Russia’s Cyberwarfare doctrine: From Hackers to H-bombs
Last Updated on Wednesday, 13 August 2008 06:30 Written by Jeff Carr Saturday, 2 February 2008 09:22
“Russia retains the right to use nuclear weapons first against the means and forces of information warfare, and then against the aggressor state itself.”
So said Colonel V.I.Tsymbal in a paper presented in Moscow at the September, 1995 Russia-U.S. conference “Evolving post Cold War National Security Issues”. Clearly, Russia takes Information Warfare very seriously. Five years later, almost to the day, Vladimir Putin officially adopted the Russian Information Security Doctrine, which addresses issues relating to computer crime and network security from threats both domestic and foreign.
This position seemed to have escaped the panel of civilian experts who were assembled for the National Intelligence Council’s October, 1999 conference “Buck Rogers or Rock Throwers” wherein the consensus view was that only the U.S. was capable of producing a technological Revolution in Military Affairs (RMA). The following “expert” was not identified, but his assessment is so spectacularly wrong that I’m wondering if it was Paul Wolfowtiz:
One expert on Russian military affairs estimated, however, that chances are small that Russia will achieve this potential—mainly because of economic, political, military, and cultural chaos. He also argued that Russian national security assessments tend to be wildly inflated and link NATO—“subjugated” to US dictates—to threats ranging from support of ethno-separatist movements in local wars to enemies at the theater and global levels. The unwillingness of the Russians to see the modern world beyond “antiquated old-regime categories” encumbers them with unaffordable military requirements.
Fortunately, both the CIA and the NSA was better informed, at least according to testimony by Lawrence Gershwin and George Tenet, “which raised the prospect of an extensive Russian cyberwarfare program.”
According to an article in Jane’s Intelligence Review on the “e-mercenary” (30/07/2001), there were an estimated 250 to 500 hackers in Russia in 1999. Of those, about ten percent were available for hire. Today, it is widely believed that Russia and the states of the former Soviet Republic supply the majority of the world’s hackers.
From a purely doctrinal standpoint, Russia and China share a similiar cyberwarfare ideology:
According to Professor Major General Vladimir Belous, “it can be predicted that the battlefield of the future will begin to shift more and more into the area of intellectual effect. An aggressor country is capable of developing, and under certain conditions executing, a scenario of information war against another state in an attempt to demolish it from within. In that way it is possible to force the enemy to surrender without using traditional kinds of weapons.” (Sergey Ishchenko, “Before the verdict is in: Computers on the attack: Cyberwars already are being depicted on Staff Maps,” Moscow Trud, June 28, 2001)
The blog WindowsonEurasia points to evidence that the FSB guides and encourages youth hackers like the ESM to act on behalf of Russian government interests. For example, in early 2007, the ESM threatened to disable the website of the Ukrainian Security Service:
ESM, the Russian radical youth organization, that has been using sophisticated computer assets capable of disrupting a government computer network and eager to do so for political reasons, also vowed to disable the website of the Ukrainian Security Service, SBU, in the near future, unless Yushchenko dismisses Valentyn Nalyvaychenko, SBU’s pro-NATO chief.
My previous post on the FSB raised the question about a relationship between them and the Russian Business Network. While no one has gone on the record to confirm that connection, it seems like a reasonable, if not obvious, marriage of convenience. And the People’s Republic of China has that exact relationship with it’s own hackers. See my post 10,000 Methods Combined as One: Chinese Hackers and Unrestricted Warfare (hat tip to commenter Stormcrow).
An excellent resource on this topic is: Cyberwarfare: An analysis of the means and motivations of selected nation states” by the Institute of Security Technology Studies at Darmouth College (November, 2004).
