DOCSLIB.ORG

Russia's Strategy in Cyberspace

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Russia's Strategy in Cyberspace 978-9934-564-90-1 RUSSIA’S STRATEGY IN CYBERSPACE Published by the NATO Strategic Communications Centre of Excellence ISBN: 978-9934-564-90-1 Authors: Janne Hakala, Jazlyn Melnychuk Project manager: Sanda Svetoka Design: Kārlis Ulmanis Riga, June 2021 NATO STRATCOM COE 11b Kalnciema Iela Riga LV1048, Latvia www.stratcomcoe.org Facebook/stratcomcoe Twitter: @stratcomcoe Aknowledgments This publication is developed in the framework of the joint cooperation project of the NATO StratCom COE and NATO Cooperative Cyber Defence COE. We would also like to thank Dr Juha Kukkola, Dr Ieva Bērziņa, Varis Teivāns and Mark Laity for advice and review of the publication. This publication does not represent the opinions or policies of NATO or NATO StratCom COE. © All rights reserved by the NATO StratCom COE. Reports may not be copied, reproduced, distributed or publicly displayed without reference to the NATO StratCom COE. The views expressed here do not represent the views of NATO. Contents Introduction . 6 Russia’s “information confrontation” . 7 Russian conceptions of ‘cyber’ . 7 Protecting ‘information’: cognitive and technical . 7 National security interests and strategic objectives . 10 Russia’s threat perception . 11 Strategic deterrence . 12 Securing the information space - ‘digital sovereignty’ . 14 State actors and proxies . 19 Activities in cyberspace . 25 Implications and objectives . 34 Conclusion and recommendations . 36 Endnotes . 40 _______________________________________________________________________________________________________ 3 INTRODUCTION Headlines connecting Russia to the vague notion of ‘cyber’ have become daily bread for Western publics and decision makers alike. From the damage done by NotPetya or attacks against Ukraine and Georgia, to Russia’s hacking and leaking operations in US and European elections, Russia’s offensive operations are consistent threat. An increasingly important tool in what Russia views as the ongoing “information confrontation,” Russia utilizes cyber operations alongside other military and non-military means to pursue strategic objectives. On the other hand, recent years have seen attacks such as disinformation. However, Russia’s attempts to close and secure its the center of gravity in the ‘information own digital information space. By using a confrontation’ lies in peoples’ minds and combination of legal and technical means, perception of events, both domestically and the Kremlin tries to impose control both over internationally. digital infrastructure and content, efforts which are aimed at ensuring independence This report seeks to clarify the role of from the global Internet network and thus cyberspace in Russian strategic thinking. enhancing their information security. It will analyse cyber operations as a subset of Russia’s ‘information confrontation’ Russia sees activities in cyberspace as a and explore how this philosophy is put subset to the all-encompassing framework into practice. The report will examine both of ‘information confrontation,’ which is offensive measures, such as participation in derived from the Russian understanding the information war, and defensive measures, of relations between states and, more such as Russia’s efforts to secure its own specifically, a subset of the struggle information space from foreign influence. between great powers for influence in the Finally, it will conclude with several policy world. According to Russian thinkers, the recommendations for NATO strategic information confrontation is constant and communications in addressing Russia’s ongoing, and any means can be used to gain offensive activities in cyberspace. superiority in this confrontation. Activities in cyberspace are one of several tools of warfare in the information environment, including psychological operations, electronic warfare (EW), and kinetic action. In practice, cyberspace can be used both for physical attacks on infrastructure, and cognitive 4 ________________________________________________________________________________________________________ RUSSIA’S “INFORMATION CONFRONTATION” Russian Conceptions of ‘Cyber’ rather than ‘warfare’.4 This paper uses the term ‘information confrontation’ due to its Russia’s conceptualization of ‘information established status in discussions regarding confrontation’ and the role of cyberspace hostile Russian informational activities. within it is outlined in strategic policy documents, such as National Security The confrontation includes a significant Strategy (2015), Foreign Policy Concept psychological remit, whereby an actor (2016), Information Security Doctrine (2016), attempts to affect informational resources Military doctrine (2014), Conceptual Views (documents in information systems) on the Activity of the Armed Forces in the as well as the minds of the adversary’s Information Space (2016), as well as works military personnel and population at large.5 and publications by Russian military thinkers. Ultimately, cyber operations (or information- technical means) are one of many methods From the Russian perspective, cyber warfare used to gain superiority in the information or the Russian equivalent ‘information- confrontation. Russia, and particularly technological warfare,’1 is only a part of Russian President Putin’s regime, sees the the overarching concept of “information information confrontation as a constant confronta tion” (informatsionnoe protivo­ geopolitical zero-sum competition between borstvo). The Russian Ministry of Defence great powers, political and economic describes the information confrontation as systems, and civilizations.6 the clash of national interests and ideas, where superiority is sought by targeting the adversary’s information infrastructure Protecting ‘Information’: while protecting its own objects from Cognitive and Technical similar influence.2 The translation of the term informatsionnoe protivoborstvo into Publicly available Russian doctrines English has proven difficult, and has often and policy documents do not explicitly incorrectly been translated as ‘information reference cyber operations. Furthermore, warfare’3 (‘informacionnaja vojna’), despite Russian documents do not use the the fact that protivoborstvo refers to ‘counter- term ‘cybersecurity’, but refer instead to struggle’, ‘countermeasure’ or ‘counteraction’ ‘information security.’ This term differs from _______________________________________________________________________________________________________ 5 Russia perceives the information space in very geopolitical terms, with their domestic information space representing a continuation of territorial state borders, which they view as constantly being violated by foreign intrusions.13 the Western notion of ‘information security’ and websites within the information and (or in short: infosec) in that it encompasses telecommunications network of the Internet not only the protection of critical digital […], communications networks, information networks, but society’s cognitive integrity as technologies, entities involved in generating well.7 There are several reasons why Russian and processing information, developing and military thinkers apply the term ‘cyber’ when using the above technologies, and ensuring talking about Western threats and activities, information security, as well as a set of but are reluctant to link the term to Russia’s mechanisms regulating social relations in own capabilities and actions. Some authors the sphere”.9 argue that this deliberate choice is related to negative connotations around Soviet-era The information space refers to activities ‘cybernetics,’ as well as the importance the to form, transform, and store information, term ‘information security’ holds for Russia’s as well as ‘influencing individual and public own domestic politics8. consciousness, information infrastructure and information itself.’10 When discussing the operational environ- ment, Russia uses the term ‘information According to Ofer Fridman, Russia space’ (informatsionnoe prostranstvo), or conceptualizes cyberspace as the ‘information sphere’ (informatsionnaya intersection between hardware, software, sfera), which again is more comprehensive infrastructure, and content11. In this than the Western concept of ‘cyberspace’ or framework, the information-technological ‘cyber domain.’ The 2016 Russian Doctrine of layer includes hardware, software and Information Security defines theinformation infrastructure, while the information- sphere as: psychological layer includes hardware, software and content.’ Irrespective of “a combination of information, infor- the means used – technological (for matization objects, information systems example, destroying digital infrastructure) 6 ________________________________________________________________________________________________________ or psychological (manipulating a message waging information war,” in practice the on social media) – activities in cyberspace concept covers a wide array of activities are understood in terms of their effect (often with an emphasis on affecting the in the information space.12 Importantly, human mind); this includes the spreading Russia perceives the information space of disinformation, electronic warfare, in very geopolitical terms, with their the degradation of navigation support, domestic information space representing psychological pressure, and the destruction a continuation of territorial state borders, of adversary computer capabilities.15 which they view as constantly being violated by foreign intrusions.13
Load more

Recommended publications
  • Maritime Terrorism
    1 Maritime terrorism naval bases, offshore oil and gas facilities, other By Emilio Bonagiunta, Maritime Security Consultant critical infrastructure, or the maritime trade itself.ii Operations of this kind are reportedly part of Al-Qaeda's maritime strategy.iii Past here are two main forms in which attacks against oil facilities and tankers in Saudi terrorist groups benefit from the Arabia and Yemen demonstrate that terrorist T vastness and lawlessness of the sea: by networks in the region have ambitions to conducting attacks against sea-based targets and severely disrupt energy supplies from the by using the sea to transport weapons, militants Arabian Peninsula. A successful series of large- and other support means from one place to the scale attacks against the oil industry would have i other. In both cases, the low level of control and tremendous impacts on international energy law enforcement provides a beneficial markets and the global economy. It is from this environment for preparation and conduction perspective that Al-Qaeda poses a serious threat terrorist operations in the maritime domain, against maritime trade.iv unthinkable of on the ground. Yet, the fact that these fears have not Along with this, offshore assets and critical materialized can be attributed to a variety of infrastructure on the coast are seen as high-value factors: greater vigilance and measures adopted targets for terrorist groups. Operations against by sea-users and maritime security providers, the USS Cole (2000) and the tanker Limburg lack of confidence by terrorist groups in the (2002), attributed to Al-Qaeda, are good success of major attacks against sea-based examples of maritime terrorism in the Arabian targets due to insufficient expertise and Peninsula, where small crafts laden with experienced militants for conducting such explosives have proven successful in causing operations.
