Russia’s quest to project itself on the international scene as a great power and reclaim the status lost following the dissolution of the USSR in 1991, involves an increasing use of hybrid warfare, which some refer to as the Gerasimov Doctrine. Hybrid warfare limits reliance on direct conventional force, and instead uses a wide range of hostile actions, such as cyber warfare or the use of propaganda. Recently, Russia’s hybrid warfare campaigns have increasingly relied on cyber warfare as a geopolitical tool to exert influence on other countries. Thus, in the face of Russia’s growing strength in cyberspace, NATO must quickly adapt if it wants to have the upper hand.
Russian cyber warfare
Over the past few years, Russia has increasingly used cyber warfare as part of its military doctrine to hack or spy on other countries. Its strategy also involves spreading fake news to discredit opponents and using “trolls” that comment on social media or write blogs propagating views similar to that of the Kremlin. Cyber warfare was first used by Russia in 2007 against Estonia, following the removal of a WWII-era Bronze Soviet Soldier memorial in Tallinn. Cyber-attacks lasted for 3 weeks and targeted newspapers, banks, and government officials. Russia employed similar tactics during the war against Georgia in 2008, hacking media outlets, the Georgian Parliament, and the website of the Georgian President. More recently, throughout the 2014 conflict in Ukraine, Russian cyber-attacks targeted the finance and defence ministries, and Kiev’s power grid.
The list of victims of Russian cyber warfare is slowly growing as the months go by, and currently includes various countries, corporations, and institutions such as Germany, Finland, the United States, TV5 Monde (France), and the OSCE. Likewise, cyber attacks against the European Union or NATO have been steadily rising in the past few years. In the face of such attacks, it seems no one is safe from Russia’s cyber strategy.
Recruiting hackers
Amongst Russia’s top hacker groups is APT 28, which was deemed responsible for the release of Hillary Clinton’s emails following the hack on the Democratic National Committee in 2016, and for trying to hack the German Parliament, and Angela Merkel’s CDU party in 2015. One of the tactics employed by the group is phishing, a method in which targets receive an email with attachments containing malware that contaminates their device. Many defence analysts believe APT 28 has direct links to the Kremlin and to the GRU, Russia’s main intelligence agency.
This is only the tip of the iceberg when it comes to Russia’s cyber army. Since 2013, the Russian Defence Ministry has been hiring a growing number of hackers directly from universities, prisons, and corporations to boost Russia’s cyber warfare arsenal. The Russian government supposedly spends USD 300 million per year on its cyber offensive force of approximately 1,000 people. However, it must be noted that Russia’s cyber force remains weaker than that of the United States, which has also been growing in strength over the past number of decades.
Could Russian cyber warfare undermine article 5?
In the face of Russia’s growing cyber strength, NATO’s cyber response has been based on re-enforcing its cyber defence by locking down its own networks and re-enforcing the cyber protection of its weakest member states. However, while the Alliance has been developing its cyber defence capabilities by conducting cyber exercises and increasing cooperation between NATO members, it has yet to acquire offensive cyber capabilities or mechanisms that would incorporate the use of cyber services of some of its strongest members, such as the United States or Great Britain. Consequently, if the Alliance is attacked and its cyber defence fails, it is unsure whether it will be capable of deploying a collective offensive cyber response in retaliation.
More importantly, due to heightening tensions between NATO and Russia in the Baltic region, Russia may use cyber warfare against a Baltic state to test the strength and unity of the Alliance. If well-calibrated, and used along with other forms of hybrid warfare for a short period of time, such an attack could undermine the credibility of NATO’s article 5 if it is unanswered by the Alliance. This lack of solidarity, while damaging the credibility of the Alliance, would be an immense symbolic victory for Russia. Thus, to limit the probability of such an event occurring, NATO must boost its cyber defences and develop stronger offensive cyber warfare capabilities.
Photo: Grand Palace of the Moscow Kremlin (2012), © Alexander Savin via Wikimedia Commons. Licensed under CC BY-SA 3.0.
Disclaimer: Any views or opinions expressed in articles are solely those of the authors and do not necessarily represent the views of the NATO Association of Canada.