Swab) clarifies the thought-out, strategic and longtime experienced act of Russian cyber-warfare in Baltics is similar to what happened in the United States, and summarizes it as ‘’The threat to election integrity’’. Russia targets vulnerable or susceptible populations within the Baltics states with the goal of affecting how voters think – and thus how they vote. Elections are the time at which democracies are most vulnerable to cognitive warfare operations.’’ And added ‘’ “The Soviet Union’s goal was to convince. Russia’s goal is to confuse.” Finally I think war declared in your thinking may be more dangerous than war declared otherwise.
Citation
-Lilly/ Cheravitch, the past, present and future of Russia’s cyber strategy and forces.
https://ccdcoe.org/uploads/2020/05/CyCon_2020_8_Lilly_Cheravitch.pdf
-Miller,entous, Washington post, national security, January 6,2017
- Janne, Melnychuck ‘’Russia’s strategy in cyber space’’ Riga, January, 2021
https://stratcomcoe.org/cuploads/pfiles/Nato-Cyber-Report_15-06-2021.pdf
-NSA/CSS ‘’Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks’’
-Bakes, swab, Cognitive Warfare, The Russian threat to election integrity in the Baltic States, Harvard Kennedy School, and Nov 2019.
https://www.belfercenter.org/sites/default/files/2019-11/CognitiveWarfare.pdf
Birhane: Research Project from above sources