Russia's Experimental Hybrid War With Ukraine

Since 2014 Russia has used Ukraine as a testing ground for its hybrid warfare doctrine, underscoring what some security experts say is a case study for the new kinds of security threats the US and its Western allies can anticipate from Moscow.
 
“The threats Ukraine faces are harbingers of things to come for the US and its other allies,” said Junaid Islam, chief technology officer and president of Vidder, a California-based cybersecurity firm that does work in Ukraine. “It is in the national strategic interests of both the United States and Ukraine to cooperate deeply in cybersecurity because Ukraine is a canary in the cyberspace coal mine,” Islam said
 
A top Ukrainian security official recently disclosed a cyber warfare tactic honed by Russia in Ukraine, which could be a bellwether for Russia’s next act of political warfare against the US.
 
The Ukrainian government recently has been attacked by “undetectable” computer viruses that target “particular individuals, in particular departments, and they’re constructed based on the social understanding of social media by particular people,” Dmytro Shymkiv, deputy head of the Presidential Administration of Ukraine on Administrative, Social and Economic Reform, explained recently at  the 2017 Future in Review conference. “Russia recruit’s psychiatrists, scientists, and neurologists, who construct these things to target particular individuals,” Shymkiv said.
 
According to Ukrainian security officials, Russian agents build a psychological profile of their mark through his or her social media footprint. Then, using that information, the Russians can make personalised computer viruses, or run a social media influence operation specifically crafted with that one particular person in mind. “People say, ‘Well, that’s a science fiction.’ It’s not,” Shymkiv said. “When the annexation of Crimea took place, [Russia] shut down the internet to Ukraine, and they used social media to influence people’s behavior. And you can influence people’s behavior. You do it in a nice way, posting things to their friends, et cetera. There’s a whole factory in Russia doing this.”
 
This is known in the cybersecurity world as “social engineering”, a form of cyberattack in which people are psychologically manipulated into performing actions or divulging confidential information. According to some security experts, the best defense against this kind of threat is education. “Man is the weakest link in the chain of information technology,” said Mykhailo Vasyanovich, head of the Public Council for the Ministry of Information Policy of Ukraine. “With such cyberattacks, which are now taking place in Ukraine, it is necessary to raise the level of information technology literacy of users by conducting educational work on cybersecurity among employees of private and state enterprises,” Vasyanovich said.
 
Some experts worry this reliance on the security savvy of Internet users to fend off Russian cyberattacks might be a vulnerability for the US. “What may especially worry the US is that Russia targets influential individuals, such as journalists or political analysts, especially those of rather skeptical approach toward Moscow,” Daniel Szeligowski, senior research fellow on Ukraine for the Polish Institute of International Affairs, told The Daily Signal. “Unlike institutions or infrastructure, they don’t have state protection and are thus vulnerable to intimidation and blackmailing,” Szeligowski added. “And given the rising popularity of social media, such a threat is even more widespread.”
Hybrid War
 
Russia’s hybrid attacks against Ukraine have included, but are not limited to:
 
• Using social media to shape public opinion among an adversary’s population.
• Turning commercially available computer software into a tool for espionage and cyberwarfare.
• Exploiting smartphones to spy on and wage psychological warfare against an adversary’s military forces.
• Using cyberattacks to undermine an adversary’s electoral process.
• Using pseudo-news reports to push a propaganda line that sows division within an adversary’s national culture.
 
All of these tactics have also been used by Russia against the U.S. since Russo-American relations took a nosedive in the fallout over Russia’s military aggression against Ukraine in early 2014. “Ukraine is a perfect testing ground for hybrid warfare,” Szeligowski said. “Thus, it is no wonder that Russia has already seized the opportunity, and in Ukraine it has made a dry run of all sorts of its offensive techniques.”
 
Russian hybrid warfare is not covert warfare. Rather, it’s the combined use of conventional military force with other means such as cyberattacks and propaganda to sow chaos and confusion, both on the battlefield and deep behind the front lines.
Hybrid warfare is an evolving threat spanning every combat domain. Particularly, hybrid warfare weaponises many pieces of everyday life, including smartphones, social media networks, commercially available computer software, and journalism.
“Russia is testing in Ukraine both procedures and concepts, which later on are being applied in the West, such as during the US and French elections,” a Polish security spoke incognito, asking not to be named due to professional restrictions on speaking to the media.
 
“In short, Ukraine remains for Russia a crucial hybrid warfare battleground and testbed,” the security official said. “The Russian hybrid warfare model is being further developed, perfected, and tested as we speak. Russia’s ability to escalate rapidly across the whole spectrum of conflict makes the West prone to the ‘surprise effect.’”
 
Russia’s use of social media and cyberattacks as weapons of war might be innovative, but, at its core, it’s a modern revamp of a Cold War-era idea. Hybrid warfare is the Kremlin’s contemporary take on a Soviet military doctrine called “deep battle,” in which front-line combat operations are supported with operations to spread chaos and confusion deep within the enemy’s country. Hybrid warfare also draws on the Soviet Union’s well-documented history of “influence operations” against the US and other Western allies.
 
