YL
Uploaded byYuri Livshitz
75 views

Russian cyber offense strategy development

This document provides an overview of Russian cyber offense strategy development and capabilities building. It discusses key factors that motivated Russia's selection of cyber offense as a vital tool, including weaknesses in the military after the Soviet Union's dissolution. It outlines General Gerasimov's theory of "hybrid warfare" which emphasizes non-military means for achieving goals and influenced Russia's approach. The document also examines Russia's efforts to build unified cyber offensive networks and cooperate internationally, as well as strategies for resilience in response to potential Western retaliation. Overall, it analyzes the evolution of Russia's cyber capabilities and strategy from both an academic and strategic perspective.

Embed presentation

Download to read offline
1 Russian cyber offense strategy development and capabilities building Seminar Research Paper for The Evolution of Cyber Threat Course Course Instructor: Hemi Pecker Author: Yuri Livshitz. 306927862 Submitted on 28 April 2021
2 Table of Contents Intro................................................................................................... 3 Research Methodology ..................................................................... 4 Academic background overview ....................................................... 5 Development of Russian cyber warfare - Motivation........................ 6 Gerasimov Theory ............................................................................. 9 Russia's worldview and the birth of chaos ......................................14 The evolution of hybrid warfare......................................................18 Building unified network offensive network ...................................20 Russian cyber offensive international cooperation.........................21 U.S. retaliation and new Russian defense strategy .........................23 The role of FSB – Federal Security Service.......................................25 Conclusion .......................................................................................27 Bibliography.....................................................................................30
3 Intro Over the last twenty years, the expansion and development of cyber technologies added a new dimension to international strategy, creating new threats and opportunities for next-gen warfare. The emerging key actor in the cyber domain is the Russian Federation; cyber events associated with Russian state and non-state actors have influenced the international environment, created security challenges, and reshaped our core understanding of cyber power. The fast pace of cyber development, however, has also resulted in gaps in the understanding of cyber power is both an instrument of power and an element of national strategy. The work aims to evaluate the role and posture of the Russian Federation in cyberspace. The aim is to outline the key driving factors and triggers that led to the selection of cyber offense as a vital tool of Russian international policy. Russian cyber operations started in Latvia and Georgia during the Russian Georgian conflict. Nevertheless, the most notable are multiple Russian cyber-attacks against the democratic party, which demonstrate both the determination and good technical capabilities of Russian hackers, which is also important because attacks continue despite significant publicity. Russia also responsible (according to U.S. officials) for the latest supply chain attack on Fireye via SolarWinds compromised software. Given the scale, the true impact of the attack is still to be learned. Both attacks, however, clearly outline the vast attack capability created by the Russian federation. Finally, a recent publication by NSA flags Russia as responsible for attacks on U.S. government agencies.
4 This paper will present an overview of existing literature of Russia-related cyber events, the scholarly works that have examined Russian information warfare doctrine, and the record of Russian engagement through international institutions. Significant contribution to these paper provided by numerous research report produced by leading cyber research companies like Crowdstrike and ESET. Though individually, these subject areas provide a means of analysis and policy recommendations, my aim is to offer a full perspective on Russia's behavior in cyberspace. The research will outline Russian cyber capability creation. The research will cover both military philosophy (Gerasimov Theory), which designed the Russian cyber warfare approach, and Russian practical steps to be resilient against western retaliation by building independent Russian infrastructure. Finally, I will discuss Russian international cyber cooperation with other regimes like Iran and Styria and other countries which are under OFAC1 sanctions list. Research Methodology Most research preformed for this paper was qualitative in nature and involved the summary and analysis of primary and secondary literature including publicly communications, academic journal articles and book chapters, and reports from established research institutes and media organizations. As true impact and precise offensive toolset used by Russia is obviously classified The paper will mainly focus on Russian policies intent and strategy and less insight will be given to the tactical methods of the 1 https://home.treasury.gov/policy-issues/financial-sanctions/sanctions-programs-and-country- information/where-is-ofacs-country-list-what-countries-do-i-need-to-worry-about-in-terms-of- us-sanctions
5 attackers research aim is to understand the aim , evolution and possible future evolvement of Russian offensive capabilities. Academic background overview My paper is based on multiple types of research on the subject of the core are principles of Russian cyber capability one of the main sources I rely on is the extensive research performed by Medvedev, Sergei A. "Offense-Defense Theory Analysis of Russian Cyber Capability" the article present Russia policy and tries to predict Russian intent. At the same time, the article provides an extensive historical review and great presentation of Gerasimov's Theory which this paper will discuss in length later. The article fails to predict the intent of Russian foreign policy and, therefore, misinterprets Russian cyber activity's key factors. Additional research article which is essential on the topic is "What Is the Cyber Offense-Defense Balance? Conceptions, Causes, and Assessment" by Rebecca Slayton. In her article Rebecca Slayton present an extensive overview of defense offense equilibrium. The article provides an extensive review of first-mover advantage as well as a detailed review of different technical cyber- attacks. The conclusion regarding the cyber dilemma is "The most important policy implication of these findings is that leaders should not presume that cyberspace favors the offense, but instead recognize that any such advantage will depend on the complexity of the offensive goals and the capabilities of the defender." 2 2 https://direct.mit.edu/isec/article/41/3/72/12149/What-Is-the-Cyber-Offense-Defense-Balance
6 Finally, James E. McGhee, in "Liberating Cyber Offense," provides an extensive overview. Of cyber activity and make a very valid point by stating that "The misunderstandings regarding cyber operations permeate the highest levels of U.S. decision making. Not only military commanders but also civil political leaders"3 These statements jointly summarize the complexity of the West's problem when dealing with Russian cyber offense. Before we discuss the potential threat to international order, we have first to understand whom the Russian cyber strategy evolved to its current state Development of Russian cyber warfare - Motivation From 1991 to the present, the history of Russia began with the dissolution of the Soviet Union (USSR) on 26 December 1991. The Russian Soviet Federative Socialist Republic (RSFSR) was the largest republic within the USSR. The Russian Federation was the largest republic that made up the USSR, accounting for over 60% of the gross domestic product (GDP) and over 50% of the Soviet population. Before the dissolution of the USSR, Boris Yeltsin had been elected President of Russia in June 1991 in the first direct presidential election in Russian history. The elections ensured that Yeltsin would be the political 3 https://www.jstor.org/stable/26271529?seq=14#metadata_info_tab_contents
7 leader of the Russian successor state following dissolution. Yeltsin announced that Russia would proceed with radical reforms, including market-oriented reform along the lines of Poland's "big bang", also known as "shock therapy."4 For the most part, the Russian armed forces were in near-complete disarray by 1992, one year after dissolution. This degraded military effectiveness would become all too clear during the 1994 Chechen War, but this posed some significant practical challenges for global security and arms control in the interim. With the collapse of the Soviet economy and the subsequent departure of large republics like Gregoria and Ukraine. These were extremely challenging times for the Russian military which suffered from a lack of budgeting and low public support. Supporters of democratic reforms and Alliance with west Russia needed no nuclear weapons and colossal army of the Soviet Union looked counterproductive and unneeded to the new democratic leadership of Russia. Military budgets decreased sharply under the Yeltsin administration, and the military was transferred to survival mode. This attitude, however, did not last for long. The Catastrophic War in Chechnya (1994) provided a bitter example of why Russia still needs a military. Russian poor military performance during the first Chechen war worried Kremlin as they damage the Russian 4 Greenberg, Andy. 2019. Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers. New York: Doubleday.
8 reputation of a superpower and Yeltsin's image as a president and head of Stuff.5 Russia's shrinking economy and multiple political and economic problems created a significant challenge for the government. stability6 When Putin was nominated by Yeltsin and then elected to precedency, Putin found a weak army and economy. Multiple examples can testify to the poor state of the Russian military during the first years of Putin's rule, but the most remarkable example is Kursk's nuclear submarine tragedy where due to failing test of rocket ammunition, the submarine sunk, and the Russian military was not capable of saving the crew.7 The Russian army, in general, significantly lagged behind the West in modern ammunition and aircraft capabilities. Putin, however, immediately invested significant budgeting in order to recover the Russian military. During the investigation of military complex capabilities, one of the areas that stood out was the cyber arena. The development of cyber capabilities, unlike the development of rockets, does not require significant budgeting. Instead, it requires high-quality technical human power. Russia managed to maintain strong academic and science capabilities. Russia also managed to be one of the few countries to offer strong local alternatives to western 5 Krikunov, A. 2011. “Kiberprostranstvo vedushchikh gosudarstv v kontekste sovremennykh vyzovov i ugroz [Cyberspace of Leading States in the Context of Contemporary Challenges and Threats]” Morskoy Sbornik 11 (November): 32-37 6 7 https://www.britannica.com/event/Kursk-submarine-disaster
9 search engines and social groups. In fact, Russian Yandex search engine leads over Google in Russia and V.K. present significant competition to Facebook. Therefore, developing Cyber capabilities seemed to Russian leadership as an easy win. This led to a search for a new theory of warfare that can potentially turn the odds in Russia's favor. The new Theory was formulated by General Anatoly Gerasimov (head of Russian Stuff) and is currently known as the Gerasimov theory.8 Gerasimov Theory 8 Greenberg, Andy. 2020. “The US Blames Russia’s GRU for Sweeping Cyberattacks in Georgia.” Wired, February 20, 2020. https://www.wired.com/story/us-blames-russia-gru-sweeping-cyberattacks-georgia/
10 The first complete development of the "hybrid warfare" theory by Russia can be found in an article by General Gerasimov, the Russian Armed Forces' Chief of Staff of the time, in an essay published in the weekly magazine Corriere Military-Industrial Courier in February 2013. The high-ranking officer of the Russian Command started from a simple consideration. That in the post-Cold War period, and any regional or continental military action is increasingly closer to the line in which peaceful operations and military operations in the proper sense of the term tended to get mixed. The post-Cold War experiences marked General Gerasimov's central idea: at the beginning of the strategic Theory of the Russian General, however, there was the Revolution in Military Affairs (RMA), i.e. the U.S. doctrine of the 2000s that placed the relationship between new technologies and the overall reorganization of the North American Armed Forces at the core of the debate.9 Both Russia and China placed the RMA – which they saw operating well in Iraq – as the core of their desired transformation of technologies with emphasis on military organizations. Import to mention here a great Russian and Soviet General, Ogarkov, called the RMA- Military Technological Revolution. Ogarkov claims that new technologies such as robotics and direct energy weapons would design the whole new space of operations and even the political function of war, thus marginalizing the vast masses of infantry that were once necessary to win.10 General Gerasimov states that the basic rules of war had changed: the role of the nonmilitary structures useful to achieve goals that were previously reached exclusively by war increased out 9 https://www.politico.com/magazine/story/2017/09/05/gerasimov-doctrine-russia-foreign-policy-215538 10 Valery Gerasimov, “The Value of Science is in the Foresight: New Challenges Demand Rethinking the Forms and Methods of Carrying out Combat Operations,” Robert Coalson (ed.), in Military Review (January-February 2016), p. 24.
11 of proportion. Here Russia had in mind the operations of Soft Power and economic and cultural influence by the United States and NATO, but also, in many cases – and this is the point that gave rise to the concept of "hybrid warfare" – the non-traditional means that achieved and sometimes outperformed the effects of conventional weapons. Financial warfare? War of information manipulation? War for raw materials? It depends on where you are.11 According to Gerasimov, in the new ware, victory comes above all from the covert work of many organizations: local volunteers, allied military; the more or less "spontaneous" people's organizations; companies' safety nets; criminal organizations, and large mass demonstrations. General Gerasimov was an excellent prophet: the irregular forces in the Crimea, the other ones in Chechnya, many other "little green men" in Georgia, and then in many peripheral areas of the new Russian empire were successful in achieving Russian policy aims. Technological superiority counts, and it is essential – but what really matters is the full and absolute political power on the territory or on a specific technology, operation, influence, or Denial Area action.12 According to Gerasimov, with its hybrid warfare, Russia will mainly carry out operations "from weak to strong," blocking its enemy's information actions, backing their population and mixing with them, thus becoming unrecognizable and, above all, carrying out entirely unconventional operations. 11 https://ndupress.ndu.edu/Portals/68/Documents/prism/prism_8-2/PRISM_8-2_Fridman.pdf?ver=2019-09-17- 231059-263 12 Valery Gerasimov, “The Value of Science is in the Foresight: New Challenges Demand Rethinking the Forms and Methods of Carrying out Combat Operations,” Robert Coalson (ed.), in Military Review (January-February 2016), p. 28-32
