Jason Scott
According to the British Spy Service, MI5, espionage is “the process of obtaining information that is not normally publicly available, using human sources (agents) or technical means (like hacking into computer systems). It may also involve seeking to influence decision-makers and opinion-influencers to benefit the interests of a foreign power”. The collection of unclassified publicly available information can be considered espionage but is generally not thought of as damaging unlike the collection of classified data. This type of information can be harmful to the national security and economic well-being of countries.
Espionage has evolved from the cloak-and-dagger days of undercover agents trying to recruit a mole or break into a secure building to take picture of files in a cabinet into a model where the wars are now fought with keyboards and software platforms. The landscape shifted from the physical to digital with the entire world as the battlefield. Nations employ professional hackers for many reasons from digital warfare, information operation and cyber-espionage as seen with China’s army of hackers and Russian’s take-down of Ukraine’s power grid. (O’neill, 2016)
In addition to traditional espionage programs, many countries such as Russia and China have dedicated espionage branches whose entire function is to conduct spy operations on other countries for the sole purpose of stealing technology and trade secrets. In fact, former Defense Secretary, Robert Gates identified 15 countries that routinely conducted espionage against the United States just to steal US trade secrets and technology. The primary purpose of this tactic is to provide a competitive advantage to the businesses in those countries and not for the traditional diplomatic and security purposes of espionage. (Keck, 2014)
The United States is quite unique in their view on economic espionage in that we have laws against this type of activity and treat it as a crime. The 1996 Espionage Act specifically provided the Justice Department authority to prosecute economic espionage activity and applies to both US Citizens and foreign persons acting in the United States. The intent of this law is not to say that foreign companies will never be targeted for espionage by the US Government, only that the purpose should not be to provide the information to American companies. (Lewis, 2016)
Unfortunately, other countries do not abide by similar restraints and as a matter of fact, have substantial cyber operations in place designed to deploy information operations as a form of warfare to accomplish their goals. Research by Security Today estimates that 27.24% of cyber-attacks originate by the Chinese government and estimates that 41% of the world’s cyber-attacks trace back to China, making it the world’s largest initiator of cyber-attacks followed by The US with 17.12%, Turkey with 4.7%, Brazil with 8.6%, and Russia rounding out the top 5 with 4.3%. (Baig, 2017)
Although not the number one perpetrator of offensive cyber operations, Russia has a significant presence in the global cyber war-front with substantial information warfare capabilities. They view information warfare as an offensive capability and have integrated it into their national strategic military framework. They are continually updating their offensive strategies and capabilities to meet future requirements such as incorporating transitioning hacker and criminal networks into their spy agency, the FSB. (Connell & Vogler, 2017)
Before moving forward into greater aspects of the Russian cyber espionage and information operations (IO) programs, it would be remiss not to discuss information warfare (IW) as it is a foundational aspect of cyber warfare and information operations in Russia. IW, as it is known, is a very complicated term that literally has varying meanings depending on who you ask. It has many complex dimensions and generally defined as a “class of techniques, including collection, transport, protection, denial, disturbance, and degradation of information, by which one maintains an advantage over one's adversaries”. (Singh, n.d.)
