Russia's Experimental Hybrid War With Ukraine

Since 2014 Russia has used Ukraine as a testing ground for its hybrid warfare doctrine, underscoring what some security experts say is a case study for the new kinds of security threats the US and its Western allies can anticipate from Moscow.
 
“The threats Ukraine faces are harbingers of things to come for the US and its other allies,” said Junaid Islam, chief technology officer and president of Vidder, a California-based cybersecurity firm that does work in Ukraine. “It is in the national strategic interests of both the United States and Ukraine to cooperate deeply in cybersecurity because Ukraine is a canary in the cyberspace coal mine,” Islam said
 
A top Ukrainian security official recently disclosed a cyber warfare tactic honed by Russia in Ukraine, which could be a bellwether for Russia’s next act of political warfare against the US.
 
The Ukrainian government recently has been attacked by “undetectable” computer viruses that target “particular individuals, in particular departments, and they’re constructed based on the social understanding of social media by particular people,” Dmytro Shymkiv, deputy head of the Presidential Administration of Ukraine on Administrative, Social and Economic Reform, explained recently at  the 2017 Future in Review conference. “Russia recruit’s psychiatrists, scientists, and neurologists, who construct these things to target particular individuals,” Shymkiv said.
 
According to Ukrainian security officials, Russian agents build a psychological profile of their mark through his or her social media footprint. Then, using that information, the Russians can make personalised computer viruses, or run a social media influence operation specifically crafted with that one particular person in mind. “People say, ‘Well, that’s a science fiction.’ It’s not,” Shymkiv said. “When the annexation of Crimea took place, [Russia] shut down the internet to Ukraine, and they used social media to influence people’s behavior. And you can influence people’s behavior. You do it in a nice way, posting things to their friends, et cetera. There’s a whole factory in Russia doing this.”
 
This is known in the cybersecurity world as “social engineering”, a form of cyberattack in which people are psychologically manipulated into performing actions or divulging confidential information. According to some security experts, the best defense against this kind of threat is education. “Man is the weakest link in the chain of information technology,” said Mykhailo Vasyanovich, head of the Public Council for the Ministry of Information Policy of Ukraine. “With such cyberattacks, which are now taking place in Ukraine, it is necessary to raise the level of information technology literacy of users by conducting educational work on cybersecurity among employees of private and state enterprises,” Vasyanovich said.
 
Some experts worry this reliance on the security savvy of Internet users to fend off Russian cyberattacks might be a vulnerability for the US. “What may especially worry the US is that Russia targets influential individuals, such as journalists or political analysts, especially those of rather skeptical approach toward Moscow,” Daniel Szeligowski, senior research fellow on Ukraine for the Polish Institute of International Affairs, told The Daily Signal. “Unlike institutions or infrastructure, they don’t have state protection and are thus vulnerable to intimidation and blackmailing,” Szeligowski added. “And given the rising popularity of social media, such a threat is even more widespread.”
Hybrid War
 
Russia’s hybrid attacks against Ukraine have included, but are not limited to:
 
• Using social media to shape public opinion among an adversary’s population.
• Turning commercially available computer software into a tool for espionage and cyberwarfare.
• Exploiting smartphones to spy on and wage psychological warfare against an adversary’s military forces.
• Using cyberattacks to undermine an adversary’s electoral process.
• Using pseudo-news reports to push a propaganda line that sows division within an adversary’s national culture.
 
All of these tactics have also been used by Russia against the U.S. since Russo-American relations took a nosedive in the fallout over Russia’s military aggression against Ukraine in early 2014. “Ukraine is a perfect testing ground for hybrid warfare,” Szeligowski said. “Thus, it is no wonder that Russia has already seized the opportunity, and in Ukraine it has made a dry run of all sorts of its offensive techniques.”
 