12 Either you take the radio and T.V. stations, like Nasser did at the beginning of his revolution with his army, or currently you control social media remotely, either through fake news – which are true instruments of "unorthodox" warfare, as it was called by NATO when a Marine officer, who led it, found himself lured and tricked by a pretty girl from the GDR Intelligence Services – or possibly even with the techniques of support, local manipulation and protection of the local population. Hence currently, Russia mainly plays the game of non-State actors, even imitating them, but there is the whole panoply of the current nonstandard war. This type of nonstandard war is waged on a small scale with the small countries and a large scale with the big ones. In January 2000, the Russian President signed the first modern Gerasimov-style National Security Concept, which listed the treat factors that are also those that Russia sees in the operations currently existing in the East: ethnic, nationalist, and religious factionalism, a theme that is much far from Western doctrine, which exalts precisely factionalism, as happened in the template of the hybrid warfare of the time, the Second Yugoslav War. Current mechanisms of international crisis control, which we see currently operating within the United Nations and its peripheral organizations, have weakened significantly, mainly due to discontent from the United States. United States no longer wants to participate in U.N. international crisis control activity due to inefficient and fragmented U.N. operation. The response of this Russian document was directly targeted to the 1999 NATO Strategic Concept, in which the Russian side stated that only the U.N. Security Council could establish legal rules for regional interventions. The Russian national interests, reaffirmed in the 2000 document, were still the same: military cooperation in the CIS, on which Russia does not want foreign eyes; the creation
13 of a unified military area (which is the basis for hybrid warfare), as well as stable unity with Belarus.13 The unity is actively realized now with cyber activity as well during the recent opposition uprising in Belarus. Furthermore, NATO is creating a center for cyber operations to strengthen also "resilience" – now a magic and fashionable word -in the countries concerned. Certainly, the Alliance is only defensive, but it would be good to have a clear idea that, from old times to the present day, defense and attack have always been closely connected. Indeed, the western approach claims it has "bogged down" Putin in the Crimea, but it already accepts the basic defeat in the Southern Flank where, however, there would be an enhanced "fight against terrorism", regardless of what this expression means. Hence "all-out war" cannot accept excuses. Even in times of peace and this is the real final goal of "hybrid warfare," while the world war is today kept as a remote option by the U.S. outstanding power of conventional or not conventional first and second strike. This might not last forever. The only ones who are thinking about the new scenarios, leaving aside Italian lawyers in the Intelligence Services and in other organizations are the French. General Thierry Burkhard, a man of the Foreign Legion, is thinking of a new concept: after the defeat or, however, the marginalization of the jihad, the real future clash will be the return of the old into the new, the struggle between States and States.14 13 https://www.frstrategie.org/en/publications/notes/russia-policy-towards-belarus-during-alyaksandr-lukashenka-s- fifth-presidential-term-2020 14 Ibid p 67-81
14 Russia's worldview and the birth of chaos The chaos strategy and the tactical use of hybrid warfare emerged out of the perception of Putin and the Russian leadership that Russia is locked in the form of great-power competition with the United States and Europe and increasingly with China. The stakes are high: ultimately, it is about the survival of the current Russian regime. For decades since the end of the Cold War, Russian authorities have been feeding a sense of post- Cold War “embarrassment” that Russia's security concerns were not sufficiently taken into consideration, if not downright ignored. This storyline is reinforced by a "besieged fortress" mentality at home fueled by a fear of squeeze by NATO forces and exclusion from the European security architecture. This would have forced Russia to choose hostility over cooperation with the West. The Russian leadership believes that there is a window of opportunity to take action and make foreign policy and security intentions a reality. The war with Georgia in 2008 was the beginning of Russia's foreign policy activation and confrontation with the west. What followed were calculated steps to do away with an international order since Kremlin leadership feels cheated and disappointed with the West. For Russia, the problem remains that it cannot compete in a direct contest of national power political or conventional military with its peer and near-peer competitors. The Russian leadership fundamentally feels its conventional military is inferior to the West's, and
15 especially NATO. Therefore, as Russia cannot compete symmetrically, it chooses to contest and disrupt asymmetrically.15 It follows that Russia has selected chaos via asymmetrical means through cyberattacks, political subversion, business ties, and economic warfare, among other tools. The approach has combined both old and new, drawing on lessons from the successful use of Soviet-era asymmetric strategies16 , but amplified with the power of modern technology and social media. Priority is given to nonmilitary hybrid tools, like those being pondered by Russian military planners are part of warfare. Such means represent a coordinated and tailored effort at the strategic level to reshape the internal course — be it political, economic, or societal — of target countries. Russia uses a complex and combined toolkit of military and nonmilitary tactics17 In its extensive conflict with the West Russian power elite is united by a willingness to alter with force, if necessary, the Western-led liberal international order. This effort also seeks to increase 15 Mark Galeotti, “The ‘Gerasimov Doctrine’ and Russian Non-Linear War,” In Moscow’s Shadows (6 July 2014), accessed 5 May 2016, p23-29 16 Keir Giles, Russia’s ‘New’ Tools for Confronting the West: Continuity and Innovation in Moscow’s Exercise of Power, Research Paper (Chatham House, London: The Royal Institute of International Affairs, 2016), pp. 37-40. 17 Mark Galeotti, “The ‘Gerasimov Doctrine’ and Russian Non-Linear War,” In Moscow’s Shadows (6 July 2014), accessed 5 May 2016, p21-24
16 Russia's international standing in relative terms as well as advance Russian interests against the West. Valery Gerasimov. In February 2013, Gerasimov articulated his Theory of modern warfare in a now-famous article for the Military-Industrial Kurier. "Hybrid warfare" and the "Gerasimov doctrine" were consequently coined as umbrella terms. To describe, often without context or erroneously, Russia's nonlinear approach to conflict in the West. Indeed, the article was written in the context of Russia's response to the Arab Spring and fears of the spread of color revolutions against Kremlin-friendly regimes. Gerasimov fused methods from previous attempts to use nonlinear competitive strategies against more powerful rivals with updated technology and military concepts. In this context, Russian operations must lead to information and psychological dominance of the enemy. Therefore, seeding chaos is part of what Russian military strategists refer to as the "initial period of war" — taking after Soviet military Theory but applied to modern warfare. These concepts eradicate the line between peace and war, placing politics and armed conflict in the same category. In his text, Gerasimov described the way advanced military powers in the West engage in warfare while outlining the importance of nonmilitary means to achieve military goals. He highlighted the
17 primary threats to Russian sovereignty and suggested that the Kremlin's political leadership needed to be more open to innovative ideas on future security challenges.11 Gerasimov's Theory is more a tactical application of how Russia understands modern warfare. It reflects a pragmatic acceptance of the need to take what opportunities arise. What makes this chaos strategy unique is the fact that the connection between nonlinear and nonmilitary tactics is no longer an aid to the use of force but rather the equivalent of force itself. Of course, Russian military thinkers did not exclude the use of conventional forces. On the contrary, they stressed Russia's need for innovation and the wider modernization of its armed forces. Russia's "soft power" (miagkaia sila)18 is here to prepare the ground for hard power. Based on Western responses to their behavior patterns thus far, Russian leaders could conclude that time is indeed on their side.. Disorientation and distraction in the West produce more one- sided concessions and, therefore, purchase more time for Russia than victory on any battlefield. Worse yet, the second lesson that Russian leaders could draw is that risk-taking works. 18 Mikryunov, V. Yu. 2015. “Kak protivostoyat’ agressii SSHA [How to Resist U.S. Aggression].” Vestnik Akademii voennykh nauk 51, no. 2: 12-21.
18 The evolution of hybrid warfare Gerasimov doctrine is not entirely static. A significant event in the evolution of Russia's use of Gerasimov doctrine to compete against the West occurred when Gerasimov delivered a keynote speech to the Russian Academy of Military Science in March 2019. Gerasimov reported on evolutions of military strategy and military-scientific developments. The address was important in how it differed from his 2013 assessment on the use of nonlinear means to sow chaos. While presenting operational lessons learned from recent deployments in Syria, Gerasimov insisted on the use of military power as well as political-military coercion.19 Throughout his speech, Gerasimov insisted on two main "vectors" in the development of Russian military strategy: limited action and active defense. These developments will influence military 19 The Gerasimov Doctrine -It’s Russia’s new chaos theory of political warfare. And it’s probably being used on you.By MOLLY K. MCKEW September/October 2017 p23-34
19 thinking and, subsequently, military procurement in the coming years and likely inform new iterations of the Russian military doctrine. All these represent, in a way, Gerasimov's personal military legacy.20 The strategy of limited action outside Russia's borders seeks to counter existing threats to Russian national interests through limited out-of-area military intervention. This largely encompasses lessons learned from operations in Syria, and to an extent, in eastern Ukraine. The strategy of active defense aims to preemptively neutralize threats through active measures. Accordingly, this would respond to Western interference, depicted by Gerasimov as a "Trojan Horse."21 This reference to the West is more confrontational than ever: it frames the United States as an "aggressor" and accuses it of developing interference strategies that combine fifth-column political warfare and color revolutions with high-tech global strike capabilities. This is linked to the preparation of the political environment through information superiority and the use of soft power by US as the main nonlinear tactic. Russia's military interventions in Syria, Venezuela, and, more recently, Libya raise the question whether the Kremlin is still opportunistic or whether it has revised its military strategy to better 20 Ibid, p45-53 21 https://privacyinternational.org/learn/five-eyes
20 project force around the globe based on a single playbook. These interventions have taken advantage of preexisting political division and weakness that Russia did not directly created. Together with its growing conventional power, Russia is now far more confident about using hard power. Recent events in Ukraine only further emphasize this point. Russian hybrid operations — mainly information Cyber operations — have been adapting in order to infiltrate networks, destabilize internal norms, and ultimately create an environment conducive to Russian interests in the West. Building unified network offensive network Russia allegedly is directly responsible for numerous high profile cyber-attacks; 1. Interference in the 2016 U.S. presidential elections - This operation by Russian GRU illustrated the reach and power of cyber-enabled influence operations. 2. Disruption of the Ukrainian power grid in 2015: Russian cyber actors are credited with the first publicly identified attack on a live power grid, which impacted an estimated 225,000 people. 3. Intrusions into the U.S. power grid: In 2018, the U.S. publicly accused Russia of conducting a two-year-long coordinated campaign of cyber intrusions into the U.S. grid. 4. Targeting of COVID-19 research: In July 2020, the U.S., U.K., and Canada detailed Russian-driven cyber intrusion campaigns directed against organizations conducting COVID-19 vaccine development.
21 Finally, the U.S. recently directly blamed Russia for conducting cyber operations on U.S. soil . MOSCOW (Reuters) – U.S. Secretary of State Mike Pompeo said on Friday that “Russia was responsible for a cyberattack that embedded malicious code inside U.S. government software systems and those of other governments and companies across the world”.[23]22 Russia is previously mentioned, created an extensive network of proxies to deliver different types of cyber operation. They are ranging from propaganda and fake news to direct technical infiltration. Russia's cyber activity, however, does not stop at direct attacks on western infrastructure; instead, Russia is trying now to mobilize allies to the effort. Russian cyber offensive international cooperation Russia recently isn't active only on the hidden cyber front instead significant energy invest by Russian diplomacy to create its own alternative to the The "Five Eyes (FVEY)23 – alliance was formed between five anglophone countries and their security agencies: the U.S. (NSA), the U.K. 22 https://www.cfr.org/blog/iran-russia-cyber-agreement-and-us-strategy-middle-east 23 https://privacyinternational.org/learn/five-eyes
22 (GCHQ), Australia (ASD), Canada (CSEC) and New Zealand (GCSB)". Russian is trying to do so by leveraging cooperation with countries that are opposed to the U.S. "2021 January, Russian Foreign Minister Sergey Lavrov and his Iranian counterpart Javad Zarif signed a cooperation agreement on cybersecurity and information and communications technology (ICT). The agreement includes cybersecurity cooperation, technology transfer, combined training, and coordination at multilateral forums, like the United Nations."24 WASHINGTON (Reuters) - A Russian military contingent that arrived in Venezuela over the weekend, drawing U.S. condemnation, is believed by the U.S. government to be made up of special forces including "cybersecurity personnel," a U.S. official told Reuters on Tuesday.25 Russia actively supports anti-western cyber activity and cooperation within countries that are in direct confrontation with the U.S. This reflects Russian general strategy to jeopardize U.S. policy as Russia sees the U.S. as its main rival on the international arena. 24 http://www.rt.com/politics/411156-russia-to-launch-independent-internet 25 https://www.reuters.com/article/us-venezuela-politics-russians-idUSKCN1R72FX
23 While the level of the cooperation isn't clear and in particular the commitment of the countries to conduct the offensive cyber activity. It is groundless to assume that this partnership is created for defense purposes only. U.S. retaliation and new Russian defense strategy U.S retaliation as response to Russian activity are of particular interest as they apparently empower Russian cyber activity “Obama also approved a previously undisclosed covert measure that authorized planting cyberweapons in Russia’s infrastructure, the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow. The project, which Obama approved in a covert-action finding, was still in its planning stages when Obama left office.”26 Some of the tools planted where apparently used this created in Russian government strong discontent with usage of western software and hardware. Russia defense agencies developed a plan to replace western companies with local software providers they also require state owned companies to replace software systems with Russian made ones. 26 https://www.washingtonpost.com/graphics/2017/world/national-security/obama-putin-election-hacking/
24 Russia is in particular worried regarding possible attack on its energy or banking sector. This leads Russia which misses significant local cyber providers except of Kaspersky to attempt to build internal and unknown to the west OS and network equipment. Recently news emerged that Russian president Vladimir Putin had approved a plan to create an independent Internet by 1 August 2018, first reported by the27 Russian news agency, R.T. The alternate Internet would be used by BRICS nations—Brazil, Russia, India, China, and South Africa—and shield them from "possible external influence," the Kremlin's press secretary, Dmitry Peskov, told R.T. "We all know who the chief administrator of the global Internet is," Peskov said. "And due to its volatility, we have to think about how to ensure our national security." To create alternative Internet, Russia would need to duplicate the hardware and software that currently manages Internet traffic. That would likely involve setting up computer servers, copying existing databases, updating security features, and reconfiguring some existing technology—in essence, they'd need their own Domain Name System (DNS), the essential technology that underlies the existing Internet and, among other things, translates domain names.28 Once on Russia's Internet, users would have access to only those websites the alternative network recognized. Let's assume Russia didn't want its users reading Georgian websites. It could eliminate the country code top-level domain (TLD) .ge from its root server and essentially disappear Georgia. 27 https://spectrum.ieee.org/tech-talk/telecom/internet/could-russia-really-build-its-own-alternate-internet 28 https://en.wikipedia.org/wiki/Domain_Name_System
25 Furthermore, when it comes to the Internet, trust is critical. Every network operator and every Internet device developer trusts that when a phone, laptop, or computer queries a DNS server, it will get a reliable and accurate response. If it doesn't, the Internet doesn't work. For years, Russia, China, and other nations have complained about how the Internet is governed. As members of the GAC, they have a vote on proposals. Nevertheless, they cannot veto decisions made by the Internet Engineering Task Force, an independent international group of network designers, operators, and researchers that oversee the Internet architecture and its operation.29 In the meantime, Russia is strong-arming the Internet in other ways. It's established a law that forces foreign companies, such as LinkedIn, booking.com, and others, to store data about its citizens on Russian servers. The role of FSB – Federal Security Service FSB's Russian intelligence agency and the successor of soviet KGB plays a central role in orchestrating the cyber activity, both internal and external. Multiple researchers highlight the agency extensive work in recruiting and developing Russian cyber capability. The influence of FSB is huge in the Russian state it inherits authority from its processor, the KGB - Committee of state defense. 29 Greenberg, Andy. 2020. “The US Blames Russia’s GRU for Sweeping Cyberattacks in Georgia.” Wired, February 20, 2020. https://www.wired.com/story/us-blames-russia-gru-sweeping-cyberattacks-georgia/
26 FSB does the particular task of developing local cyber talent by allowing criminal cyber activity and even endorsing it within some sandbox boundaries. Russia isn't known only for cyber activity on the state level. In fact, Russian hackers are as famous for cyber actions, which are performed for financial gain. Numerous high-profile Russian hackers were trailed and jailed recently in the U.S. Russia federation actively opposed the detention of these individuals. Russian high level of activity direct to prevent the extradition of cybercriminals to U.S. creates an assumption that Russia fears they may expose information about state-level cyber activity.30 An extreme and somewhat bizarre example of this Russian policy is the "Burkov" case. Burkov was arrested in Israel and extradite to the U.S. Burkov was wanted in the USA for criminal activity against U.S. citizens mainly related to credit card fraud. "Before Burkov was finally turned over to U.S. authorities, Russia had been seeking to free him from Israeli custody in a proposed prisoner swap, according to Israeli media accounts. For its part, Moscow offered to release the Israeli American woman, Na'ama Issachar, 26, who has been behind bars in Russia since last spring."31 This small event exposes Russian “dependency” while performing cyber operation on criminal organizations. While it isn’t clear if he was directly involved in any cyber activity orchestrated by FSB or GRU. The high level of Russian involvement to release him clearly demonstrates that he had access to sensitive data or knowledge regarding cyber operation. Pressure to release Burkov 30 https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a-broad-hacking- campaign-that-has-breached-us-agencies-and-a-top-cyber-firm/2020/12/13/d5a53b88-3d7d-11eb-9453- fc36ba051781_story.html 31 https://www.washingtonpost.com/local/public-safety/israel-extradites-accused-russian-computer-hacker-to-united- states/2019/11/12/e40f84ca-057b-11ea-8292-c46ee8cb3dce_story.html
27 reached heads of state level when president Putin and PM Netanyahu negotiated the possible terms of his release. Conclusion As it seems current Russian power elite selected to challenge the West on numerous key questions of international foreign policy. However, the real divide between Russia and the West is deeper it is embodied in Russian total disrespect towards civil society, and the Russian government aims to dismantle any cultural liberal transformation of Russian society. The Russian government has a valid reason to worry that a strong civil society means citizens' control over the government's function and policies. Russia's government and President believe it seems in a more top-down approach where the government controls society on economic, mass media, and even culture domains. The Russian government uses cyber warfare mainly as a method to scare its enemies as it sees them. None of the Russian cyber-attacks so far were aimed at critical infrastructure in the West (Ukrainian power grid cyber-attack was performed as part of cyberwar with Ukraine). Although
28 Russia's level of attack tools improves the overall sophistication level of the attacks, the efficiency is mixed. It is extremely hard to tell what is the benefit of alleged Russian cyber-attacks against the Olympic games in Tokyo or WADA. The attacks again the democratic party are exceptional in sophistication and penetration level, and yes, overall Russian attacks exhibit a degree of restrain. For example, Russia avoids destroying data or creating unavoidable disruptions to an operation like the Sony attack. The reason for the Russian cyber offensive restrains the interconnected nature of the Internet. Russia is currently dependent on western software and hardware. The Russian government is well aware that the U.S. and NSA have significant cyber capabilities, as was revealed by Snowden. Therefore, Putin and other decision-makers carefully calculate the consequences of the attacks and possible western retaliation. The realization of the West's possible consequences pushed the Russian government to realize numerous projects to replace western hardware and software in government and private sectors. Currently, Russia is actively developing a sovereign O.S. Russia's success in achieving its goal of I.T. independence from the West can lead the Russian government to significantly bolder moves. Western cyber deterrence is effective only as long as Russia is part of the I.T. ecosystem led by Silicon Valley giants. Russia increasing control over the local Internet should worry the West no less than Russian intervention in Ukraine. With sovereign cyber and its sector, Russia will present a far more significant challenge and risk for the West and U.S. in particular.
29 Attacking modern software developed according to modern security practices will be a tremendous challenge for the intelligence community and the NSA. Most of the applications used currently for monitoring and security forensics will not operate on Russian OS. This can create a situation in which Russia is less accountable and can operate without fear of western retaliation in the cyber domain. As for the West, losing the ability to retaliate with cyber to Russian actions leaves only the kinetic option open. The kinetic option is, however, extremely costly and might be regarded as unjustified by public opinion. Besides, Russia's possession of a large arsenal of nuclear weapons increases the risks of any direct action taken against Russian decision-makers.
30 Bibliography • Keir GIles. 2016. The next phase of Russian information warfare. NATO Strategic Communications Centre of Excellencehttps://www.stratcomcoe.org/next-phase-Russian- information-warfare-keir-giles • Keir Giles, Russia’s ‘New’ Tools for Confronting the West: Continuity and Innovation in Moscow’s Exercise of Power, Research Paper (Chatham House, London: The Royal Institute of International Affairs, 2016), pp. 37-40 • Lilly B, Cheravitch J (2020) The past, present, and future of Russia’s Cyber strategy and forces. In: 12th International conference on cyber conflict (CyCon). https://ieeexplore.ieee.org/abstract/document/9131723 • Greenberg, Andy. 2017. “Petya Ransomware Epidemic May Be Spillover from Cyberwar.” Wired, June 28, 2017. https://www.wired.com/story/petya-ransomware-ukraine/. • Greenberg, Andy. 2019. Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers. New York: Doubleday. • Greenberg, Andy. 2020. “The US Blames Russia’s GRU for Sweeping Cyberattacks in Georgia.” Wired, February 20, 2020. https://www.wired.com/story/us-blames-russia-gru-sweeping- cyberattacks-georgia/ • Ignatius, David. 2017. “Russia’s Radical New Strategy for Information Warfare.” Washington Post, January 18, 2017. https://www.washingtonpost.com/blogs/post- partisan/wp/2017/01/18/russias-radical-new-strategyfor-information-warfare/. • Krikunov, A. 2011. “Kiberprostranstvo vedushchikh gosudarstv v kontekste sovremennykh vyzovov i ugroz [Cyberspace of Leading States in the Context of Contemporary Challenges and Threats]” Morskoy Sbornik 11 (November): 32-37. • Valery Gerasimov, “The Value of Science is in the Foresight: New Challenges Demand Rethinking the Forms and Methods of Carrying out Combat Operations,” Robert Coalson (ed.), in Military Review (January-February 2016), • Kritukov, Evgeniy. 2018. “Kak SShA nashli ’sotrudnikov GRU’, ’vmeshavshikhsya v vybory’ [How the United States found ‘GRU officers’, ‘interfering in the elections’].” Vzglyad, July 16, 2018. https://vz.ru/ politics/2018/7/16/932761.html. • Medvedev, Sergei. 2015. “Offense-Defense Theory Analysis of Russia Cyber Capability.” California: Naval Postgraduate School. https://pdfs.semanticscholar.org/19e3/ca12d73661182bd2a9e34dc2df81634deacf.pdf. • Mikryunov, V. Yu. 2015. “Kak protivostoyat’ agressii SSHA [How to Resist U.S. Aggression].” Vestnik Akademii voennykh nauk 51, no. 2. • https://privacyinternational.org/learn/five-eyes • https://www.cfr.org/blog/iran-russia-cyber-agreement-and-us-strategy-middle-east • http://www.rt.com/politics/411156-russia-to-launch-independent-internet/
31 • https://www.jstor.org/stable/26271529?seq=14#metadata_info_tab_contents • https://direct.mit.edu/isec/article/41/3/72/12149/What-Is-the-Cyber-Offense-Defense-Balance • https://home.treasury.gov/policy-issues/financial-sanctions/sanctions-programs-and-country- information/where-is-ofacs-country-list-what-countries-do-i-need-to-worry-about-in-terms-of- us-sanctions • https://spectrum.ieee.org/tech-talk/telecom/internet/could-russia-really-build-its-own- alternate-internet • Fridman, Ofer. / On 'Gerasimov Doctrine': Why the West Fails to Beat Russia to the Punch. In: Prism. 2019 ; Vol. 8, No. 2. pp. 101-112. • Mark Galeotti, “The ‘Gerasimov Doctrine’ and Russian Non-Linear War,” In Moscow’s Shadows (6 July 2014), accessed 5 May 2016, at https:// inmoscowsshadows.wordpress.com/2014/07/06/ the-gerasimov-doctrine-and-russian-non- linearwar/; Victor R. Morris, “Grading Gerasimov: Evaluating Russian Nonlinear War Through Modern Chinese Doctrine,” in Small Wars Journal (17 September 2015), accessed 5 May 2016, at http://smallwarsjournal.com/jrnl/art/ grading-gerasimov-evaluating-russian-nonlinearwar- through-modern-chinese-doctrine • https://www.frstrategie.org/en/publications/notes/russia-policy-towards-belarus-during- alyaksandr-lukashenka-s-fifth-presidential-term-2020 • The Gerasimov Doctrine -It’s Russia’s new chaos theory of political warfare. And it’s probably being used on you.By MOLLY K. MCKEW September/October 2017 https://www.politico.com/magazine/story/2017/09/05/gerasimov-doctrine-russia-foreign- policy-215538 • https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a- broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber- firm/2020/12/13/d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html • https://en.wikipedia.org/wiki/Domain_Name_System • https://www.britannica.com/event/Kursk-submarine-disaster •

More Related Content

PDF
Hamilton 68 and Securing Democracy
byInternet Law Center
 
PDF
PDF IO Sphere, Spring 2015
byPJ Fox
 
PDF
Dp8497
byjyoti chopra
 
PPT
Dizziness from Success -- Russia\'s Policy in the Northern Caucasus
byEthan Burger
 
PDF
Comet PP Pizzagate - Unproven Trial by Social Media Phenomenon
byThe Free School
 
DOCX
PRP
byFrank Sale
 
PDF
Mamoun fandy (un)civil war of words media and politics in the arab world (2007)
byAgung Kurniawan
 
PDF
Ukrainian conflict bulletin 2
byCsaba7
 
Hamilton 68 and Securing Democracy
byInternet Law Center
 
PDF IO Sphere, Spring 2015
byPJ Fox
 
Dp8497
byjyoti chopra
 
Dizziness from Success -- Russia\'s Policy in the Northern Caucasus
byEthan Burger
 
Comet PP Pizzagate - Unproven Trial by Social Media Phenomenon
byThe Free School
 
PRP
byFrank Sale
 
Mamoun fandy (un)civil war of words media and politics in the arab world (2007)
byAgung Kurniawan
 
Ukrainian conflict bulletin 2
byCsaba7
 

What's hot

PDF
Studies 62-2-june-2018
byhttps://www.cia.gov.com
 
PDF
Studies 62-1-march-2018-extracts
byhttps://www.cia.gov.com
 
DOC
Analytical media project “The reflection of Russian social and political lif...
byMoscow State University, Political Sciences Department, Communication Group G3
 
PDF
ICDS Analysis-Baltics in the Balance
bySarah Manney
 
PDF
FBI Active Shooter Incidents 2016-2017
byJA Larson
 
PDF
Germanys Chosen Path-Domestic Security Institutions in the Berlin Republic 19...
byCourtney W. Paul
 
DOCX
Summary Final
byStephen Scales
 
PDF
Journal of Strategic Security cfp summer 2016
byJeremy Tamsett
 
DOCX
Afghanistan the new surge-a great pakistani christian analyst and my great t...
byAgha A
 
DOCX
Washington
by41kreal
 
PDF
Russo - Ukrainian War Update II: How the fox wars read through the fog of war
byKan Yuenyong
 
PPTX
JRN 450 - Attack on Democracy
byRich Hanley
 
PDF
Analysis of sources and effect of fake news on society
byArpit Khurana
 
PPTX
Lillith Solomon Undergraduate Research Presentation
byLillithSolomon
 
PDF
GARRIE.REEVES.37.5
byLaw & Forensics
 
DOC
DuBow Digest American Edition January 16, 2013
bydubowdigest
 
PDF
Norris-International Relations Capstone 2016-2
byStephen Norris
 
DOC
FlorenceJenna_Dissertation
byJenna Florence
 
Studies 62-2-june-2018
byhttps://www.cia.gov.com
 
Studies 62-1-march-2018-extracts
byhttps://www.cia.gov.com
 
Analytical media project “The reflection of Russian social and political lif...
byMoscow State University, Political Sciences Department, Communication Group G3
 
ICDS Analysis-Baltics in the Balance
bySarah Manney
 
FBI Active Shooter Incidents 2016-2017
byJA Larson
 
Germanys Chosen Path-Domestic Security Institutions in the Berlin Republic 19...
byCourtney W. Paul
 
Summary Final
byStephen Scales
 
Journal of Strategic Security cfp summer 2016
byJeremy Tamsett
 
Afghanistan the new surge-a great pakistani christian analyst and my great t...
byAgha A
 
Washington
by41kreal
 
Russo - Ukrainian War Update II: How the fox wars read through the fog of war
byKan Yuenyong
 
JRN 450 - Attack on Democracy
byRich Hanley
 
Analysis of sources and effect of fake news on society
byArpit Khurana
 
Lillith Solomon Undergraduate Research Presentation
byLillithSolomon
 
GARRIE.REEVES.37.5
byLaw & Forensics
 
DuBow Digest American Edition January 16, 2013
bydubowdigest
 
Norris-International Relations Capstone 2016-2
byStephen Norris
 
FlorenceJenna_Dissertation
byJenna Florence
 

Similar to Russian cyber offense strategy development

DOCX
Russia Ukraine war Cyberspace operations (2022-2024)
byPapadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD
 