    [Show full text]
  • Floating Armories: a Legal Grey Area in Arms Trade and the Law of the Sea
    FLOATING ARMORIES: A LEGAL GREY AREA IN ARMS TRADE AND THE LAW OF THE SEA BY ALEXIS WILPON* ABSTRACT In response to maritime piracy concerns, shippers often hire armed guards to protect their ships. However, due to national and international laws regarding arms trade, ships are often unable to dock in foreign ports with weapons and ammunition. As a response, floating armories operate as weapons and ammuni­ tion storage facilities in international waters. By operating solely in interna­ tional waters, floating armories avoid national and international laws regard­ ing arms trade. However, there is a significant lack of regulations governing floating armories, and this leads to serious safety concerns including lack of standardized weapon storage, lack of records documenting the transfer of weapons and ammunitions, and lack of regulation from flags of convenience. Further, there is no publically available registry of floating armories and so the number of floating armories operating alongside the quantity of arms and ammunition on board is unknown. This Note suggests several solutions that will increase the transparency and safety of floating armories. Such solutions include requirements that floating armory operators register their vessels only to states in which a legitimate relationship exists, minimum standards that operators must follow, and the creation of a publically available registry. Finally, it concludes by providing alternative mechanisms by which states may exercise jurisdiction over foreign vessels operating in the High Seas. I. INTRODUCTION .................................... 874 II. THE PROBLEM OF MARITIME PIRACY ..................... 877 III. HOW FLOATING ARMORIES OPERATE..................... 878 IV. FLOATING ARMORIES AND THE LEGAL GRAY AREA............ 880 A. The Lack of Laws and Regulations .................
    [Show full text]
  • Hacking the Web
    Hacking the Web (C) 2009-2020 Arun Viswanathan Ellis Horowitz Marco Papa 1 Table of Contents } General Introduction } Authentication Attacks } Client-Side Attacks } Injection Attacks } Recent Attacks } Privacy Tools 2 (C) 2009-2020 Arun Viswanathan Ellis Horowitz Marco Papa Why secure the Web? } The Web has evolved into an ubiquitous entity providing a rich and common platform for connecting people and doing business. } BUT, the Web also offers a cheap, effective, convenient and anonymous platform for crime. } To get an idea, the Web has been used for the following types of criminal activities (source: The Web Hacking Incidents Database (WHID) http://projects.webappsec.org/w/page/13246995/Web-Hacking-Incident-Database) } Chaos (Attack on Russian nuclear power websites amid accident rumors (5Jan09) } Deceit (SAMY XSS Worm – Nov 2005) } Extortion (David Aireys domain hijacked due to a CSRF (cross site request forgery) flaw in Gmail – 30Dec2007) } Identity Theft (XSS on Yahoo! Hot jobs – Oct 2008) } Information Warfare (Israeli Gaza War - Jan 2009 / Balkan Wars – Apr 2008 ) } Monetary Loss (eBay fraud using XSS) } Physical Pain (Hackers post on epilepsy forum causes migraines and seizures – May 2008) } Political Defacements (Hacker changes news release on Sheriffs website – Jul 2008) (Obama, Oreilly and Britneys Twitter accounts hacked and malicious comments posted – Jan 09) } Chinese Gaming sites hacked (Dec. 2011) 3 Copyright(C) 2009 (c) -20092020- 2019Arun Arun Viswanathan Viswanathan Ellis HorowitzEllis Horowitz Marco Marco Papa Papa
    [Show full text]
  • Russia's Foreign Policy Change and Continuity in National Identity
