In his 2007 address to the Annual Security Conference in Munich, Vladimir Putin threw down a gauntlet to the West. Attacking what he called “illegal” unilateral military action by the US, he hinted that Russia would build its capability in information warfare to counter American and NATO expansion.
In the same year, a Russian policy doctrine noted that as the world became more digitally connected, the well-being of nation states would become dependent on data and and its rapid movement. Back then, information warfare was just a sideshow, and Putin’s emphasis was on more traditional weapon systems. But things have changed. In the decade since, Russia has rapidly developed its information warfare capability and deployed it in conflicts in Estonia, Georgia, and Ukraine.
But what exactly do we mean by the term “information warfare”? Dan Kuehl of the National Defence University in the US defined it as the “conflict or struggle between two or more groups in the information environment”. You might think that just sounds like a fancy way of describing computer hacking. In fact, it’s a far more sinister and dangerous proposition. The free flow of information within and between nation states is essential to business, international relations and social cohesion.
Communications today lean heavily on the internet, or via communications using various parts of the electromagnetic spectrum (such as wireless and microwaves) through terrestrial communications networks or satellite networks in space. We live in a highly connected world, and it doesn’t take much to tip a nation state into instability.
There have already been questions raised about possible Russian interference in government elections in the US. So will it use its new-found warfare capability to influence international relations to its own advantage in the future?
A study by the World Bank stated that Russia boasts more than 1m software specialists involved in research and development. Russian illegal cyber warriors (hackers) are among the most proficient in the world with around 40 large criminal cyber rings operating within the country’s borders. The Russian government has long been known to source its technology, world-class hacking talent and even some intelligence information from local cyber crime rings. What’s more, this criminal fraternity probably receives state immunity for cyber crimes committed outside Russia in return for offering services to the Russian state. It is estimated that these criminal rings have recruited nearly 1,000 software engineers since 2012.
Hacking activities include the penetration of national infrastructure systems, and money markets, and the stealing of state secrets and intellectual property. All of these destabilising attacks can be considered as preparation for any future conflict.
According to the British defence secretary Michael Fallon:
Russia is carrying out a sustained campaign of cyber attacks targeting democracy and critical infrastructure in the West.
Russia, or its proxy cyber warriors, have been accused of a number of high-profile attacks, all of which can be regarded as attempts to undermine democracy by fuelling doubt or creating distrust through misinformation or “false reporting”. In military parlance, this activity is referred to as “psychological operations”.
Recent alleged targets include Estonia in 2007, a French TV station in April 2015, Germany’s lower house of parliament in June 2015, and various government institutions in Bulgaria in October 2016. That country’s president described the attacks as the “heaviest” and most “intense” to be conducted in south-eastern Europe. Then came 2016, and the accusations that Russia stole and leaked data from the Democratic Party.
Russia has denied any involvement in any of this cyber activity and conclusive proof is difficult to obtain. After all, the Russia will be conducting its information warfare campaign through proxy cyber groups who themselves will be using heavily disguised covert internet servers. However, according to US intelligence officials, Russian hackers made repeated attempts during 2016 to stage cyber break-ins into major US institutions, including the White House and the State Department.
Russia’s clear long-term strategy is to use the internet to further its aims in information warfare. It has proved that this form of warfare is more potent than kinetic warfare and that it can reap the benefits quickly and without fear of a coordinated response from the US or NATO. Its use of criminal cyber rings ensures that it benefits from no (provable) direct links to the Russian government. A further downside is that China, North Korea and Iran seem to be copying this model and have already been active in attacks against other nation states.
The internet has changed mass communication in countless positive ways. But it is becoming an increasingly dangerous tool for subversive activity. A re-think and a re-boot are looking increasingly necessary.