Russian hybrid warfare is not covert warfare. Rather, it’s the combined use of conventional military force with other means such as cyberattacks and propaganda to sow chaos and confusion, both on the battlefield and deep behind the front lines.
Hybrid warfare is an evolving threat spanning every combat domain. Particularly, hybrid warfare weaponises many pieces of everyday life, including smartphones, social media networks, commercially available computer software, and journalism.
“Russia is testing in Ukraine both procedures and concepts, which later on are being applied in the West, such as during the US and French elections,” a Polish security spoke incognito, asking not to be named due to professional restrictions on speaking to the media.
 
“In short, Ukraine remains for Russia a crucial hybrid warfare battleground and testbed,” the security official said. “The Russian hybrid warfare model is being further developed, perfected, and tested as we speak. Russia’s ability to escalate rapidly across the whole spectrum of conflict makes the West prone to the ‘surprise effect.’”
 
Russia’s use of social media and cyberattacks as weapons of war might be innovative, but, at its core, it’s a modern revamp of a Cold War-era idea. Hybrid warfare is the Kremlin’s contemporary take on a Soviet military doctrine called “deep battle,” in which front-line combat operations are supported with operations to spread chaos and confusion deep within the enemy’s country. Hybrid warfare also draws on the Soviet Union’s well-documented history of “influence operations” against the US and other Western allies.
 
In effect, Russia’s overall strategy to undermine the West hasn’t changed all that much from the Soviet Union’s playbook. But the world in which those Soviet theories are now put into practice is a radically different one than during the Cold War.
 
The advent of the internet, and social media in particular, has given the Kremlin direct access to the populations of its adversaries, bypassing the gatekeeper role America’s media institutions used to play. “Everything today is digitised, including phone and mail services, and everything runs on the same network,” Kenneth Geers, ambassador of NATO’s cybersecurity center and a senior fellow at the Atlantic Council, told The Daily Signal. “There is only one Internet, and one cyberspace, inhabited by all of the world’s citizens, soldiers, spies, and statesmen.”
 
Meanwhile, Americans’ distrust in their media institutions has reached historic levels. Russia has stealthily taken advantage of Americans’ crisis of confidence in the media to permeate the US news cycle with misinformation spread by propaganda mouthpieces cloaked as alternative news sources, such as RT and Sputnik.
 
Lessons Learned
Some commercial cybersecurity firms have stepped in both to harden Ukraine’s cyber-defenses and use lessons learned from Ukraine to craft better defenses for the US to counter Russia. “With the world increasingly digital and connected, Ukraine is of strategic, vital interest to the West,” said Greg Ness, a cybersecurity specialist and vice president of marketing at Vidder. “What happens in Ukraine doesn’t stay in Ukraine.” California-based Vidder has put together a team of cybersecurity experts to comprise the core of a proposed US-Ukraine cybersecurity center with offices in Kyiv, Washington, and Silicon Valley.
 
“By ensuring that Ukraine adopts leading cybersecurity solutions and best practices, we will not only provide Ukraine with the best protection from cyberattacks, but it also helps US experts develop new and more effective technologies and strategies in the future,” Islam, Vidder’s president, said. “It will also help establish Ukraine as a secure, stable, prosperous, and reliable ally in Eastern Europe.”
 
The war in Ukraine has shaped how NATO forces are training for the next military conflict.NATO and Ukraine already cooperate in a joint center to counter hybrid warfare. The center is part of the Comprehensive Assistance Package that NATO pledged to Ukraine during the alliance’s summit in Warsaw last year.
 
According to NATO, the joint center will be “a platform for identifying lessons learned from hybrid war in Ukraine.”
For its part, the US military has reportedly been studying the war in Ukraine to shape its own military doctrine. Lt. Gen. H.R. McMaster, the Trump administration’s national security adviser, recently directed a study to analyse Russia’s hybrid warfare tactics in Ukraine in order to craft recommendations for the US Army. 
 
Not all of Russia’s hybrid warfare tactics in Ukraine would be effective against the US. “There is a yawning gap between Ukrainian and American cyber capabilities, not to mention cultural and linguistic differences between Russians and Americans,” Szeligowski said. “But it goes beyond any doubt that, at least at some point, Russia already used hybrid warfare instruments against the US, and did it effectively.”
 
