Russia’s Strategy For Information Warfare

Uploaded on 2021-09-06 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Russia recently released its new National Security Strategy, or NSS, a significant official document in which the word “cyber” is conspicuously absent. The omission is not a matter of translation, it’s strategic and this offers a clear signal for Western policymakers about what Russia’s curious word choice reveals about its cyber strategy .

Russia’s goals for digital conflict are much broader than shutting down pipelines and stealing data. Kremlin officials also want to influence the minds and ultimately the behaviour of their adversaries. Indeed, Russian Minister of Defense Sergey Shoigu recently said that “information has become a weapon” while accusing the West of establishing propaganda centers in Eastern Europe.

Instead of the term “cyber security,” (кибербезопасность) the NSS speaks of “information security.” (информационная безопасность) This may seem like a semantic difference, but it is intentional and consequential in the language used by the Kremlin. With a full section in the 2021 NSS devoted to information security, unlike its  2015 predecessor, there is no doubt that the Kremlin is taking the topic very seriously. 

According to Russian military doctrine, information security falls into two complementary categories: 

  • One component is on the technical side. These activities involve operations like shutting down pipelines, stealing data, and surveilling personal devices. Most Americans know this as “cyber security.” 
  • The other element of information security is the much more subtle and downright stealthy. Rather than infrastructure and networks, this psychological side of Russian operations targets the cognitive processes of the adversary’s leaders and population. It focuses on psychological manipulation. 

Russian military strategists Chekinov and Bogdanov said, “In the ongoing revolution in information technologies, information and psychological warfare will largely lay the groundwork for victory.” The chief of staff of the Russian military, Valery Gerasimov, values nonmilitary to military measures as 4 to 1.

Western policymakers need to recognise that one of the Kremlin’s goals include being a cyber superpower. The failure to credibly deter Russia’s information operations will also have detrimental effects on the ability of the US and the West to deter Chinese information operations. 

Its not just about hacking computer systems, Russia  also wants to  disrupt democracy, polarise society and spread doubt and confusion. 

As the Biden administration continues to negotiate with Russia on ending cyber attacks, it is imperative that the US also adopt a holistic approach to information security in which both the Russian technical and cognitive components need to be addressed. Now is the time for a realistic and comprehensive approach to Russian information tactics and capabilities. 

DefenseOne:        AEI:             Industry-Update:       Daily Advent:      Albitross:      Image: Unsplash

You Might Also Read: 

Cyber Warfare Creates Ghosts In Our Machines:

 

« The Cyber Security Market Is Booming
Securing Hybrid Workplaces From Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Tanium

Tanium

Tanium delivers Autonomous Endpoint Management (AEM) with the industry’s only true real-time platform for AI.

ISTQB

ISTQB

ISTQB has defined the "ISTQB Certified Tester" scheme that has become the world-wide leader in the certification of competences in software testing.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Cybersixgill

Cybersixgill

Cybersixgill was founded with a single mission: to protect organizations against malicious cyber attacks that come from the deep and dark web, before they materialize.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

M12

M12

M12 (formerly Microsoft Ventures) is the corporate venture capital subsidiary of Microsoft.

Liberty Mutual

Liberty Mutual

Liberty Specialty Markets offers specialty and commercial insurance and reinsurance products, including Cyber, across the USA, Europe, Middle East and other international locations.

Nostra

Nostra

Nostra are a next generation managed services provider with a constant focus on Security and Business Continuity.

Cyberwatch Finland

Cyberwatch Finland

Cyberwatch Finland's services improve decision-makers’ strategic situational picture and enable successful holistic cyber risk management.

Mirai Security

Mirai Security

Mirai Security are a cyber security company that specializes in Governance, Risk Management and Compliance, Cloud Security and Application Security.

Cyber-Security Council Germany

Cyber-Security Council Germany

The German Cyber Security Council's objective is to consult businesses, government agencies and political decision-makers and to support them against cybercrime.

Semgrep

Semgrep

Semgrep is a fast, open-source, static analysis tool for profoundly improving software security and reliability.

Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2)

Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2)

IMC2 brings together resources to carry out ambitious, innovative and multidisciplinary projects in the field of cybersecurity and cyber resilience.

Incode

Incode

Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online.

Career Smarter

Career Smarter

Career Smarter offers accredited online courses in cybersecurity and other sectors, helping learners gain industry-recognised certifications.

Couno

Couno

Couno is a trusted provider of IT support services throughout the UK and Europe.