18 December 2018

Russia ramps up cyber warfare as it loses economic footing in Ukraine

BY ROBERT JOHNSTON

U.S. leaders should keep a close eye on Russian President Vladimir Putin’s cyber sleight of hand. Behind the smokescreen of multi-polar chaos, Putin is ramping up cyber warfare to keep Western powers, including the U.S., from keeping Ukraine from Russian state capture.

Russia needs Ukraine to be aligned not only because of the large ethnic Russian population there, but also because it represents the last line of defense between Moscow and the Western powers, as well as a huge economic partner. In five years, however, if current trends continue, Russia’s economic footprint in Ukraine will be diminished to such a capacity that Putin will either have to concede — or be forced into military action against the West.

Ukraine is not Putin’s only target, of course. Since 2014, Russia has also focused notable cyber attacks on Poland, Germany, France, Hungary, Belgium, Denmark, Romania, Switzerland, Austria and Spain. In addition to information warfare, Russia is using economic and foreign direct investment, plus funding and support for conservative and alt-right European political parties, to minimize the influence of Western-style democracy and convert the European powers to an authoritarian implementation of democratic principles. 

Germany, Poland and Romania have particularly felt Russia’s cyber wrath, through hacking groups APT 28 (attributed to Russian military intelligence organization GRU) and APT29 (attributed to Russian foreign Intelligence organization SVR). For example, Germany

experienced election interference, a destructive attack on a steel mill, and MiniDuke and CosmicDuke campaigns. Poland suffered from attacks on government institutions, energy companies and its financial sector, as well as election interference. And Romania was disrupted by the Snake and Uroboros rootkit hacking attacks, plus election interference. 

Those three nations drew the Kremlin’s ire because of their role in the rapidly eroding economic ties between Ukraine and Russia. Ukraine’s exports and imports to Germany, Poland and Romania have risen an average of 38 percent from 2015 to present. In contrast, exports from Ukraine to Russia have dropped an average of 61 percent from 2014 to present, while imports from Russia have dropped 42 percent from 2014 to present.

Keep in mind, the economic and funding strategies have been well documented. The Center for Strategic and International Studies (CSIS) outlined, in an October 2016 white paper, Russia’s strategy for using its economy to transform the European Union via powerful state-owned energy enterprises, like Gazprom, Rosatom, and Rosneft, along with oligarch-controlled public companies like Lukoil. 

CSIS conducted a study of five countries — Hungary, Slovakia, Bulgaria, Latvia and Serbia — and concluded that in situations where Russia’s economic footprint exceeded 12 percent of its gross domestic product (GDP), then those countries were vulnerable to Russian economic influence and capture.

More recently, The Washington Post reported in November 2018 that Russia has been using South Ossetia as a workaround to avoid economic sanctions, noting “for Moscow, the goals could not be bigger — rebuilding Russia’s influence and countering the region’s drift toward the West.” 

The Russian cyber activity that had previously focused on Europe, the Baltic States and the Caucasus, opened its aperture to include the U.S. as a principal target beginning in late 2014, when APT29 breached the State Department’s and the Executive Office of the President’s computer systems. Months later, APT29 launched an aggressive phishing campaign that led to the breach of the Chairman of the Joint Chiefs of Staff at the Pentagon and likely the first compromise of the Democratic National Committee (DNC). In April 2016, we saw the addition of Russian GRU operations at the DNC. The combination of APT29 and APT28 operations later morphed into the 2016 presidential election influence operation.

Russia’s use of cyber warfare to support its economic and political state capture actions is a critical indicator of intent. And the stakes for Russia and the West in this tug-of-war couldn’t be higher. Look for Russia to increase its cyber efforts to influence foreign policy, disrupt electoral politics, and drive hearts and minds to the right by attacking leftists and centrists in Ukraine, Poland, Germany, France and Romania.

If we are not careful, a military and geopolitical disaster could come as a surprise. 

Robert Johnston is the cyber detective who solved the Democratic National Committee hack during the 2016 U.S. presidential campaign. Johnston is the co-founder and chief executive officer at Adlumin, Inc.

No comments: