Meghan Brandabur, Caroline Gant, Yuxiang Hou, Laura Oolup, and Natasha Williams were Research Interns at the College of Information and Cyberspace at National Defense University.  Laura Oolup is the recipient of the Andreas and Elmerice Traks Scholarship from the Estonian American Fund.  The authors were supervised in their research by Lieutenant Colonel Matthew Feehan, United States Army and Military Faculty member.  This article was edited by Jacob Sharpe, Research Assistant at the College of Information and Cyberspace.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.


Title:  Assessment of Russia’s Cyber Relations with the U.S. and its Allies

Date Originally Written:  August 7, 2018.

Date Originally Published:  October 1, 2018.

Summary:  Russia frequently employs offensive cyber operations to further its foreign policy and strategic goals.  Prevalent targets of Russian activity include the United States and its allies, most recently culminating in attacks on Western national elections by using cyber-enabled information operations.  Notably, these information operations have yielded national security implications and the need for proactive measures to deter further Russian offenses.

Text:  The United States and its allies are increasingly at risk from Russian offensive cyber operations (OCOs).  Based on the definition of the Joint Chiefs of Staff, OCOs are operations which aim “to project power in or through cyberspace[1].”  Russia utilizes OCOs to further their desired strategic end state: to be perceived as a great power in a polycentric world order and to wield greater influence in international affairs.  Russia uses a variety of means to achieve this end state, with cyber tools now becoming more frequently employed.

Since the 2007 cyber attacks on Estonia, Russia has used OCOs against the United States, Great Britain, France, and others[2].  These OCOs have deepened existing societal divisions, undermined liberal democratic order, and increased distrust in political leadership in order to damage European unity and transatlantic relations.  Russian OCO’s fall into two categories: those projecting power within cyberspace, which can relay kinetic effects, and those projecting power indirectly through cyberspace.  The latter, in the form of cyber-enabled information operations, have become more prevalent and damaging. 

Throughout the 2016 U.S. Presidential election, Russia conducted an extended cyber-enabled information operation targeting the U.S. political process and certain individuals whom Russia viewed as a threat[3].  Presidential candidate Hillary Clinton, known for her more hawkish views on democracy-promotion, presented a serious political impediment to Russian foreign policy[4].  Thus, Russia’s information operations attempted to thwart Hillary Clinton’s presidential aspirations. 

At the same time, the Russian operation aimed to deepen existing divisions in the society which divided U.S. citizens along partisan lines, and to widen the American public’s distrust in their democratic system of government.  These actions also sought to decrease U.S. primacy abroad by demonstrating how vulnerable the U.S. is to the activity of external actors.  The political reasoning behind Russia’s operations was to promote a favorable environment within which Russian foreign policy and strategic aims could be furthered with the least amount of American resistance.  That favorable environment appeared to be through the election of Donald J. Trump to the U.S. Presidency, a perception that was reflected in how little Russia did to damage the Trump operation by either OCO method.

Russia also targeted several European countries to indirectly damage the U.S. and undermine the U.S. position in world affairs.  As such, Russian OCOs conducted in the U.S. and Europe should not be viewed in isolation.  For instance, presidential elections in Ukraine in 2014 and three years later in France saw cyber-enabled information operations favoring far-right, anti-European Union candidates[5]. 

Russia has also attempted to manipulate the results of referendums throughout Europe.  On social media, pro-Brexit cyber-enabled information operations were conducted in the run-up to voting on the country’s membership in the European Union[6].  In the Netherlands, cyber-enabled information operations sought to manipulate the constituency to vote against the Ukraine-European Union Association Agreement that would have prevented Ukraine from further integrating into the West, and amplified existing fractions within the European Union[7].

These cyber-enabled information operations, however, are not a new tactic for Russia, but rather a contemporary manifestation of Soviet era Komitet Gosudarstvennoy Bezopasnosti (K.G.B.) techniques of implementing, “aktivniye meropriyatiya,” or, “‘active measures’”[8].  These measures aim to “[influence] events,” and to “[undermine] a rival power with forgeries,” now through the incorporation of the cyber domain[9]. 

Russia thus demonstrates a holistic approach to information warfare which actively includes cyber, whereas the Western viewpoint distinguishes cyber warfare from information warfare[10].  However, Russia’s cyber-enabled information operations – also perceived as information-psychological operations – demonstrate how cyber is exploited in various forms to execute larger information operations [11].

Although kinetic OCOs remain a concern, we see that the U.S. is less equipped to deal with cyber-enabled information operations[12].  Given Western perceptions that non-kinetic methods such as information operations, now conducted through cyberspace, are historically, “not forces in their own right,” Russia is able to utilize these tactics as an exploitable measure against lagging U.S. and Western understandings of these capabilities[13].  Certain U.S. political candidates have already been identified as the targets of Russian OCOs intending to interfere with the 2018 U.S. Congressional midterm elections[14].  These information operations pose a great threat for the West and the U.S., especially considering the lack of consensus towards assessing and countering information operations directed at the U.S. regardless of any action taken against OCOs. 

Today, cyber-enabled information operations can be seen as not only ancillary, but substitutable for conventional military operations[15].  These operations pose considerable security concerns to a targeted country, as they encroach upon their sovereignty and enable Russia to interfere in their domestic affairs. Without a fully developed strategy that addresses all types of OCOs including the offenses within cyberspace and the broader information domain overall Russia will continue to pose a threat in the cyber domain. 