PDF
Cyberwarfare and Aggressiveness in Cyberspace
byJarno Limnéll
 
PPTX
Cyber Wars.pptx
byArjunKumar684595
 
PDF
SOCRadar-The-Cyber-Impact-of-the-Russia-Ukraine-War.pdf
bySOCRadar
 
PPT
Cybercrime|Cyberwar - connecting the dots
byYoram Golandsky
 
PDF
SECURITY, DEFENCE AND CYBER SECURITY IN THE DIGITAL AGE
byijmpict
 
PDF
SECURITY, DEFENCE AND CYBER SECURITY IN THE DIGITAL AGE
byijmpict
 
PPTX
Cyber warfare ss
byMaira Asif
 
PDF
War_And_Cyber_3_Years_Of_Struggle_And_Lessons_For_Global_Security.pdf
bybiswajitbanerjee38
 
PDF
Cybersecurity Impacts of the Russian Invasion of Ukraine
byGartner Peer Insights
 
PPT
Govsec Georgia 2008 Cyber War
bypjoyal
 
DOCX
Assarian- One Cool Topic Final Paper
byMatthew Assarian
 
DOCX
ArticleInvisible Digital FrontCan Cyber Attacks Shape.docx
byfestockton
 
PDF
Case studies in cybersecurity strategies
byEyesOpen Association
 
PPTX
Cyber warfare Threat to Cyber Security by Prashant Mali
byAdv Prashant Mali
 
PDF
Understanding the 'physics' of cyber-operations - Pukhraj Singh
byPukhraj Singh
 
ODP
CWFI Presentation Version 1
byBrett L. Scott
 
PPTX
GovSec Joyal New Threat Matrix
byPaul Joyal
 
DOCX
Case Study - Cyberterrorism—A New RealityWhen hackers claiming .docx
bycowinhelen
 
PDF
The Russian Approach to Information Warfare
byJeffrey Malone
 
Russia Ukraine war Cyberspace operations (2022-2024)
byPapadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD
 
Cyberwarfare and Aggressiveness in Cyberspace
byJarno Limnéll
 
Cyber Wars.pptx
byArjunKumar684595
 
SOCRadar-The-Cyber-Impact-of-the-Russia-Ukraine-War.pdf
bySOCRadar
 
Cybercrime|Cyberwar - connecting the dots
byYoram Golandsky
 
SECURITY, DEFENCE AND CYBER SECURITY IN THE DIGITAL AGE
byijmpict
 
SECURITY, DEFENCE AND CYBER SECURITY IN THE DIGITAL AGE
byijmpict
 
Cyber warfare ss
byMaira Asif
 
War_And_Cyber_3_Years_Of_Struggle_And_Lessons_For_Global_Security.pdf
bybiswajitbanerjee38
 
Cybersecurity Impacts of the Russian Invasion of Ukraine
byGartner Peer Insights
 
Govsec Georgia 2008 Cyber War
bypjoyal
 
Assarian- One Cool Topic Final Paper
byMatthew Assarian
 
ArticleInvisible Digital FrontCan Cyber Attacks Shape.docx
byfestockton
 
Case studies in cybersecurity strategies
byEyesOpen Association
 
Cyber warfare Threat to Cyber Security by Prashant Mali
byAdv Prashant Mali
 
Understanding the 'physics' of cyber-operations - Pukhraj Singh
byPukhraj Singh
 
CWFI Presentation Version 1
byBrett L. Scott
 
GovSec Joyal New Threat Matrix
byPaul Joyal
 
Case Study - Cyberterrorism—A New RealityWhen hackers claiming .docx
bycowinhelen
 
The Russian Approach to Information Warfare
byJeffrey Malone
 

Recently uploaded

PDF
Think before you Click (Ligap Project) - SI Ebhonu at FGGC.pdf
bySylvester Ebhonu
 
PPTX
Cybersecurity cyber incident Weeks_7_to_9.pptx
byriaz59
 
PDF
Networking 2 Syllabus using cisco packet tracer simulator
byODINARARCH
 
PPTX
Mind Sound Resonance Technique (MSRT) Teacher Training Course.pptx
byKaruna Yoga Vidya Peetham
 
PDF
AI Girlfriend Platforms Compared 2026 AI Angels Janitor AI Character AI Candy AI
byAi Angels
 
PDF
HYBRID APP DEVELOPMENT AND TECHNOLOGY 01
bydavidjohansen1597
 
Think before you Click (Ligap Project) - SI Ebhonu at FGGC.pdf
bySylvester Ebhonu
 
Cybersecurity cyber incident Weeks_7_to_9.pptx
byriaz59
 
Networking 2 Syllabus using cisco packet tracer simulator
byODINARARCH
 
Mind Sound Resonance Technique (MSRT) Teacher Training Course.pptx
byKaruna Yoga Vidya Peetham
 
AI Girlfriend Platforms Compared 2026 AI Angels Janitor AI Character AI Candy AI
byAi Angels
 