Hybrid Way of Life
The effects of Russia’s proxy war against Ukraine are limited to a 250-mile-long static front line in southeastern Ukraine’s Donbas region. The war is moderated in intensity and is geographically frozen according to the rules of the February 2015 cease-fire deal, known as Minsk II. More than 10,100 Ukrainians have died so far in the war. The conflict has displaced about 1.7 million people. Yet, the physical consequences of the war are quarantined from most of the country. Outside the range of the artillery, mortars, rockets, and tank shots, you’d hardly know there was war going on.
 
On a physical battlefield, a war extends as far as the range of the weapons used. In hybrid warfare, however, the battlefield knows no limit.
 
Consequently, there’s hardly any part of Ukrainian life that hasn’t been affected by Russia’s ongoing hybrid war.
Russian cyberattacks have hit Ukraine’s power grid, water supply systems, the country’s banking system (shutting down ATMs), its largest international airport, and the electoral process.
 
In December 2016, a cyberattack, which Ukrainian officials attributed to Russia, took down one-fifth of Kyiv’s electrical grid. Since 2014, Ukrainian security services have thwarted numerous cyberattacks in which malware from abroad was used in attempts to steal classified information from Ukrainian government networks. In the eyes of Ukrainian security officials, the internet has become as much of a battlefield as the trenches in the Donbas region. The main goal of Russia’s information warfare, according to Ukrainian security officials, is to incite civil unrest throughout all of Ukraine and to undermine the government’s credibility.
 
Since 2014, Ukraine has established a Situation Center for Cybersecurity, and Ukrainian officials have fostered closer ties to Western intelligence agencies to bolster their cyber-defenses.
 
Security State
Russia’s purchase of $100,000 worth of Facebook advertisements in the run-up to the 2016 U.S. presidential election sparked a media frenzy in America and an outcry from lawmakers for social media sites to provide better transparency about the identity of those who purchase advertisements on their sites.
 
In Ukraine, Russia has been exploiting social media as a weapon of war for years.
In a sweeping ban announced in May, Ukrainian officials banned Russian internet search engines, including Yandex, as well as popular Russian social media sites such as VKontakte, which millions of Ukrainians used. The ban prompted some pushback from Ukrainians, who used these sites for many daily tasks and for social reasons. But Ukrainian officials insisted the sites posed a national security threat, which warranted the free speech trade-off.
 
Also in May, Ukraine banned commercially available Russian software, including anti-virus software from Moscow-based Kaspersky Lab, the same company US officials now say was used as a Trojan horse for Russian intelligence agencies to steal classified information from the US government. “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalise on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security,” the Department of Homeland Security said in a Sept. 13 statement posted to its website.
 
US intelligence officials said Russian intelligence services had modified anti-virus software from Kaspersky Lab to clandestinely search computers around the world for classified US government documents and top-secret information.
“Possessing a worldwide deployment of sensors may be too great a temptation for any country’s intelligence service to ignore, and Kaspersky may have been forced into a quiet business partnership with the Russian government,” Geers, the NATO cybersecurity specialist, said.
 
Similarly, news reports recently detailed how Russian military forces have been targeting the smartphones of NATO troops to gather intelligence. Ukrainian soldiers in the eastern war zone have long been advised by their leaders not to turn on their smartphones while in the war zone. Russian forces reportedly have used the cell signals emitting from Ukrainian soldiers’ phones to target its artillery. For years, Ukrainian soldiers have reported receiving death threats and demands for their surrender from their enemies over cellphone text messages.
 
New Weapons
Journalism has been one of Russia’s most lethal weapons against Ukraine. Ukrainian officials have banned a slew of Russian TV stations from broadcasting in Ukraine, and foreign journalists accused of spreading Russian propaganda have been booted out of the country. Anti-propaganda outlets in Ukraine such as StopFake.org also monitor media reports for Russian disinformation and are dedicated to setting the record straight.
 
To counter Russian propaganda in the war zone, Ukraine’s government has rebuilt its TV and radio broadcast network in the east, which Russia and its separatist proxies destroyed in the opening days of the war.
 
