Russia’s Pact with the Devil
Does Russia have a cyber strategy? Where does it derive its power? Part 2 of State Perspectives on Cybersecurity (series)
Russia is always on the brink. A self-perpetuating history of chaos and political instability, this unlikely empire is home to centuries of different experiments in governance. Vladimir Putin’s latest experiment lies in maintaining three pillars of Russian state legitimacy: domestic order, economic prosperity and demonstration of great power status internationally (Hutchesson & Petersson, 2015).
These pillars root the seemingly random sequence of Russian actions in the information space. While Russian actions come in many forms, use many actors, and attack a broad spectrum of targets, its cyber-policy is firmly rooted in a desire for stability.
Balancing Defence and Intelligence
A balancing act between state intelligence and the military in the Kremlin ensured the prominence of information warfare in Russian strategic doctrine. Since the bloody Chechnya experience of the 1980–90s, Russian military doctrine became particularly concerned with the reflexive relationship between information and warfare. What became apparent was that ‘the prior implementation of measures of information warfare in order to achieve political objectives without the utilization of military force (would) shape favourable opinion towards the use of the military from the world community (and locally)’ (Russia’s 2010 Military Doctrine). Information warfare, would not only prepare military actions, but also constitute a crucial wing of Russia’s “new combined warfare” involving both military and intelligence actors.
Great Power without Great Resources
With thinning economic resources and diminishing diplomatic clout (in its neighbourhood), Russia has committed itself to utilising asymmetric power to provide evidence of its continuing relevance in world affairs. When I interviewed students in Moscow on “what makes a great power”, a prominent answer was: “A great power shapes and disrupts the world order”. Their answers were in line with the political consensus; A great power can, perhaps tautologically, project great disorder to create new order.
Cyber offensive operations subvert the strengths and exploit the weaknesses of Western democracies (who benefit most from the current world order). In Eastern Europe and vis-à-vis NATO, Russian cyber attacks take advantage of the attribution problem (and lack of a NATO cyber strategy) to probe NATO/EU defences and undermine competing energy-related deals while dodging institutional punishments. This year, through the barely deniable aliases “Cozy Bear” and “Fancy Bear”, Russia subverted the U.S. political system by leaking the election’s most important talking point — a huge victory for securing Russia’s economic interests in Eastern Europe (Clinton wasn’t a fan of Russia’s European ambitions) and for affirming Russia’s “great power”.
At home, this year’s decision to force all foreign companies operating within Ru-net to store their data in Russian centres, was one-step towards reducing Western clout and competition in the domestic information space.
What does Russia’s cybersecurity apparatus look like? Who are these hackers?
Beyond fulfilling the interests of the state, the Russian cyber hydra lacks any of the distinct features of a military-political organisation. Observers point to Russia’s 5th Dimension Cyber Army and its connections to the Russian Business Network (thought to own and operate the second largest Botnet in the world) (DefenseTech, 2008). But it is the state’s buccaneering relationship with the criminal underworld that defines Russian cyber-activity. As nine of the Top 15 programming universities in the world are Russian, these academies reliably produce formidable talent (ICPC Competition, 2016). Due to the lack of opportunities and the difficult entrepreneurial environment however, many young coders turn to cyber-crime for easy money.
It is the state’s buccaneering relationship with the criminal underworld that defines Russian cyber-activity
Similar to how the British used pirates to destroy Spanish Caribbean trade in the 16th century, Russia has partnered with many underground organisations to further its strategic and domestic aims.
Some of these criminals are ‘given a choice to work for the intelligence services instead of going to prison’ (Krebs, 2008). Others commit to broadening the Botnets and developing the complex attack toolkits that Russia uses. The underworld thus controls (at least partly) the source and the means of power projection in the 5th domain; a major threat to Russia’s “monopoly on violence” (Weber, 1919). Appreciating this, Russia employs these criminal actors to harness such violence and ultimately distract the actors from understanding their potential to foment domestic instability. Cyber policy thus falls under the remit of the Security Council of the Russian Federation (primarily concerned with internal national security) (RAND, 2010).
Cyberwarfare has provided Russia with an unprecedented ability to project power towards securing its three strategic objectives: domestic order, economic prosperity and great power status.
The use of cyber tools has aligned military, political and intelligence interests. Yet in promoting and leveraging the power of the cyber underworld, Russia has lost its monopoly of force and has signed a pact with the devil. Rather than projecting power abroad, this deal may empower the cyber underworld to turn its back on the Kremlin and ignite a new source of instability.
IF YOU LEARNED SOMETHING NEW FROM THIS ARTICLE PLEASE SUPPORT OUR PUBLICATION BY CLICKING “RECOMMEND”
Bibliography
Acm ICPC. “Results 2016” Web: last modified 15:52PM 28 Jun 2016 https://icpc.baylor.edu/worldfinals/results
Carroll, Ward. “Russia’s Cyber Forces” Web: DefenseTech, 27 May, 2008
F-Secure. “The Dukes: 7 years of Russian cyberespionage” Whitepaper: F-Secure Labs Threat Intelligence, 2016.
Dr Hutchesson, Derek and Dr Petersson, Bo. “Shortcut to Legitimacy: Popularity in Putin’s Russia” Paper: IX World Congress of ICCESS, 3–8 August 2015. https://c-linkage.com/iccees2015/uploads/2228.pdf
Giles, Keir. Translated from Original Russian. “The Military Doctrine of the Russian Federation 2010” Rome: Research Division NATO Defense College, February 2010 http://www.conflictstudies.org.uk/files/MilitaryDoctrine_RF_2010.pdf
Krebs, Brian. “Report: Russian Hacker Forums Fueled Georgia Cyber Attacks” The Washington Post: Security Fix, 16 October 2008. http://voices.washingtonpost.com/securityfix/2008/10/report_russian_hacker_forums_f.html
Robinson, Neil. Gribbon, Luke. Horvath, Veronika. Robertson, Kate. “Cyber-security threat characterisation: a rapid comparative analysis” RAND Europe: Prepared for the Center for Asymmetric Threat Studies (CATS), Swedish National Defence College, Stockholm.
Saito, William H. ‘What makes governments vulnerable to hackers’ Web: World Economic Forum, Jan. 2017.
Slate, New America and ASU. ‘How the Rest of the World Feels about U.S. Dominance of the Internet’ (Web: Future Tense, 18 Nov 2016)
Translation CCDCOE. “Conceptual Views Regarding the Activities of the Armed Forces of the Russian Federation in the Information Space” (2000)
Weber, Max. Politics as a Vocation. 1919