Russia, like China does not use the word cyber or cyberwarfare; they chose to us the word “informatization” instead. In doing this, they conceptualize cyber operations within the broader rubric of information warfare including computer network operations (CNO), electronic warfare (EW), psychological operations (PSYOP) and information operations (IO) as a holistic concept. This allows them to operationalize cyber as a mechanism that enables them to dominate the information domain landscape and provides the foundation to achieve their larger national strategic efforts of government doctrine. (Connell & Vogler, 2017)
Russia has used disinformation, propaganda and other similar measures to achieve its objectives for the better part of a century and cyberspace is just another domain in which they use to spy, influence and conduct IW. (McClintock, 2017) There is evidence as early as 1996 that the Russian government hacked U.S. sites for intelligence gathering purposes but as with most espionage and counter-espionage operations, very few instances are uncovered and the likelihood that there are more [unknown] cases predating this one. (Zetter, 2017)
This Russian operation involved the compromise a United Kingdom company’s web server to perform over a thousand attacks against the Pentagon, NASA and the U.S. Department of Energy sites to steal large amounts of data. (Kerner, 2017) Luckily for both the U.S. and this company, the US DoD Incident Response Team uncovered the intrusion and was able to turn the server into a honey pot to collect information about the attacks. These Russian attacks became known as “Moonlight Maze”, which was the codename assigned by the U.S. team. During the five-month operations, the authorities confirmed theft of US weapons-guidance systems, naval intelligence and various other sensitive information. (Zetter, 2017)
More recent evidence of Russia’s use of information operations (IO) as a tool in their arsenal of information dominance is the very public and controversial 2016 presidential election scenario. What can be proven is that the Russian’s did hack into the Democratic National Committee to steal email addresses and there is some evidence they hacked into various other computers but there is no evidence of any tampering with actual election systems. (French, 2017) Even though the media has reported that there was actual tampering, there is no evidence to support the claim. What is important to understand is the mass confusion and chaos the Russian’s were able to invoke upon the United States.
They were able to use fake news stories, human trolls, bots (computer robots), hacks on Twitter and Facebook to deploy sophisticated IO campaigns to unleash powerful propaganda messages to cause confusion and chaos to influence world order. (Timberg, 2016) This was almost a proof of concept for the Russians; proof that they can now use social media outlets to alter the course of world events simply by manipulating public opinion. (Calabresi, 2017) The actions by the Russians did not undermine the actual US election but it did undermine the confidence in the system itself, which is effectively an attack on democracy. (Graff, 2017)
The attack on democracy is the real motivation for the Russians. Their intent is to demonstrate democratic elections are fraudulent and open public societies are flawed to the extent that democratic societies are themselves flawed and fraudulent. (Janow et.al, 2017) Compare this to the goals of the Soviet Union during the Cold War; to spread communism throughout the world and dominate across the globe. (Macham, 2013) Although the mechanisms used to reach their results are different; this goal is the same – defeat democracy and spread communism.
With the invention and expansion of social media, the Russian efforts to erode faith in the US government and other democratic government interests have increased. (Watts, 2016) It is not the popularity of social media that allowed Russia to quickly and efficiently spread chaos, it is the fact that they are able to deliver synchronized messaging across multiple platforms to deliver a consistent believable message. They can publish simultaneous propaganda messages through Facebook, twitter and the like to achieve an almost limitless messaging (IO) campaign. (Rupert, 2016)
The cyber espionage and information warfare capabilities of Russia are a significant threat to other countries, especially democratic countries such as the U.S. that have open communication systems and outlets. One would not have to let their mind wonder very far to consider the devastating effects similar propaganda campaigns could be. Consider the misinformation campaign in 2014 where ISIS reportedly attacked a chemical plant in Louisiana causing widespread panic to both citizens and creating confusion with local authorities. (Diresta, 2016)
Information has become a valuable weapon in Russia’s cyber weapons arsenal. The attack surface available is borderless and the risk of retribution is minimal as it is very difficult to prove attribution. It would be very easy for Russia, or any nation for that matter, to create a misinformation campaign targeting nuclear plants, the centers for disease control, the chemical labs for the DoD or any critical infrastructure facility to cause mass confusion, chaos and general mayhem to continually undermine the foundation of our democracy. These efforts could be used in conjunction with malicious cyber-attacks to bring down critical infrastructure while vital resources are being used to investigate and respond to false reports.
The always-on social media world we live in could very well empower countries such as Russia in their efforts to erode our democratic way of life. Cyber warfare is the next-generation battlefield that will continue to target our way of life and use our own freedoms against us. (Ranger, 2016)
No comments:
Post a Comment