Information Warfare

Subversion through Misinformation, Cyber and Media Campaigns

Timeline of Instruments



Summary

Whether one references the attacks on critical infrastructure, the increasing influence of Russian media throughout the Eurasian sphere, or election meddling via misinformation, the Russian military strategy has modernized and adapted to the changing tides of warfare. On the cyber-front, the Russian government has managed to organize and coordinate formal and informal hacking networks, such as Fancy Bear and CyberBerkut. The former has successfully attacked power grids and governmental websites, while the latter has attempted to manipulate election results and orchestrated multiple DDoS attacks with the aim of paralyzing Ukrainian government websites. Never before in history has a state or non-state actor been able to cripple a state’s physical and online infrastructure to such an extent. While the physical damage of all of the attacks has been limited, Ukraine has proven to be a mere playground for what Russia has in store with regard to its cyber toolkit. Most cyber-analysts argue that the hackers had the tools and information necessary to go beyond mere DDoS attacks, but they chose not to with the purpose of pursuing the political interests of the Russian state. What happened and continues to transpire in Ukraine should encourage the United States and its allies to further develop a framework for cyberattacks on critical infrastructure, media networks, and other informal spheres, including social media. With all of this being said, many cyber-attacks staged by the Russian government didn’t exclusively target critical infrastructure; several NATO-affiliated and privately-owned websites were also taken down throughout the ongoing conflict.

In general, most of the cyberattacks happened to coincide with pivotal political events within or outside of Ukraine. For example, the most deadly attack on the power-grids in the Ivano-Frankivsk province occurred a day after the United States issued additional sanctions on Russia due to its involvement in Ukraine. Similarly, the NotPetya attack of June 2017 hit only a week after President Donald Trump met with the Ukrainian President, while the United States government added on to its sanctions on the Russian government. While this conclusion is heavily supported by the circumstantial evidence, not all of the cyberattacks have been launched as a response to either American or Ukrainian foreign policy. 

Meanwhile, the Ukrainian media landscape has undergone significant changes relating to Russian influence over the past seven years. Prior to the Russian incursion in Crimea, Ukrainian media sources dominated throughout the country though Russian media, and therefore influence, was also present. In a marked change, the media landscape became divided after the annexation with Russian media dominating the separatist and Kremlin-controlled sections of east and south Ukraine and the domestic media controlling the rest of the country. This media divide has hardened and ultimately become the new norm. Overall, trust in Russian media is low in the non-controversial areas, which is reflected in the popular news sources. Thus, Russian media, and by extension, the government, is certainly a player in the Ukrainian landscape but far from the dominant one.

Conclusions 

In order to counter attacks sponsored by the Russian government on critical infrastructure, the United States government should cooperate with local hacking groups, including Anonymous and LulzSec and fund formal governmental organizations, such as the Tailored Access Operations (TAO). The former has proven to be committed to fighting repressive regimes such as North Korean and Syrian governments, while the latter, uncovered by Edward Snowden, is a well-equipped, government-sponsored cyber intelligence group that gathers intelligence on computer systems being used by foreign entities. While this would, in effect, be an offensive strategy, it would be proportionate to the kinds of tactics that the Russian government is employing. Also, it would be wise to heed the old adage "The best defense is a good offense", considering that 2015 DOD-issued cyber strategy barely mentioned the need for a well-developed cyber offensive.

The GRU has allegedly partnered with numerous actors, including the likes of APT-28, or FancyBear, to conduct its cyberattacks in various parts of Ukraine. Thus, the United States must stoop to its level, which would entail waging an offensive cyber-operation with the aim of gaining access and information on Russia's critical infrastructure. As a result of the proportionate threat, deterrence theory would take into effect and coerce both powers to create a framework defining the legal parameters for cyber-war. Furthermore, it would provide the United States government an opportunity to encourage interagency cooperation and public-private partnerships and gain an upper-hand in the cyber-arms race. 

In addition to deploying an offensive cyber strategy, the American government must expand upon its existing framework for what constitutes a cyber-attack on critical infrastructure. The Department of Homeland Security currently identifies 16 sectors, such as communications and defense, as part of the nation’s critical infrastructure. In order to further develop a foolproof system that deters cyber-attacks on the United States, there must be a deeper examination as to which informal and formal spheres of society could be qualified as part of the framework for critical infrastructure. 

Lastly, the fact that cyberattacks on critical infrastructure usually coincide with the passage of either international sanctions, Ukrainian domestic laws, or the like, implies that the United States has both the time to prepare its defenses and to deploy an offensive counterattack. Given the timing, the United States can plan ahead before issuing additional sanctions against the Russian government. By understanding the rationale behind Russia's cyberwarfare strategy, the United States has the potential to have the upper-hand in deterring Russian action and launching a pre-emptive cyberattack against Russian critical infrastructure. 

On the media front, the United States government is somewhat limited in Ukraine especially given the media curtain. Nonetheless, it should continue and expand its support for NGOs like Internews, an international non-profit organization currently funded by USAID that works to empower media organizations and professionals. By supporting similar NGOs who seek to maintain a pluralistic media landscape, both in Ukraine and internationally, the United States can combat the disinformation spread by Russian sources.

Additionally, Ukrainians are slowly moving towards reading the news on the Internet and social media though television remains the most popular medium. Therefore, the United States should additionally adopt an Internet, social media-focused approach. Although Russian social media companies in Ukraine take a backseat to Western alternatives like Facebook, this does not minimize Russia’s potential influence on such networks. For example, Russian disinformation campaigns on Twitter and Facebook are prevalent even in the United States. While the true extent and impact of Russian bots are yet unknown, it is undeniable that the world is moving in the Internet news direction. As such, the United States should 1) determine the impact of Russian bots, 2) fund local NGOs combating Russia’s cyber media presence on both Russian and Western social media sites, and 3) promote the transparency of news sources both in the US and abroad to raise consumer awareness.


Sources

  1. Joanna Szostek. “Russia and the News Media in Ukraine: A Case of ‘Soft Power?’” East European Politics and Societies and Cultures 28, no. 3 (2014): 467.
  2. Ibid., 468.
  3. Operation Armageddon: Cyber Espionage As A Strategic Component Of Russian Modern Warfare. 2015. Ebook. 1st ed. Lookingglass Cyber Threat Intelligence Group. https://www.lookingglasscyber.com/wp content/uploads/2015/08/Operation_Armageddon_Final.pdf.
  4. Szostek, 467.
  5. "Ukraine Says Communications Hit, Mps Phones Blocked". 2014. Reuters.com. https://www.reuters.com/article/us-ukraine-crisis-cybersecurity/ukraine-says-communications-hit-mps-phones-blocked-idUSBREA231R220140304.
  6. "Ukrtelecom JSC". 2014. En.Ukrtelecom.Ua. http://www.en.ukrtelecom.ua/about/news?id=120467.
  7. "Ukraine Says Communications Hit, Mps Phones Blocked". 2014. Reuters.Com. https://www.reuters.com/article/us-ukraine-crisis-cybersecurity/ukraine-says-communications-hit-mps-phones-blocked-idUSBREA231R220140304.
  8. "Cyber Snake Plagues Ukraine Networks". 2014. Ft.Com. https://www.ft.com/content/615c29ba-a614-11e3-8a2a-00144feab7de.
  9. "Several NATO Websites Hacked In Attack Linked To Crisis In Crimea". 2014. Mail Online. http://www.dailymail.co.uk/news/article-2582071/Several-NATO-websites-hacked-cyber-attack-linked-crisis-Crimea.html.
  10. "Hackers Target Ukraine's Election Website". 2014. Phys.Org. https://phys.org/news/2014-10-hackers-ukraine-election-website.html.
  11. Jill Dougherty, Everyone Lies: The Ukraine Conflict and Russia’s Media Transformation, Harvard Kennedy School’s Shorenstein Center on Media, Politics and Public Policy, July 2014, https://shorensteincenter.org/wp-content/uploads/2014/07/d88-dougherty.pdf: 4.
  12. “Analysis of Russia’s Information Campaign Against Ukraine,” NATO Strategic Communications Centre of Excellence, 2015: 15.
  13. “Ukraine profile - Media,” BBC News, July 13, 2015, accessed November 28, 2017, http://www.bbc.com/news/world-europe-18006248.
  14. Facing Reality After Euromaiden: The Situation of Journalists and Media in Ukraine, Reporters Without Borders, June 2016, https://rsf.org/sites/default/files/journalists_and_media_in_ukraine_-_rsf_2016.pdf: 6.
  15. Ibid., 29.
  16. Ibid., 26. 
  17. “Media Consumption in Ukraine 2017,” Internews, 2017, accessed November 27, 2017, https://www.internews.org/sites/default/files/2017-09/USAID_UMedia_AnnualMediaConsumptionSurvey_2017_FULL_eng.pdf.