Russia’s Strategy For Information Warfare

Uploaded on 2021-09-06 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Russia recently released its new National Security Strategy, or NSS, a significant official document in which the word “cyber” is conspicuously absent. The omission is not a matter of translation, it’s strategic and this offers a clear signal for Western policymakers about what Russia’s curious word choice reveals about its cyber strategy .

Russia’s goals for digital conflict are much broader than shutting down pipelines and stealing data. Kremlin officials also want to influence the minds and ultimately the behaviour of their adversaries. Indeed, Russian Minister of Defense Sergey Shoigu recently said that “information has become a weapon” while accusing the West of establishing propaganda centers in Eastern Europe.

Instead of the term “cyber security,” (кибербезопасность) the NSS speaks of “information security.” (информационная безопасность) This may seem like a semantic difference, but it is intentional and consequential in the language used by the Kremlin. With a full section in the 2021 NSS devoted to information security, unlike its  2015 predecessor, there is no doubt that the Kremlin is taking the topic very seriously. 

According to Russian military doctrine, information security falls into two complementary categories: 

  • One component is on the technical side. These activities involve operations like shutting down pipelines, stealing data, and surveilling personal devices. Most Americans know this as “cyber security.” 
  • The other element of information security is the much more subtle and downright stealthy. Rather than infrastructure and networks, this psychological side of Russian operations targets the cognitive processes of the adversary’s leaders and population. It focuses on psychological manipulation. 

Russian military strategists Chekinov and Bogdanov said, “In the ongoing revolution in information technologies, information and psychological warfare will largely lay the groundwork for victory.” The chief of staff of the Russian military, Valery Gerasimov, values nonmilitary to military measures as 4 to 1.

Western policymakers need to recognise that one of the Kremlin’s goals include being a cyber superpower. The failure to credibly deter Russia’s information operations will also have detrimental effects on the ability of the US and the West to deter Chinese information operations. 

Its not just about hacking computer systems, Russia  also wants to  disrupt democracy, polarise society and spread doubt and confusion. 

As the Biden administration continues to negotiate with Russia on ending cyber attacks, it is imperative that the US also adopt a holistic approach to information security in which both the Russian technical and cognitive components need to be addressed. Now is the time for a realistic and comprehensive approach to Russian information tactics and capabilities. 

DefenseOne:        AEI:             Industry-Update:       Daily Advent:      Albitross:      Image: Unsplash

You Might Also Read: 

Cyber Warfare Creates Ghosts In Our Machines:

 

« The Cyber Security Market Is Booming
Securing Hybrid Workplaces From Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CERT-SE

CERT-SE

CERT-SE is the national and governmental Computer Security Incident Response Team of Sweden.

a1qa

a1qa

a1qa specializes in the delivery of full-cycle software QA and application testing services.

Menlo Security

Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email.

CERT Bulgaria (CERT.BG)

CERT Bulgaria (CERT.BG)

CERT Bulfaria is the National Computer Security Incidents Response Team for Bulgaria.

Greenbone Networks

Greenbone Networks

Greenbone Networks delivers a vulnerability analysis solution for enterprise IT which includes reporting and security change management.

Decision Group

Decision Group

Decision Group are a Total Solution Supplier offering Network Forensics and Lawful Interception tools.

Resilience First

Resilience First

Resilience First is a not-for-profit organisation, led and funded by business to strengthen collective business resilience in all areas, including cyber security.

ComCERT

ComCERT

ComCERT SA is an independent, private consulting company focusing in the assistance of its customers facing the dangers of cyber threats and security incidents.

CYRail

CYRail

CYRail project will analyse threats targeting Railway infrastructures and develop innovative attack detection and alerting techniques.

Avocado Consulting

Avocado Consulting

Avocado helps clients deliver with certainty on their complex IT change, with technology services that automate, monitor and optimise.

Utimaco

Utimaco

UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions.

Cybalt

Cybalt

Cybalt is a security services company that provides end-to-end security solutions to help clients achieve their business goals.

CyBourn

CyBourn

Cybourn's diverse offerings include engineering, analysis, product development, assessment, and advisory services in the cybersecurity space.

Kodem Security

Kodem Security

Our mission is to make AppSec simple. Meet the world’s first dynamic software composition analysis platform. Only Kodem uses runtime intelligence to determine application risk.

Lintu Solutions

Lintu Solutions

Lintu Solutions is a trusted provider of comprehensive cybersecurity and enterprise risk management solutions.

Blue Mantis

Blue Mantis

Blue Mantis is a security-first, IT solutions and services provider with a 30+ year history of successfully helping clients achieve business modernization.