For years, Ukrainian citizens in eastern Ukraine could access only Russian TV channels for their news. Now, Ukraine has taken back control of the airwaves. While not as evident or as spectacular as the artillery bombardments and the tank battles, the battle for broadcast dominance in eastern Ukraine is a key piece of the overall war effort for Kyiv. After all, many Ukrainian citizens in eastern Ukraine can’t tell whether the artillery they are living under is fired from Ukrainian or Russian forces. And so long as they had access only to Russian television networks, which exclusively painted Ukrainian forces as the aggressor and, consequently, responsible for all civilian casualties, public opinion toward Ukraine’s central government was under an endless stress test as the war dragged on.
 
Now, with Ukraine able to defend itself on the airwaves, Russia has lost a potent weapon to turn the citizens of eastern Ukraine against their own government. Similarly, US lawmakers have debated how to defend the US population against Kremlin-backed news outlets, including RT (formerly Russia Today) and Sputnik, which US officials have called out as Russian propaganda mouthpieces.
 
The FBI reportedly has turned to a US law intended to prevent the spread of Nazi propaganda to determine whether the two Russian media outlets should register as foreign agents.
 
In America, as has been the case in Ukraine, manipulation of the media by a foreign power increasingly is regarded as a hostile act warranting retaliation. “America has experienced a sustained attempt by a hostile power to feed and exploit our country’s division,” former President George W. Bush said in alast year. Russia “has made a project of turning Americans against each other,” Bush said, adding, “Foreign aggressions, including cyberattacks, disinformation, and financial influence, should never be downplayed or tolerated.”
 
Daily Signal
 
You Might Also Read: 
 
Russian General Brags About Cyberwar Successes:
 
US Ready To Fight Hybrid War By 2030:
 
 
 
 
« UK Police Give Cybercrime Warning
US Cyber Soldiers Go To The Battlefield »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

iStorage

iStorage

iStorage is the leading global provider of PIN Activated, hardware encrypted, portable data storage solutions.

Cortado Mobile Solutions

Cortado Mobile Solutions

Cortado Mobile Solutions is the manufacturer of the mobile device management solution Cortado MDM.

Panzura

Panzura

Panzura optimizes enterprise data storage management and distribution in the cloud, making cloud storage simple and secure.

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

Exprivia

Exprivia

Exprivia is active in the design, development and integration of IT systems including cyber security.

Trulioo

Trulioo

Trulioo is a leading global identity and business verification company providing secure access to data sources worldwide to instantly verify consumers and businesses online.

Forensic Pathways

Forensic Pathways

Forensic Pathways focus on the provision of digital forensic technologies, offering clients unique technologies in the management of mobile phone data, image analysis and ballistics analysis.

XTN Cognitive Security

XTN Cognitive Security

XTN is focused on the development of security, Fraud and Mobile Threat Prevention advanced behaviour-based solutions.

Acuant

Acuant

Acuant is a leading global provider of identity verification, regulatory compliance (AML/KYC) and digital identity solutions.

IT Career Switch

IT Career Switch

An IT Career Switch Traineeship is the easiest way to start a new career in IT or Cybersecurity with fantastic career prospects.

Cyberstarts

Cyberstarts

Cyberstarts’ vision is to become the leading platform for amazing teams of entrepreneurs to solve the next big problems of the cybersecurity world.

Dell Technologies Capital

Dell Technologies Capital

At Dell Technologies Capital we lead investment in disruptive, early-stage startups in enterprise and cloud infrastructure.

HEQA Security

HEQA Security

HEQA Security (formerly QuantLR) offer the world’s most cost-effective, easy-to-integrate, and secure Quantum Key Distribution (QKD) solution

Moro Hub

Moro Hub

Moro Hub, a subsidiary of Digital DEWA, is a UAE-based digital data hub focused on digital transformation and operational services.

Wavenet

Wavenet

Wavenet has grown from simple beginnings to become one of the UK’s market leaders in unified communications, business telephony, and Cyber Security solutions.

RST Cloud

RST Cloud

RST Cloud is a cutting-edge technology company that specialises in threat intelligence solutions for businesses of all sizes.