HYBRID APP DEVELOPMENT AND TECHNOLOGY 01
bydavidjohansen1597
 

Russian cyber offense strategy development

  • 1.
    1 Russian cyber offensestrategy development and capabilities building Seminar Research Paper for The Evolution of Cyber Threat Course Course Instructor: Hemi Pecker Author: Yuri Livshitz. 306927862 Submitted on 28 April 2021
  • 2.
    2 Table of Contents Intro................................................................................................... 3 Research Methodology..................................................................... 4 Academic background overview ....................................................... 5 Development of Russian cyber warfare - Motivation........................ 6 Gerasimov Theory ............................................................................. 9 Russia's worldview and the birth of chaos ......................................14 The evolution of hybrid warfare......................................................18 Building unified network offensive network ...................................20 Russian cyber offensive international cooperation.........................21 U.S. retaliation and new Russian defense strategy .........................23 The role of FSB – Federal Security Service.......................................25 Conclusion .......................................................................................27 Bibliography.....................................................................................30
  • 3.
    3 Intro Over the lasttwenty years, the expansion and development of cyber technologies added a new dimension to international strategy, creating new threats and opportunities for next-gen warfare. The emerging key actor in the cyber domain is the Russian Federation; cyber events associated with Russian state and non-state actors have influenced the international environment, created security challenges, and reshaped our core understanding of cyber power. The fast pace of cyber development, however, has also resulted in gaps in the understanding of cyber power is both an instrument of power and an element of national strategy. The work aims to evaluate the role and posture of the Russian Federation in cyberspace. The aim is to outline the key driving factors and triggers that led to the selection of cyber offense as a vital tool of Russian international policy. Russian cyber operations started in Latvia and Georgia during the Russian Georgian conflict. Nevertheless, the most notable are multiple Russian cyber-attacks against the democratic party, which demonstrate both the determination and good technical capabilities of Russian hackers, which is also important because attacks continue despite significant publicity. Russia also responsible (according to U.S. officials) for the latest supply chain attack on Fireye via SolarWinds compromised software. Given the scale, the true impact of the attack is still to be learned. Both attacks, however, clearly outline the vast attack capability created by the Russian federation. Finally, a recent publication by NSA flags Russia as responsible for attacks on U.S. government agencies.
  • 4.
    4 This paper willpresent an overview of existing literature of Russia-related cyber events, the scholarly works that have examined Russian information warfare doctrine, and the record of Russian engagement through international institutions. Significant contribution to these paper provided by numerous research report produced by leading cyber research companies like Crowdstrike and ESET. Though individually, these subject areas provide a means of analysis and policy recommendations, my aim is to offer a full perspective on Russia's behavior in cyberspace. The research will outline Russian cyber capability creation. The research will cover both military philosophy (Gerasimov Theory), which designed the Russian cyber warfare approach, and Russian practical steps to be resilient against western retaliation by building independent Russian infrastructure. Finally, I will discuss Russian international cyber cooperation with other regimes like Iran and Styria and other countries which are under OFAC1 sanctions list. Research Methodology Most research preformed for this paper was qualitative in nature and involved the summary and analysis of primary and secondary literature including publicly communications, academic journal articles and book chapters, and reports from established research institutes and media organizations. As true impact and precise offensive toolset used by Russia is obviously classified The paper will mainly focus on Russian policies intent and strategy and less insight will be given to the tactical methods of the 1 https://home.treasury.gov/policy-issues/financial-sanctions/sanctions-programs-and-country- information/where-is-ofacs-country-list-what-countries-do-i-need-to-worry-about-in-terms-of- us-sanctions
  • 5.
    5 attackers research aimis to understand the aim , evolution and possible future evolvement of Russian offensive capabilities. Academic background overview My paper is based on multiple types of research on the subject of the core are principles of Russian cyber capability one of the main sources I rely on is the extensive research performed by Medvedev, Sergei A. "Offense-Defense Theory Analysis of Russian Cyber Capability" the article present Russia policy and tries to predict Russian intent. At the same time, the article provides an extensive historical review and great presentation of Gerasimov's Theory which this paper will discuss in length later. The article fails to predict the intent of Russian foreign policy and, therefore, misinterprets Russian cyber activity's key factors. Additional research article which is essential on the topic is "What Is the Cyber Offense-Defense Balance? Conceptions, Causes, and Assessment" by Rebecca Slayton. In her article Rebecca Slayton present an extensive overview of defense offense equilibrium. The article provides an extensive review of first-mover advantage as well as a detailed review of different technical cyber- attacks. The conclusion regarding the cyber dilemma is "The most important policy implication of these findings is that leaders should not presume that cyberspace favors the offense, but instead recognize that any such advantage will depend on the complexity of the offensive goals and the capabilities of the defender." 2 2 https://direct.mit.edu/isec/article/41/3/72/12149/What-Is-the-Cyber-Offense-Defense-Balance
  • 6.
    6 Finally, James E.McGhee, in "Liberating Cyber Offense," provides an extensive overview. Of cyber activity and make a very valid point by stating that "The misunderstandings regarding cyber operations permeate the highest levels of U.S. decision making. Not only military commanders but also civil political leaders"3 These statements jointly summarize the complexity of the West's problem when dealing with Russian cyber offense. Before we discuss the potential threat to international order, we have first to understand whom the Russian cyber strategy evolved to its current state Development of Russian cyber warfare - Motivation From 1991 to the present, the history of Russia began with the dissolution of the Soviet Union (USSR) on 26 December 1991. The Russian Soviet Federative Socialist Republic (RSFSR) was the largest republic within the USSR. The Russian Federation was the largest republic that made up the USSR, accounting for over 60% of the gross domestic product (GDP) and over 50% of the Soviet population. Before the dissolution of the USSR, Boris Yeltsin had been elected President of Russia in June 1991 in the first direct presidential election in Russian history. The elections ensured that Yeltsin would be the political 3 https://www.jstor.org/stable/26271529?seq=14#metadata_info_tab_contents
  • 7.
    7 leader of theRussian successor state following dissolution. Yeltsin announced that Russia would proceed with radical reforms, including market-oriented reform along the lines of Poland's "big bang", also known as "shock therapy."4 For the most part, the Russian armed forces were in near-complete disarray by 1992, one year after dissolution. This degraded military effectiveness would become all too clear during the 1994 Chechen War, but this posed some significant practical challenges for global security and arms control in the interim. With the collapse of the Soviet economy and the subsequent departure of large republics like Gregoria and Ukraine. These were extremely challenging times for the Russian military which suffered from a lack of budgeting and low public support. Supporters of democratic reforms and Alliance with west Russia needed no nuclear weapons and colossal army of the Soviet Union looked counterproductive and unneeded to the new democratic leadership of Russia. Military budgets decreased sharply under the Yeltsin administration, and the military was transferred to survival mode. This attitude, however, did not last for long. The Catastrophic War in Chechnya (1994) provided a bitter example of why Russia still needs a military. Russian poor military performance during the first Chechen war worried Kremlin as they damage the Russian 4 Greenberg, Andy. 2019. Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers. New York: Doubleday.
  • 8.
    8 reputation of asuperpower and Yeltsin's image as a president and head of Stuff.5 Russia's shrinking economy and multiple political and economic problems created a significant challenge for the government. stability6 When Putin was nominated by Yeltsin and then elected to precedency, Putin found a weak army and economy. Multiple examples can testify to the poor state of the Russian military during the first years of Putin's rule, but the most remarkable example is Kursk's nuclear submarine tragedy where due to failing test of rocket ammunition, the submarine sunk, and the Russian military was not capable of saving the crew.7 The Russian army, in general, significantly lagged behind the West in modern ammunition and aircraft capabilities. Putin, however, immediately invested significant budgeting in order to recover the Russian military. During the investigation of military complex capabilities, one of the areas that stood out was the cyber arena. The development of cyber capabilities, unlike the development of rockets, does not require significant budgeting. Instead, it requires high-quality technical human power. Russia managed to maintain strong academic and science capabilities. Russia also managed to be one of the few countries to offer strong local alternatives to western 5 Krikunov, A. 2011. “Kiberprostranstvo vedushchikh gosudarstv v kontekste sovremennykh vyzovov i ugroz [Cyberspace of Leading States in the Context of Contemporary Challenges and Threats]” Morskoy Sbornik 11 (November): 32-37 6 7 https://www.britannica.com/event/Kursk-submarine-disaster
  • 9.
    9 search engines andsocial groups. In fact, Russian Yandex search engine leads over Google in Russia and V.K. present significant competition to Facebook. Therefore, developing Cyber capabilities seemed to Russian leadership as an easy win. This led to a search for a new theory of warfare that can potentially turn the odds in Russia's favor. The new Theory was formulated by General Anatoly Gerasimov (head of Russian Stuff) and is currently known as the Gerasimov theory.8 Gerasimov Theory 8 Greenberg, Andy. 2020. “The US Blames Russia’s GRU for Sweeping Cyberattacks in Georgia.” Wired, February 20, 2020. https://www.wired.com/story/us-blames-russia-gru-sweeping-cyberattacks-georgia/
  • 10.
    10 The first completedevelopment of the "hybrid warfare" theory by Russia can be found in an article by General Gerasimov, the Russian Armed Forces' Chief of Staff of the time, in an essay published in the weekly magazine Corriere Military-Industrial Courier in February 2013. The high-ranking officer of the Russian Command started from a simple consideration. That in the post-Cold War period, and any regional or continental military action is increasingly closer to the line in which peaceful operations and military operations in the proper sense of the term tended to get mixed. The post-Cold War experiences marked General Gerasimov's central idea: at the beginning of the strategic Theory of the Russian General, however, there was the Revolution in Military Affairs (RMA), i.e. the U.S. doctrine of the 2000s that placed the relationship between new technologies and the overall reorganization of the North American Armed Forces at the core of the debate.9 Both Russia and China placed the RMA – which they saw operating well in Iraq – as the core of their desired transformation of technologies with emphasis on military organizations. Import to mention here a great Russian and Soviet General, Ogarkov, called the RMA- Military Technological Revolution. Ogarkov claims that new technologies such as robotics and direct energy weapons would design the whole new space of operations and even the political function of war, thus marginalizing the vast masses of infantry that were once necessary to win.10 General Gerasimov states that the basic rules of war had changed: the role of the nonmilitary structures useful to achieve goals that were previously reached exclusively by war increased out 9 https://www.politico.com/magazine/story/2017/09/05/gerasimov-doctrine-russia-foreign-policy-215538 10 Valery Gerasimov, “The Value of Science is in the Foresight: New Challenges Demand Rethinking the Forms and Methods of Carrying out Combat Operations,” Robert Coalson (ed.), in Military Review (January-February 2016), p. 24.
  • 11.
    11 of proportion. HereRussia had in mind the operations of Soft Power and economic and cultural influence by the United States and NATO, but also, in many cases – and this is the point that gave rise to the concept of "hybrid warfare" – the non-traditional means that achieved and sometimes outperformed the effects of conventional weapons. Financial warfare? War of information manipulation? War for raw materials? It depends on where you are.11 According to Gerasimov, in the new ware, victory comes above all from the covert work of many organizations: local volunteers, allied military; the more or less "spontaneous" people's organizations; companies' safety nets; criminal organizations, and large mass demonstrations. General Gerasimov was an excellent prophet: the irregular forces in the Crimea, the other ones in Chechnya, many other "little green men" in Georgia, and then in many peripheral areas of the new Russian empire were successful in achieving Russian policy aims. Technological superiority counts, and it is essential – but what really matters is the full and absolute political power on the territory or on a specific technology, operation, influence, or Denial Area action.12 According to Gerasimov, with its hybrid warfare, Russia will mainly carry out operations "from weak to strong," blocking its enemy's information actions, backing their population and mixing with them, thus becoming unrecognizable and, above all, carrying out entirely unconventional operations. 11 https://ndupress.ndu.edu/Portals/68/Documents/prism/prism_8-2/PRISM_8-2_Fridman.pdf?ver=2019-09-17- 231059-263 12 Valery Gerasimov, “The Value of Science is in the Foresight: New Challenges Demand Rethinking the Forms and Methods of Carrying out Combat Operations,” Robert Coalson (ed.), in Military Review (January-February 2016), p. 28-32
  • 12.
    12 Either you takethe radio and T.V. stations, like Nasser did at the beginning of his revolution with his army, or currently you control social media remotely, either through fake news – which are true instruments of "unorthodox" warfare, as it was called by NATO when a Marine officer, who led it, found himself lured and tricked by a pretty girl from the GDR Intelligence Services – or possibly even with the techniques of support, local manipulation and protection of the local population. Hence currently, Russia mainly plays the game of non-State actors, even imitating them, but there is the whole panoply of the current nonstandard war. This type of nonstandard war is waged on a small scale with the small countries and a large scale with the big ones. In January 2000, the Russian President signed the first modern Gerasimov-style National Security Concept, which listed the treat factors that are also those that Russia sees in the operations currently existing in the East: ethnic, nationalist, and religious factionalism, a theme that is much far from Western doctrine, which exalts precisely factionalism, as happened in the template of the hybrid warfare of the time, the Second Yugoslav War. Current mechanisms of international crisis control, which we see currently operating within the United Nations and its peripheral organizations, have weakened significantly, mainly due to discontent from the United States. United States no longer wants to participate in U.N. international crisis control activity due to inefficient and fragmented U.N. operation. The response of this Russian document was directly targeted to the 1999 NATO Strategic Concept, in which the Russian side stated that only the U.N. Security Council could establish legal rules for regional interventions. The Russian national interests, reaffirmed in the 2000 document, were still the same: military cooperation in the CIS, on which Russia does not want foreign eyes; the creation
  • 13.
    13 of a unifiedmilitary area (which is the basis for hybrid warfare), as well as stable unity with Belarus.13 The unity is actively realized now with cyber activity as well during the recent opposition uprising in Belarus. Furthermore, NATO is creating a center for cyber operations to strengthen also "resilience" – now a magic and fashionable word -in the countries concerned. Certainly, the Alliance is only defensive, but it would be good to have a clear idea that, from old times to the present day, defense and attack have always been closely connected. Indeed, the western approach claims it has "bogged down" Putin in the Crimea, but it already accepts the basic defeat in the Southern Flank where, however, there would be an enhanced "fight against terrorism", regardless of what this expression means. Hence "all-out war" cannot accept excuses. Even in times of peace and this is the real final goal of "hybrid warfare," while the world war is today kept as a remote option by the U.S. outstanding power of conventional or not conventional first and second strike. This might not last forever. The only ones who are thinking about the new scenarios, leaving aside Italian lawyers in the Intelligence Services and in other organizations are the French. General Thierry Burkhard, a man of the Foreign Legion, is thinking of a new concept: after the defeat or, however, the marginalization of the jihad, the real future clash will be the return of the old into the new, the struggle between States and States.14 13 https://www.frstrategie.org/en/publications/notes/russia-policy-towards-belarus-during-alyaksandr-lukashenka-s- fifth-presidential-term-2020 14 Ibid p 67-81
  • 14.
    14 Russia's worldview andthe birth of chaos The chaos strategy and the tactical use of hybrid warfare emerged out of the perception of Putin and the Russian leadership that Russia is locked in the form of great-power competition with the United States and Europe and increasingly with China. The stakes are high: ultimately, it is about the survival of the current Russian regime. For decades since the end of the Cold War, Russian authorities have been feeding a sense of post- Cold War “embarrassment” that Russia's security concerns were not sufficiently taken into consideration, if not downright ignored. This storyline is reinforced by a "besieged fortress" mentality at home fueled by a fear of squeeze by NATO forces and exclusion from the European security architecture. This would have forced Russia to choose hostility over cooperation with the West. The Russian leadership believes that there is a window of opportunity to take action and make foreign policy and security intentions a reality. The war with Georgia in 2008 was the beginning of Russia's foreign policy activation and confrontation with the west. What followed were calculated steps to do away with an international order since Kremlin leadership feels cheated and disappointed with the West. For Russia, the problem remains that it cannot compete in a direct contest of national power political or conventional military with its peer and near-peer competitors. The Russian leadership fundamentally feels its conventional military is inferior to the West's, and
  • 15.
    15 especially NATO. Therefore,as Russia cannot compete symmetrically, it chooses to contest and disrupt asymmetrically.15 It follows that Russia has selected chaos via asymmetrical means through cyberattacks, political subversion, business ties, and economic warfare, among other tools. The approach has combined both old and new, drawing on lessons from the successful use of Soviet-era asymmetric strategies16 , but amplified with the power of modern technology and social media. Priority is given to nonmilitary hybrid tools, like those being pondered by Russian military planners are part of warfare. Such means represent a coordinated and tailored effort at the strategic level to reshape the internal course — be it political, economic, or societal — of target countries. Russia uses a complex and combined toolkit of military and nonmilitary tactics17 In its extensive conflict with the West Russian power elite is united by a willingness to alter with force, if necessary, the Western-led liberal international order. This effort also seeks to increase 15 Mark Galeotti, “The ‘Gerasimov Doctrine’ and Russian Non-Linear War,” In Moscow’s Shadows (6 July 2014), accessed 5 May 2016, p23-29 16 Keir Giles, Russia’s ‘New’ Tools for Confronting the West: Continuity and Innovation in Moscow’s Exercise of Power, Research Paper (Chatham House, London: The Royal Institute of International Affairs, 2016), pp. 37-40. 17 Mark Galeotti, “The ‘Gerasimov Doctrine’ and Russian Non-Linear War,” In Moscow’s Shadows (6 July 2014), accessed 5 May 2016, p21-24
  • 16.
    16 Russia's international standingin relative terms as well as advance Russian interests against the West. Valery Gerasimov. In February 2013, Gerasimov articulated his Theory of modern warfare in a now-famous article for the Military-Industrial Kurier. "Hybrid warfare" and the "Gerasimov doctrine" were consequently coined as umbrella terms. To describe, often without context or erroneously, Russia's nonlinear approach to conflict in the West. Indeed, the article was written in the context of Russia's response to the Arab Spring and fears of the spread of color revolutions against Kremlin-friendly regimes. Gerasimov fused methods from previous attempts to use nonlinear competitive strategies against more powerful rivals with updated technology and military concepts. In this context, Russian operations must lead to information and psychological dominance of the enemy. Therefore, seeding chaos is part of what Russian military strategists refer to as the "initial period of war" — taking after Soviet military Theory but applied to modern warfare. These concepts eradicate the line between peace and war, placing politics and armed conflict in the same category. In his text, Gerasimov described the way advanced military powers in the West engage in warfare while outlining the importance of nonmilitary means to achieve military goals. He highlighted the
  • 17.
    17 primary threats toRussian sovereignty and suggested that the Kremlin's political leadership needed to be more open to innovative ideas on future security challenges.11 Gerasimov's Theory is more a tactical application of how Russia understands modern warfare. It reflects a pragmatic acceptance of the need to take what opportunities arise. What makes this chaos strategy unique is the fact that the connection between nonlinear and nonmilitary tactics is no longer an aid to the use of force but rather the equivalent of force itself. Of course, Russian military thinkers did not exclude the use of conventional forces. On the contrary, they stressed Russia's need for innovation and the wider modernization of its armed forces. Russia's "soft power" (miagkaia sila)18 is here to prepare the ground for hard power. Based on Western responses to their behavior patterns thus far, Russian leaders could conclude that time is indeed on their side.. Disorientation and distraction in the West produce more one- sided concessions and, therefore, purchase more time for Russia than victory on any battlefield. Worse yet, the second lesson that Russian leaders could draw is that risk-taking works. 18 Mikryunov, V. Yu. 2015. “Kak protivostoyat’ agressii SSHA [How to Resist U.S. Aggression].” Vestnik Akademii voennykh nauk 51, no. 2: 12-21.
  • 18.
    18 The evolution ofhybrid warfare Gerasimov doctrine is not entirely static. A significant event in the evolution of Russia's use of Gerasimov doctrine to compete against the West occurred when Gerasimov delivered a keynote speech to the Russian Academy of Military Science in March 2019. Gerasimov reported on evolutions of military strategy and military-scientific developments. The address was important in how it differed from his 2013 assessment on the use of nonlinear means to sow chaos. While presenting operational lessons learned from recent deployments in Syria, Gerasimov insisted on the use of military power as well as political-military coercion.19 Throughout his speech, Gerasimov insisted on two main "vectors" in the development of Russian military strategy: limited action and active defense. These developments will influence military 19 The Gerasimov Doctrine -It’s Russia’s new chaos theory of political warfare. And it’s probably being used on you.By MOLLY K. MCKEW September/October 2017 p23-34
  • 19.
    19 thinking and, subsequently,military procurement in the coming years and likely inform new iterations of the Russian military doctrine. All these represent, in a way, Gerasimov's personal military legacy.20 The strategy of limited action outside Russia's borders seeks to counter existing threats to Russian national interests through limited out-of-area military intervention. This largely encompasses lessons learned from operations in Syria, and to an extent, in eastern Ukraine. The strategy of active defense aims to preemptively neutralize threats through active measures. Accordingly, this would respond to Western interference, depicted by Gerasimov as a "Trojan Horse."21 This reference to the West is more confrontational than ever: it frames the United States as an "aggressor" and accuses it of developing interference strategies that combine fifth-column political warfare and color revolutions with high-tech global strike capabilities. This is linked to the preparation of the political environment through information superiority and the use of soft power by US as the main nonlinear tactic. Russia's military interventions in Syria, Venezuela, and, more recently, Libya raise the question whether the Kremlin is still opportunistic or whether it has revised its military strategy to better 20 Ibid, p45-53 21 https://privacyinternational.org/learn/five-eyes
  • 20.
    20 project force aroundthe globe based on a single playbook. These interventions have taken advantage of preexisting political division and weakness that Russia did not directly created. Together with its growing conventional power, Russia is now far more confident about using hard power. Recent events in Ukraine only further emphasize this point. Russian hybrid operations — mainly information Cyber operations — have been adapting in order to infiltrate networks, destabilize internal norms, and ultimately create an environment conducive to Russian interests in the West. Building unified network offensive network Russia allegedly is directly responsible for numerous high profile cyber-attacks; 1. Interference in the 2016 U.S. presidential elections - This operation by Russian GRU illustrated the reach and power of cyber-enabled influence operations. 2. Disruption of the Ukrainian power grid in 2015: Russian cyber actors are credited with the first publicly identified attack on a live power grid, which impacted an estimated 225,000 people. 3. Intrusions into the U.S. power grid: In 2018, the U.S. publicly accused Russia of conducting a two-year-long coordinated campaign of cyber intrusions into the U.S. grid. 4. Targeting of COVID-19 research: In July 2020, the U.S., U.K., and Canada detailed Russian-driven cyber intrusion campaigns directed against organizations conducting COVID-19 vaccine development.
  • 21.
    21 Finally, the U.S.recently directly blamed Russia for conducting cyber operations on U.S. soil . MOSCOW (Reuters) – U.S. Secretary of State Mike Pompeo said on Friday that “Russia was responsible for a cyberattack that embedded malicious code inside U.S. government software systems and those of other governments and companies across the world”.[23]22 Russia is previously mentioned, created an extensive network of proxies to deliver different types of cyber operation. They are ranging from propaganda and fake news to direct technical infiltration. Russia's cyber activity, however, does not stop at direct attacks on western infrastructure; instead, Russia is trying now to mobilize allies to the effort. Russian cyber offensive international cooperation Russia recently isn't active only on the hidden cyber front instead significant energy invest by Russian diplomacy to create its own alternative to the The "Five Eyes (FVEY)23 – alliance was formed between five anglophone countries and their security agencies: the U.S. (NSA), the U.K. 22 https://www.cfr.org/blog/iran-russia-cyber-agreement-and-us-strategy-middle-east 23 https://privacyinternational.org/learn/five-eyes
  • 22.
