Responding To Russia´s Cyber Aggression

Uploaded on 2016-06-28 in INTELLIGENCE--International, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE-Hot Spots-Russia, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

As Russian hackers take center stage in the pantheon of cyber adversaries, NATO needs to step up and agree who’s the biggest cyber threat? Not long ago, China and its economic espionage were at the center of the Western narrative, but Russia has elbowed its way in.

“The Russian cyber threat is more severe than we had previously assessed,” US Director of National Intelligence James Clapper told Congress last year. More recently, Adm. Michael Rogers, who leads the NSA and US Cyber Command, said, “Russia has very capable cyber operators who can and do work with speed, precision and stealth.” Recent headlines include the news that Russian hackers appear to have stolen opposition research on Donald Trump, the presumptive GOP presidential nominee.

Yet even as the narrative shifts, there are two features of Russia´s cyber activities that remain too poorly known and understood in the West.

First, Russia´s greatest cyber advantage is its wealth of the most important cyber asset:  skilled and well-educated people. The government recruits and harnesses individuals with innovation and aplomb, for example, allowing its intelligence services to offer employment to hackers convicted of cyber-crimes in lieu of prison. 

But the more important trend is making common cause with criminal hacker groups: the government allows them safe haven in return for services on demand. In this way, the Russian government has been intentionally blurring the lines between cyber activists, criminals, and state-paid spies and hackers, adding a new layer of obfuscation to the tricky problem of attribution — that is, figuring out just who is behind a given attack. 

The result is a cadre of well-financed, persistent and technologically advanced “non-state groups” that can carry out various operations, and do so on a scale of a year or longer until they get what they are after. Some of the ones we know about go by the names APT28, the Dukes, Red October, Snake, and Energetic Bear.

Second, Russians acting for the government or with its approval are testing the boundaries of the cyber battlefield. Having already demonstrated its willingness to use such means in various conflicts and gray-zone confrontations, Russia is at the forefront of the global move toward a greater strategic use of cyber capabilities to persuade adversaries to change their behavior. Hackers with connections to the Kremlin have attacked, for example, a French television network, a German steelmaker, the Polish stock market, and the US State Department. These activities are carried out in pursuit of Russia´s strategic objectives.

Even if the attribution to Kremlin has been pretty clearly presented, there has been very limited political response from the West. This is encouraging – from the Russian point of view – because it is a license to act even more aggressively in the cyber domain. The coordinated attack on the Ukrainian electrical grid in December was clearly an attack on critical national infrastructure. Russia showed what it can do, when it wants. This should have awoken the West. But it did not.

It is difficult to say exactly where Russia might rank among the world’s cyber forces; governments like to keep their cyber abilities secret, and such capabilities cannot be calculated in the same way as tanks or fighter planes. Still, it is known that Vladimir Putin has poured resources and manpower into the field, creating a cyber command within the Defense Ministry to conduct cyber and information operations. 

The Russia military also has a specialized unit for cyber-attacks, while the Federal Protective Service (FSO), the Federal Security Service (FSB) and the Main Intelligence Directorate (GRU) are believed to have the lead in creating Russia´s offensive cyber capabilities. It is no stretch to assert that Russia is among the world’s top three, and when states´ level of offensive and defense capabilities are combined with their cyber dependence, Russia’s position appears to be the strongest in the world. To the Kremlin, the cyber domain offers an excellent opportunity to increase its power in world politics.

The more Russia develops its cyber capabilities, the more aggressive and confident it will become. Russia has the ability and will to conduct denial-of-service attacks, develop sophisticated malware, and exploit unknown software vulnerabilities. Unlike China, Russian cyber activities focus primarily on intelligence-gathering and military reconnaissance of critical infrastructure networks. Today’s intelligence operations enable tomorrow’s actions, and Russia is mapping networks to determine the resources necessary for future attacks.

The Russian government has stepped up its state-sponsored cyber-attacks because it perceives that there is no significant “price to pay” for such activities. This trend will continue as long as the West doesn´t push back.

A political response is now needed. The West should not tolerate Russian´s behavior in cyberspace. Western nations must develop effective ways to deal with Russia’s cyber operations and have the political courage to act against it. This is one important topic to be discussed in NATO´s upcoming summit in Warsaw. Otherwise, the West will continue to send the wrong message to Kremlin

DefenseOne:

« Top 10 Technologies For Information Security
Technology Advances Too Fast For Government »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Hodgson Russ

Hodgson Russ

Hodgson Russ is a US business law firm. Practice areas include Privacy, Data Breach & Cybersecurity.

Nubo Software

Nubo Software

Nubo’s Virtual Mobile Infrastructure creates a virtual corporate device on your employee smartphones and tablets. Enable unlimited mobility without leaving any data at risk.

herdProtect

herdProtect

herdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud.

SecuPi

SecuPi

SecuPi delivers data-centric security with data-flow discovery, real-time monitoring, behavior analytics, and protection across web and enterprise applications and big data environments.

Network Box

Network Box

Network Box is one of the world's leading Managed Security Service Providers.

Sanderson Recruitment

Sanderson Recruitment

Sanderson is a recruitment company providing expert recruitment services in areas including Cyber & Information Security.

Energia Ventures

Energia Ventures

Energia Ventures is a three-month intensive accelerator for entrepreneurs with an innovative business in the energy, smart grid, cleantech, and cybersecurity sectors.

IntaPeople

IntaPeople

IntaPeople are IT and engineering recruitment specialists. We have specialist teams for job sectors including Cybersecurity, IT infrastructure and DevOps.

SolCyber

SolCyber

SolCyber, a Forgepoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are accessible and affordable for any organization.

NGN International

NGN International

NGN International is a full-fledged systems integrator and managed security services provider established in 2015 in Bahrain.

Buchanan Technologies

Buchanan Technologies

Buchanan Technologies is a leading IT consulting and outsourcing services firm. Our methodology transforms everyday technology investments into streamlined, secure and scalable solutions.

SoftForum

SoftForum

SoftForum is a company specializing in next-generation information security solutions in the Quantum-Resistant-Cryptography (PQC) field.

Sonet.io

Sonet.io

Sonet.io is built for IT leaders that want a great experience for their remote workers, while enhancing security and observability.

Technology Mindz

Technology Mindz

Technology Mindz is a leading provider of cybersecurity services. We offer a wide range of services to help businesses. Our services are Identity and access management, Governance risk and compliance.

Effectiv

Effectiv

Effectiv is a real-time fraud & risk management platform for Financial Institutions and Fintechs.

Silicon Valley Cybersecurity Institute (SVCSI)

Silicon Valley Cybersecurity Institute (SVCSI)

SVCSI aims to investigate, develop, and promote technical excellence and the best security practices for dependable and secure systems and applications.