    Russia’s Foreign Policy Russia’s Foreign Policy Change and Continuity in National Identity Second Edition Andrei P. Tsygankov ROWMAN & LITTLEFIELD PUBLISHERS, INC. Lanham • Boulder • New York • Toronto • Plymouth, UK Published by Rowman & Littlefield Publishers, Inc. A wholly owned subsidiary of The Rowman & Littlefield Publishing Group, Inc. 4501 Forbes Boulevard, Suite 200, Lanham, Maryland 20706 http://www.rowmanlittlefield.com Estover Road, Plymouth PL6 7PY, United Kingdom Copyright © 2010 by Rowman & Littlefield Publishers, Inc. All rights reserved. No part of this book may be reproduced in any form or by any electronic or mechanical means, including information storage and retrieval systems, without written permission from the publisher, except by a reviewer who may quote passages in a review. British Library Cataloguing in Publication Information Available Library of Congress Cataloging-in-Publication Data Tsygankov, Andrei P., 1964- Russia's foreign policy : change and continuity in national identity / Andrei P. Tsygankov. -- 2nd ed. p. cm. Includes bibliographical references and index. ISBN 978-0-7425-6752-8 (cloth : alk. paper) -- ISBN 978-0-7425-6753-5 (paper : alk. paper) -- ISBN 978-0-7425-6754-2 (electronic) 1. Russia (Federation)--Foreign relations. 2. Soviet Union--Foreign relations. 3. Great powers. 4. Russia (Federation)--Foreign relations--Western countries. 5. Western countries--Foreign relations--Russia (Federation) 6. Nationalism--Russia (Federation) 7. Social change--Russia (Federation) I. Title. DK510.764.T785 2010 327.47--dc22 2009049396 ™ The paper used in this publication meets the minimum requirements of American National Standard for Information Sciences—Permanence of Paper for Printed Library Materials, ANSI/NISO Z39.48-1992. Printed in the United States of America It is the eternal dispute between those who imagine the world to suit their policy, and those who arrange their policy to suit the realities of the world.
    [Show full text]
  • 2015 Threat Report Provides a Comprehensive Overview of the Cyber Threat Landscape Facing Both Companies and Individuals
    THREAT REPORT 2015 AT A GLANCE 2015 HIGHLIGHTS A few of the major events in 2015 concerning security issues. 08 07/15: Hacking Team 07/15: Bugs prompt 02/15: Europol joint breached, data Ford, Range Rover, 08/15: Google patches op takes down Ramnit released online Prius, Chrysler recalls Android Stagefright botnet flaw 09/15: XcodeGhost 07/15: Android 07/15: FBI Darkode tainted apps prompts Stagefright flaw 08/15: Amazon, ENFORCEMENT bazaar shutdown ATTACKS AppStore cleanup VULNERABILITY reported SECURITYPRODUCT Chrome drop Flash ads TOP MALWARE BREACHING THE MEET THE DUKES FAMILIES WALLED GARDEN The Dukes are a well- 12 18 resourced, highly 20 Njw0rm was the most In late 2015, the Apple App prominent new malware family in 2015. Store saw a string of incidents where dedicated and organized developers had used compromised tools cyberespionage group believed to be to unwittingly create apps with malicious working for the Russian Federation since behavior. The apps were able to bypass at least 2008 to collect intelligence in Njw0rm Apple’s review procedures to gain entry support of foreign and security policy decision-making. Angler into the store, and from there into an ordinary user’s iOS device. Gamarue THE CHAIN OF THE CHAIN OF Dorkbot COMPROMISE COMPROMISE: 23 The Stages 28 The Chain of Compromise Nuclear is a user-centric model that illustrates Kilim how cyber attacks combine different Ippedo techniques and resources to compromise Dridex devices and networks. It is defined by 4 main phases: Inception, Intrusion, WormLink Infection, and Invasion. INCEPTION Redirectors wreak havoc on US, Europe (p.28) INTRUSION AnglerEK dominates Flash (p.29) INFECTION The rise of rypto-ransomware (p.31) THREATS BY REGION Europe was particularly affected by the Angler exploit kit.
    [Show full text]
  • THE BLACK MARKET for SOCIAL MEDIA MANIPULATION NATO Stratcom COE Singularex
    COUNTERING THE MALICIOUS USE OF SOCIAL MEDIA THE BLACK MARKET FOR SOCIAL MEDIA MANIPULATION NATO StratCom COE Singularex ISBN 978-9934-564-31-4 ISBN: 978-9934-564-31-4 Authors: NATO StratCom COE Research: Singularex Project manager: Sebastian Bay Text editor: Anna Reynolds Design: Kārlis Ulmanis Riga, November 2018 NATO STRATCOM COE 11b Kalciema iela Riga LV1048, Latvia www.stratcomcoe.org Facebook/stratcomcoe Twitter: @stratcomcoe Singularex is a Social Media Intelligence and Analytics company based in Kharkiv, Ukraine. Website: www.singularex.com Email: [email protected] This publication does not represent the opinions or policies of NATO. © All rights reserved by the NATO StratCom COE. Reports may not be copied, reproduced, distributed or publicly displayed without reference to the NATO StratCom COE. The views expressed here are solely those of the author in his private capacity and do not in any way represent the views of NATO StratCom COE. NATO StratCom COE does not take responsibility for the views of authors expressed in their articles. Social media manipulation is undermining democracy, but it is also slowly undermining the social media business model. Introduction Around the turn of the decade, when the popularity of social media sites was really beginning to take off, few people noticed a secretly burgeoning trend — some users were artificially inflating the number of followers they had on social media to reap financial benefits. Even fewer noticed that organisations such as the Internet Research Agency were exploiting these new techniques for political gain. Only when this innovation in information warfare was deployed against Ukraine in 2014 did the world finally become aware of a practice that has now exploded into federal indictments,1 congressional hearings,2 and a European Union Code of Practice on Disinformation.3 At the heart of this practice, weaponised by states and opportunists alike, is a flourishing black market where buyers and sellers meet to trade in clicks, likes, and shares.
    [Show full text]
  • Moonlight Maze,’ Perhaps the Oldest Publicly Acknowledged State Actor, Has Evaded Open Forensic Analysis
    PENQUIN’S MOONLIT MAZE The Dawn of Nation-State Digital Espionage Juan Andres Guerrero-Saade, Costin Raiu (GReAT) Daniel Moore, Thomas Rid (King’s College London) The origins of digital espionage remain hidden in the dark. In most cases, codenames and fragments of stories are all that remains of the ‘prehistoric’ actors that pioneered the now- ubiquitous practice of computer network exploitation. The origins of early operations, tools, and tradecraft are largely unknown: official documents will remain classified for years and decades to come; memories of investigators are eroding as time passes; and often precious forensic evidence is discarded, destroyed, or simply lost as storage devices age. Even ‘Moonlight Maze,’ perhaps the oldest publicly acknowledged state actor, has evaded open forensic analysis. Intrusions began as early as 1996. The early targets: a vast number of US military and government networks, including Wright Patterson and Kelly Air Force Bases, the Army Research Lab, the Naval Sea Systems Command in Indian Head, Maryland, NASA, and the Department of Energy labs. By mid-1998 the FBI and Department of Defense investigators had forensic evidence pointing to Russian ISPs. After a Congressional hearing in late February 1999, news of the FBI’s vast investigation leaked to the public.1 However, little detail ever surfaced regarding the actual means and procedures of this threat actor. Eventually the code name was replaced (with the attackers’ improved intrusion set dubbed Storm Cloud’, and later ‘Makers Mark’) and the original ‘MM’ faded into obscurity without proper technical forensic artefacts to tie these cyberespionage pioneers to the modern menagerie of APT actors we are now all too familiar with.
    [Show full text]
  • Inside Russia's Intelligence Agencies
    EUROPEAN COUNCIL ON FOREIGN BRIEF POLICY RELATIONS ecfr.eu PUTIN’S HYDRA: INSIDE RUSSIA’S INTELLIGENCE SERVICES Mark Galeotti For his birthday in 2014, Russian President Vladimir Putin was treated to an exhibition of faux Greek friezes showing SUMMARY him in the guise of Hercules. In one, he was slaying the • Russia’s intelligence agencies are engaged in an “hydra of sanctions”.1 active and aggressive campaign in support of the Kremlin’s wider geopolitical agenda. The image of the hydra – a voracious and vicious multi- headed beast, guided by a single mind, and which grows • As well as espionage, Moscow’s “special services” new heads as soon as one is lopped off – crops up frequently conduct active measures aimed at subverting in discussions of Russia’s intelligence and security services. and destabilising European governments, Murdered dissident Alexander Litvinenko and his co-author operations in support of Russian economic Yuri Felshtinsky wrote of the way “the old KGB, like some interests, and attacks on political enemies. multi-headed hydra, split into four new structures” after 1991.2 More recently, a British counterintelligence officer • Moscow has developed an array of overlapping described Russia’s Foreign Intelligence Service (SVR) as and competitive security and spy services. The a hydra because of the way that, for every plot foiled or aim is to encourage risk-taking and multiple operative expelled, more quickly appear. sources, but it also leads to turf wars and a tendency to play to Kremlin prejudices. The West finds itself in a new “hot peace” in which many consider Russia not just as an irritant or challenge, but • While much useful intelligence is collected, as an outright threat.
    [Show full text]
  • On Strategy: a Primer Edited by Nathan K. Finney
    Cover design by Dale E. Cordes, Army University Press On Strategy: A Primer Edited by Nathan K. Finney Combat Studies Institute Press Fort Leavenworth, Kansas An imprint of The Army University Press Library of Congress Cataloging-in-Publication Data Names: Finney, Nathan K., editor. | U.S. Army Combined Arms Cen- ter, issuing body. Title: On strategy : a primer / edited by Nathan K. Finney. Other titles: On strategy (U.S. Army Combined Arms Center) Description: Fort Leavenworth, Kansas : Combat Studies Institute Press, US Army Combined Arms Center, 2020. | “An imprint of The Army University Press.” | Includes bibliographical references. Identifiers: LCCN 2020020512 (print) | LCCN 2020020513 (ebook) | ISBN 9781940804811 (paperback) | ISBN 9781940804811 (Adobe PDF) Subjects: LCSH: Strategy. | Strategy--History. Classification: LCC U162 .O5 2020 (print) | LCC U162 (ebook) | DDC 355.02--dc23 | SUDOC D 110.2:ST 8. LC record available at https://lccn.loc.gov/2020020512. LC ebook record available at https://lccn.loc.gov/2020020513. 2020 Combat Studies Institute Press publications cover a wide variety of military topics. The views ex- pressed in this CSI Press publication are those of the author(s) and not necessarily those of the Depart- ment of the Army or the Department of Defense. A full list of digital CSI Press publications is available at https://www.armyu- press.army.mil/Books/combat-studies-institute. The seal of the Combat Studies Institute authenticates this document as an of- ficial publication of the CSI Press. It is prohibited to use the CSI’s official seal on any republication without the express written permission of the director. Editors Diane R.