    22 (GCHQ), Australia (ASD),Canada (CSEC) and New Zealand (GCSB)". Russian is trying to do so by leveraging cooperation with countries that are opposed to the U.S. "2021 January, Russian Foreign Minister Sergey Lavrov and his Iranian counterpart Javad Zarif signed a cooperation agreement on cybersecurity and information and communications technology (ICT). The agreement includes cybersecurity cooperation, technology transfer, combined training, and coordination at multilateral forums, like the United Nations."24 WASHINGTON (Reuters) - A Russian military contingent that arrived in Venezuela over the weekend, drawing U.S. condemnation, is believed by the U.S. government to be made up of special forces including "cybersecurity personnel," a U.S. official told Reuters on Tuesday.25 Russia actively supports anti-western cyber activity and cooperation within countries that are in direct confrontation with the U.S. This reflects Russian general strategy to jeopardize U.S. policy as Russia sees the U.S. as its main rival on the international arena. 24 http://www.rt.com/politics/411156-russia-to-launch-independent-internet 25 https://www.reuters.com/article/us-venezuela-politics-russians-idUSKCN1R72FX
  • 23.
    23 While the levelof the cooperation isn't clear and in particular the commitment of the countries to conduct the offensive cyber activity. It is groundless to assume that this partnership is created for defense purposes only. U.S. retaliation and new Russian defense strategy U.S retaliation as response to Russian activity are of particular interest as they apparently empower Russian cyber activity “Obama also approved a previously undisclosed covert measure that authorized planting cyberweapons in Russia’s infrastructure, the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow. The project, which Obama approved in a covert-action finding, was still in its planning stages when Obama left office.”26 Some of the tools planted where apparently used this created in Russian government strong discontent with usage of western software and hardware. Russia defense agencies developed a plan to replace western companies with local software providers they also require state owned companies to replace software systems with Russian made ones. 26 https://www.washingtonpost.com/graphics/2017/world/national-security/obama-putin-election-hacking/
  • 24.
    24 Russia is inparticular worried regarding possible attack on its energy or banking sector. This leads Russia which misses significant local cyber providers except of Kaspersky to attempt to build internal and unknown to the west OS and network equipment. Recently news emerged that Russian president Vladimir Putin had approved a plan to create an independent Internet by 1 August 2018, first reported by the27 Russian news agency, R.T. The alternate Internet would be used by BRICS nations—Brazil, Russia, India, China, and South Africa—and shield them from "possible external influence," the Kremlin's press secretary, Dmitry Peskov, told R.T. "We all know who the chief administrator of the global Internet is," Peskov said. "And due to its volatility, we have to think about how to ensure our national security." To create alternative Internet, Russia would need to duplicate the hardware and software that currently manages Internet traffic. That would likely involve setting up computer servers, copying existing databases, updating security features, and reconfiguring some existing technology—in essence, they'd need their own Domain Name System (DNS), the essential technology that underlies the existing Internet and, among other things, translates domain names.28 Once on Russia's Internet, users would have access to only those websites the alternative network recognized. Let's assume Russia didn't want its users reading Georgian websites. It could eliminate the country code top-level domain (TLD) .ge from its root server and essentially disappear Georgia. 27 https://spectrum.ieee.org/tech-talk/telecom/internet/could-russia-really-build-its-own-alternate-internet 28 https://en.wikipedia.org/wiki/Domain_Name_System
  • 25.
    25 Furthermore, when itcomes to the Internet, trust is critical. Every network operator and every Internet device developer trusts that when a phone, laptop, or computer queries a DNS server, it will get a reliable and accurate response. If it doesn't, the Internet doesn't work. For years, Russia, China, and other nations have complained about how the Internet is governed. As members of the GAC, they have a vote on proposals. Nevertheless, they cannot veto decisions made by the Internet Engineering Task Force, an independent international group of network designers, operators, and researchers that oversee the Internet architecture and its operation.29 In the meantime, Russia is strong-arming the Internet in other ways. It's established a law that forces foreign companies, such as LinkedIn, booking.com, and others, to store data about its citizens on Russian servers. The role of FSB – Federal Security Service FSB's Russian intelligence agency and the successor of soviet KGB plays a central role in orchestrating the cyber activity, both internal and external. Multiple researchers highlight the agency extensive work in recruiting and developing Russian cyber capability. The influence of FSB is huge in the Russian state it inherits authority from its processor, the KGB - Committee of state defense. 29 Greenberg, Andy. 2020. “The US Blames Russia’s GRU for Sweeping Cyberattacks in Georgia.” Wired, February 20, 2020. https://www.wired.com/story/us-blames-russia-gru-sweeping-cyberattacks-georgia/
  • 26.
    26 FSB does theparticular task of developing local cyber talent by allowing criminal cyber activity and even endorsing it within some sandbox boundaries. Russia isn't known only for cyber activity on the state level. In fact, Russian hackers are as famous for cyber actions, which are performed for financial gain. Numerous high-profile Russian hackers were trailed and jailed recently in the U.S. Russia federation actively opposed the detention of these individuals. Russian high level of activity direct to prevent the extradition of cybercriminals to U.S. creates an assumption that Russia fears they may expose information about state-level cyber activity.30 An extreme and somewhat bizarre example of this Russian policy is the "Burkov" case. Burkov was arrested in Israel and extradite to the U.S. Burkov was wanted in the USA for criminal activity against U.S. citizens mainly related to credit card fraud. "Before Burkov was finally turned over to U.S. authorities, Russia had been seeking to free him from Israeli custody in a proposed prisoner swap, according to Israeli media accounts. For its part, Moscow offered to release the Israeli American woman, Na'ama Issachar, 26, who has been behind bars in Russia since last spring."31 This small event exposes Russian “dependency” while performing cyber operation on criminal organizations. While it isn’t clear if he was directly involved in any cyber activity orchestrated by FSB or GRU. The high level of Russian involvement to release him clearly demonstrates that he had access to sensitive data or knowledge regarding cyber operation. Pressure to release Burkov 30 https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a-broad-hacking- campaign-that-has-breached-us-agencies-and-a-top-cyber-firm/2020/12/13/d5a53b88-3d7d-11eb-9453- fc36ba051781_story.html 31 https://www.washingtonpost.com/local/public-safety/israel-extradites-accused-russian-computer-hacker-to-united- states/2019/11/12/e40f84ca-057b-11ea-8292-c46ee8cb3dce_story.html
  • 27.
    27 reached heads ofstate level when president Putin and PM Netanyahu negotiated the possible terms of his release. Conclusion As it seems current Russian power elite selected to challenge the West on numerous key questions of international foreign policy. However, the real divide between Russia and the West is deeper it is embodied in Russian total disrespect towards civil society, and the Russian government aims to dismantle any cultural liberal transformation of Russian society. The Russian government has a valid reason to worry that a strong civil society means citizens' control over the government's function and policies. Russia's government and President believe it seems in a more top-down approach where the government controls society on economic, mass media, and even culture domains. The Russian government uses cyber warfare mainly as a method to scare its enemies as it sees them. None of the Russian cyber-attacks so far were aimed at critical infrastructure in the West (Ukrainian power grid cyber-attack was performed as part of cyberwar with Ukraine). Although
  • 28.
    28 Russia's level ofattack tools improves the overall sophistication level of the attacks, the efficiency is mixed. It is extremely hard to tell what is the benefit of alleged Russian cyber-attacks against the Olympic games in Tokyo or WADA. The attacks again the democratic party are exceptional in sophistication and penetration level, and yes, overall Russian attacks exhibit a degree of restrain. For example, Russia avoids destroying data or creating unavoidable disruptions to an operation like the Sony attack. The reason for the Russian cyber offensive restrains the interconnected nature of the Internet. Russia is currently dependent on western software and hardware. The Russian government is well aware that the U.S. and NSA have significant cyber capabilities, as was revealed by Snowden. Therefore, Putin and other decision-makers carefully calculate the consequences of the attacks and possible western retaliation. The realization of the West's possible consequences pushed the Russian government to realize numerous projects to replace western hardware and software in government and private sectors. Currently, Russia is actively developing a sovereign O.S. Russia's success in achieving its goal of I.T. independence from the West can lead the Russian government to significantly bolder moves. Western cyber deterrence is effective only as long as Russia is part of the I.T. ecosystem led by Silicon Valley giants. Russia increasing control over the local Internet should worry the West no less than Russian intervention in Ukraine. With sovereign cyber and its sector, Russia will present a far more significant challenge and risk for the West and U.S. in particular.
  • 29.
    29 Attacking modern softwaredeveloped according to modern security practices will be a tremendous challenge for the intelligence community and the NSA. Most of the applications used currently for monitoring and security forensics will not operate on Russian OS. This can create a situation in which Russia is less accountable and can operate without fear of western retaliation in the cyber domain. As for the West, losing the ability to retaliate with cyber to Russian actions leaves only the kinetic option open. The kinetic option is, however, extremely costly and might be regarded as unjustified by public opinion. Besides, Russia's possession of a large arsenal of nuclear weapons increases the risks of any direct action taken against Russian decision-makers.
  • 30.
    30 Bibliography • Keir GIles.2016. The next phase of Russian information warfare. NATO Strategic Communications Centre of Excellencehttps://www.stratcomcoe.org/next-phase-Russian- information-warfare-keir-giles • Keir Giles, Russia’s ‘New’ Tools for Confronting the West: Continuity and Innovation in Moscow’s Exercise of Power, Research Paper (Chatham House, London: The Royal Institute of International Affairs, 2016), pp. 37-40 • Lilly B, Cheravitch J (2020) The past, present, and future of Russia’s Cyber strategy and forces. In: 12th International conference on cyber conflict (CyCon). https://ieeexplore.ieee.org/abstract/document/9131723 • Greenberg, Andy. 2017. “Petya Ransomware Epidemic May Be Spillover from Cyberwar.” Wired, June 28, 2017. https://www.wired.com/story/petya-ransomware-ukraine/. • Greenberg, Andy. 2019. Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers. New York: Doubleday. • Greenberg, Andy. 2020. “The US Blames Russia’s GRU for Sweeping Cyberattacks in Georgia.” Wired, February 20, 2020. https://www.wired.com/story/us-blames-russia-gru-sweeping- cyberattacks-georgia/ • Ignatius, David. 2017. “Russia’s Radical New Strategy for Information Warfare.” Washington Post, January 18, 2017. https://www.washingtonpost.com/blogs/post- partisan/wp/2017/01/18/russias-radical-new-strategyfor-information-warfare/. • Krikunov, A. 2011. “Kiberprostranstvo vedushchikh gosudarstv v kontekste sovremennykh vyzovov i ugroz [Cyberspace of Leading States in the Context of Contemporary Challenges and Threats]” Morskoy Sbornik 11 (November): 32-37. • Valery Gerasimov, “The Value of Science is in the Foresight: New Challenges Demand Rethinking the Forms and Methods of Carrying out Combat Operations,” Robert Coalson (ed.), in Military Review (January-February 2016), • Kritukov, Evgeniy. 2018. “Kak SShA nashli ’sotrudnikov GRU’, ’vmeshavshikhsya v vybory’ [How the United States found ‘GRU officers’, ‘interfering in the elections’].” Vzglyad, July 16, 2018. https://vz.ru/ politics/2018/7/16/932761.html. • Medvedev, Sergei. 2015. “Offense-Defense Theory Analysis of Russia Cyber Capability.” California: Naval Postgraduate School. https://pdfs.semanticscholar.org/19e3/ca12d73661182bd2a9e34dc2df81634deacf.pdf. • Mikryunov, V. Yu. 2015. “Kak protivostoyat’ agressii SSHA [How to Resist U.S. Aggression].” Vestnik Akademii voennykh nauk 51, no. 2. • https://privacyinternational.org/learn/five-eyes • https://www.cfr.org/blog/iran-russia-cyber-agreement-and-us-strategy-middle-east • http://www.rt.com/politics/411156-russia-to-launch-independent-internet/
  • 31.
    31 • https://www.jstor.org/stable/26271529?seq=14#metadata_info_tab_contents • https://direct.mit.edu/isec/article/41/3/72/12149/What-Is-the-Cyber-Offense-Defense-Balance •https://home.treasury.gov/policy-issues/financial-sanctions/sanctions-programs-and-country- information/where-is-ofacs-country-list-what-countries-do-i-need-to-worry-about-in-terms-of- us-sanctions • https://spectrum.ieee.org/tech-talk/telecom/internet/could-russia-really-build-its-own- alternate-internet • Fridman, Ofer. / On 'Gerasimov Doctrine': Why the West Fails to Beat Russia to the Punch. In: Prism. 2019 ; Vol. 8, No. 2. pp. 101-112. • Mark Galeotti, “The ‘Gerasimov Doctrine’ and Russian Non-Linear War,” In Moscow’s Shadows (6 July 2014), accessed 5 May 2016, at https:// inmoscowsshadows.wordpress.com/2014/07/06/ the-gerasimov-doctrine-and-russian-non- linearwar/; Victor R. Morris, “Grading Gerasimov: Evaluating Russian Nonlinear War Through Modern Chinese Doctrine,” in Small Wars Journal (17 September 2015), accessed 5 May 2016, at http://smallwarsjournal.com/jrnl/art/ grading-gerasimov-evaluating-russian-nonlinearwar- through-modern-chinese-doctrine • https://www.frstrategie.org/en/publications/notes/russia-policy-towards-belarus-during- alyaksandr-lukashenka-s-fifth-presidential-term-2020 • The Gerasimov Doctrine -It’s Russia’s new chaos theory of political warfare. And it’s probably being used on you.By MOLLY K. MCKEW September/October 2017 https://www.politico.com/magazine/story/2017/09/05/gerasimov-doctrine-russia-foreign- policy-215538 • https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a- broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber- firm/2020/12/13/d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html • https://en.wikipedia.org/wiki/Domain_Name_System • https://www.britannica.com/event/Kursk-submarine-disaster •