Endnotes:

[1] Joint Chiefs of Staff. (2018). “JP 3-12, Cyberspace Operations”, Retrieved July 7, 2018, from http://www.jcs.mil/Portals/36/Documents/Doctrine/pubs/jp3_12.pdf?ver=2018-06-19-092120-930, p. GL-5.

[2] For instance: Brattberg, Erik & Tim Maurer. (2018). “Russian Election Interference – Europe’s Counter to Fake News and Cyber Attacks”, Carnegie Endowment for International Peace.; Burgess, Matt. (2017, November 10). “Here’s the first evidence Russia used Twitter to influence Brexit”, Retrieved July 16, 2018 from http://www.wired.co.uk/article/brexit-russia-influence-twitter-bots-internet-research-agency; Grierson, Jamie. (2017, February 12). “UK hit by 188 High-Level Cyber-Attacks in Three Months”, Retrieved July 16, 2018, from https://www.theguardian.com/world/2017/feb/12/uk-cyber-attacks-ncsc-russia-china-ciaran-martin; Tikk, Eneken, Kadri Kaska, Liis Vihul. (2010). International Cyber Incidents: Legal Considerations. Retrieved July 8, 2018, from https://ccdcoe.org/publications/books/legalconsiderations.pdf; Office of the Director of National Intelligence. (2017, January 6). “Background to ‘Assessing Russian Activities and Intentions in Recent US Elections’: The Analytic Process and Cyber Incident Attribution” Retrieved July 9, 2018, from https://www.dni.gov/files/documents/ICA_2017_01.pdf. 

[3] Office of the Director of National Intelligence. (2017, January 6). “Background to ‘Assessing Russian Activities and Intentions in Recent US Elections’: The Analytic Process and Cyber Incident Attribution” Retrieved July 9, 2018 https://www.dni.gov/files/documents/ICA_2017_01.pdf p.1.

[4] Flournoy, Michèle A. (2017).  Russia’s Campaign Against American Democracy: Toward a Strategy for Defending Against, Countering, and Ultimately Deterring Future Attacks Retrieved July 9, 2018, from http://www.jstor.org/stable/j.ctt20q22cv.17, p. 179. 

[5] Nimmo, Ben. (2017, April 20). “The French Election through Kremlin Eyes” Retrieved July 15, 2018, from https://medium.com/dfrlab/the-french-election-through-kremlin-eyes-5d85e0846c50

[6] Burgess, Matt. (2017, November 10). “Here’s the first evidence Russia used Twitter to influence Brexit” Retrieved July 16, 2018, from http://www.wired.co.uk/article/brexit-russia-influence-twitter-bots-internet-research-agency 

[7] Cerulus, Laurens. (2017, May 3). “Dutch go Old School against Russian Hacking” Retrieved August 8, 2018, from https://www.politico.eu/article/dutch-election-news-russian-hackers-netherlands/ ; Van der Noordaa, Robert. (2016, December 14). “Kremlin Disinformation and the Dutch Referendum” Retrieved August 8, 2018, from https://www.stopfake.org/en/kremlin-disinformation-and-the-dutch-referendum/

[8] Osnos, Evan, David Remnick & Joshua Yaffa. (2017, March 6). “Trump, Putin, and the New Cold War” Retrieved July 9, 2018 https://www.newyorker.com/magazine/2017/03/06/trump-putin-and-the-new-cold-war 

[9] Ibid.

[10] Connell, Michael & Sarah Vogler. (2017). “Russia’s Approach to Cyber Warfare” Retrieved July 7, 2018, from  https://www.cna.org/cna_files/pdf/DOP-2016-U-014231-1Rev.pdf ; Giles, Keir. & William Hagestad II (2013). “Divided by a Common Language: Cyber Definitions in Chinese, Russian and English”. In K. Podins, J. Stinissen, M. Maybaum (Eds.), 2013 5th International Conference on Cyber Conflict.  Retrieved July 7, 2018, from  https://ccdcoe.org/publications/2013proceedings/d3r1s1_giles.pdf, pp. 420-423; Giles, Keir. (2016). “Russia’s ‘New’ Tools for Confronting the West – Continuity and Innovation in Moscow’s Exercise of Power” Retrieved July 16, 2018, from https://www.chathamhouse.org/sites/default/files/publications/2016-03-russia-new-tools-giles.pdf, p. 62-63.

[11] Iasiello, Emilio J. (2017). “Russia’s Improved Information Operations: From Georgia to Crimea” Retrieved August 10, 2018 from https://ssi.armywarcollege.edu/pubs/parameters/issues/Summer_2017/8_Iasiello_RussiasImprovedInformationOperations.pdf p. 52. 

[12] Coats, Dan. (2018, July 18). “Transcript: Dan Coats Warns The Lights Are ‘Blinking Red’ On Russian Cyberattacks” Retrieved August 7, 2018, from https://www.npr.org/2018/07/18/630164914/transcript-dan-coats-warns-of-continuing-russian-cyberattacks?t=1533682104637

[13] Galeotti, Mark (2016). “Hybrid, ambiguous, and non-linear? How new is Russia’s ‘new way of war’?” Retrieved July 10, 2018, from Small Wars & Insurgencies, Volume 27(2), p. 291.

[14] Geller, Eric. (2018, July 19) . “Microsoft reveals first known Midterm Campaign Hacking Attempts” Retrieved August 8, 2018, from https://www.politico.com/story/2018/07/19/midterm-campaign-hacking-microsoft-733256 

[15] Inkster, Nigel. (2016). “Information Warfare and the US Presidential Election” Retrieved July 9, 2018, from Survival, Volume 58(5), p. 23-32, 28 https://doi.org/10.1080/00396338.2016.1231527