    [Show full text]
  • The Fifth User January 28
    UNCLASSIFIED The Fifth User January 28 Project VENONA is now well known publicly. VENONA refers to Soviet espionage messages that were solved in part or in whole by the U.S. cryptologic services. The Soviet cryptosystem was based on a one-time pad that was misused, and therefore vulnerable to American cryptanalysts. The cryptosystem was used by the USSR’s diplomatic service and its office for acquiring lend-lease equipment from the United States during World War II. This Soviet system was in use from 1941 to 1945, but was not solved until the late 1940s, after the war, and the most usable product based on the decrypts was issued in the 1950s. In addition, the cryptosystem was used by the espionage organization best known as the KGB. When people think of VENONA decrypts, they most often mean KGB communications. However, there were other users of the flawed system. The fifth user of the cryptosystem was known in English as GRU-Naval. Its communications referred to espionage operations controlled by the Naval Intelligence headquarters in Moscow. The senior representative in the U.S. was Captain, later Commodore, I. A. Egorichev, the USSR’s naval attaché in Washington. During his career he had commanded a destroyer in the Soviet’s Baltic fleet, and had served as naval attaché in Tokyo. In addition to legal duties in his overt position, Captain Egorichev conducted intelligence activities against the United States. The GRU-Naval cryptosystem worked in the same way the KGB and GRU systems did. Message text was encoded into numbers from a codebook, then the numbers were superenciphered with numbers from a one-time pad.
    [Show full text]
  • Cyber-Conflict Between the United States of America and Russia CSS
    CSS CYBER DEFENSE PROJECT Hotspot Analysis: Cyber-conflict between the United States of America and Russia Zürich, June 2017 Version 1 Risk and Resilience Team Center for Security Studies (CSS), ETH Zürich Cyber-conflict between the United States of America and Russia Authors: Marie Baezner, Patrice Robin © 2017 Center for Security Studies (CSS), ETH Zürich Contact: Center for Security Studies Haldeneggsteig 4 ETH Zürich CH-8092 Zurich Switzerland Tel.: +41-44-632 40 25 [email protected] www.css.ethz.ch Analysis prepared by: Center for Security Studies (CSS), ETH Zürich ETH-CSS project management: Tim Prior, Head of the Risk and Resilience Research Group; Myriam Dunn Cavelty, Deputy Head for Research and Teaching; Andreas Wenger, Director of the CSS Disclaimer: The opinions presented in this study exclusively reflect the authors’ views. Please cite as: Baezner, Marie; Robin, Patrice (2017): Hotspot Analysis: Cyber-conflict between the United States of America and Russia, June 2017, Center for Security Studies (CSS), ETH Zürich. 2 Cyber-conflict between the United States of America and Russia Table of Contents 1 Introduction 5 2 Background and chronology 6 3 Description 9 3.1 Tools and techniques 9 3.2 Targets 10 3.3 Attribution and actors 10 4 Effects 11 4.1 Social and internal political effects 11 4.2 Economic effects 13 4.3 Technological effects 13 4.4 International effects 13 5 Consequences 14 5.1 Improvement of cybersecurity 14 5.2 Raising awareness of propaganda and misinformation 15 5.3 Observation of the evolution of relations between the USA and Russia 15 5.4 Promotion of Confidence Building Measures 16 6 Annex 1 17 7 Glossary 18 8 Abbreviations 19 9 Bibliography 19 3 Cyber-conflict between the United States of America and Russia Executive Summary Effects Targets: US State institutions and a political The analysis found that the tensions between the party.
    [Show full text]
  • How the Kremlin Weaponizes Information, Culture and Money by Peter Pomerantsev and Michael Weiss
    The Menace of Unreality: How the Kremlin Weaponizes Information, Culture and Money by Peter Pomerantsev and Michael Weiss A Special Report presented by The Interpreter, a project of the Institute of Modern Russia imrussia.org interpretermag.com The Institute of Modern Russia (IMR) is a nonprofit, nonpartisan public policy organization—a think tank based in New York. IMR’s mission is to foster democratic and economic development in Russia through research, advocacy, public events, and grant-making. We are committed to strengthening respect for human rights, the rule of law, and civil society in Russia. Our goal is to promote a principles- based approach to US-Russia relations and Russia’s integration into the community of democracies. The Interpreter is a daily online journal dedicated primarily to translating media from the Russian press and blogosphere into English and reporting on events inside Russia and in countries directly impacted by Russia’s foreign policy. Conceived as a kind of “Inopressa in reverse,” The Interpreter aspires to dismantle the language barrier that separates journalists, Russia analysts, policymakers, diplomats and interested laymen in the English-speaking world from the debates, scandals, intrigues and political developments taking place in the Russian Federation. CONTENTS Introductions ...................................................................... 4 Executive Summary ........................................................... 6 Background ........................................................................
    [Show full text]