In effect, Russia’s overall strategy to undermine the West hasn’t changed all that much from the Soviet Union’s playbook. But the world in which those Soviet theories are now put into practice is a radically different one than during the Cold War.
 
The advent of the internet, and social media in particular, has given the Kremlin direct access to the populations of its adversaries, bypassing the gatekeeper role America’s media institutions used to play. “Everything today is digitised, including phone and mail services, and everything runs on the same network,” Kenneth Geers, ambassador of NATO’s cybersecurity center and a senior fellow at the Atlantic Council, told The Daily Signal. “There is only one Internet, and one cyberspace, inhabited by all of the world’s citizens, soldiers, spies, and statesmen.”
 
Meanwhile, Americans’ distrust in their media institutions has reached historic levels. Russia has stealthily taken advantage of Americans’ crisis of confidence in the media to permeate the US news cycle with misinformation spread by propaganda mouthpieces cloaked as alternative news sources, such as RT and Sputnik.
 
Lessons Learned
Some commercial cybersecurity firms have stepped in both to harden Ukraine’s cyber-defenses and use lessons learned from Ukraine to craft better defenses for the US to counter Russia. “With the world increasingly digital and connected, Ukraine is of strategic, vital interest to the West,” said Greg Ness, a cybersecurity specialist and vice president of marketing at Vidder. “What happens in Ukraine doesn’t stay in Ukraine.” California-based Vidder has put together a team of cybersecurity experts to comprise the core of a proposed US-Ukraine cybersecurity center with offices in Kyiv, Washington, and Silicon Valley.
 
“By ensuring that Ukraine adopts leading cybersecurity solutions and best practices, we will not only provide Ukraine with the best protection from cyberattacks, but it also helps US experts develop new and more effective technologies and strategies in the future,” Islam, Vidder’s president, said. “It will also help establish Ukraine as a secure, stable, prosperous, and reliable ally in Eastern Europe.”
 
The war in Ukraine has shaped how NATO forces are training for the next military conflict.NATO and Ukraine already cooperate in a joint center to counter hybrid warfare. The center is part of the Comprehensive Assistance Package that NATO pledged to Ukraine during the alliance’s summit in Warsaw last year.
 
According to NATO, the joint center will be “a platform for identifying lessons learned from hybrid war in Ukraine.”
For its part, the US military has reportedly been studying the war in Ukraine to shape its own military doctrine. Lt. Gen. H.R. McMaster, the Trump administration’s national security adviser, recently directed a study to analyse Russia’s hybrid warfare tactics in Ukraine in order to craft recommendations for the US Army. 
 
Not all of Russia’s hybrid warfare tactics in Ukraine would be effective against the US. “There is a yawning gap between Ukrainian and American cyber capabilities, not to mention cultural and linguistic differences between Russians and Americans,” Szeligowski said. “But it goes beyond any doubt that, at least at some point, Russia already used hybrid warfare instruments against the US, and did it effectively.”
 
Hybrid Way of Life
The effects of Russia’s proxy war against Ukraine are limited to a 250-mile-long static front line in southeastern Ukraine’s Donbas region. The war is moderated in intensity and is geographically frozen according to the rules of the February 2015 cease-fire deal, known as Minsk II. More than 10,100 Ukrainians have died so far in the war. The conflict has displaced about 1.7 million people. Yet, the physical consequences of the war are quarantined from most of the country. Outside the range of the artillery, mortars, rockets, and tank shots, you’d hardly know there was war going on.
 
On a physical battlefield, a war extends as far as the range of the weapons used. In hybrid warfare, however, the battlefield knows no limit.
 
Consequently, there’s hardly any part of Ukrainian life that hasn’t been affected by Russia’s ongoing hybrid war.
Russian cyberattacks have hit Ukraine’s power grid, water supply systems, the country’s banking system (shutting down ATMs), its largest international airport, and the electoral process.
 
In December 2016, a cyberattack, which Ukrainian officials attributed to Russia, took down one-fifth of Kyiv’s electrical grid. Since 2014, Ukrainian security services have thwarted numerous cyberattacks in which malware from abroad was used in attempts to steal classified information from Ukrainian government networks. In the eyes of Ukrainian security officials, the internet has become as much of a battlefield as the trenches in the Donbas region. The main goal of Russia’s information warfare, according to Ukrainian security officials, is to incite civil unrest throughout all of Ukraine and to undermine the government’s credibility.
 
Since 2014, Ukraine has established a Situation Center for Cybersecurity, and Ukrainian officials have fostered closer ties to Western intelligence agencies to bolster their cyber-defenses.
 
Security State
Russia’s purchase of $100,000 worth of Facebook advertisements in the run-up to the 2016 U.S. presidential election sparked a media frenzy in America and an outcry from lawmakers for social media sites to provide better transparency about the identity of those who purchase advertisements on their sites.
 
In Ukraine, Russia has been exploiting social media as a weapon of war for years.
In a sweeping ban announced in May, Ukrainian officials banned Russian internet search engines, including Yandex, as well as popular Russian social media sites such as VKontakte, which millions of Ukrainians used. The ban prompted some pushback from Ukrainians, who used these sites for many daily tasks and for social reasons. But Ukrainian officials insisted the sites posed a national security threat, which warranted the free speech trade-off.
 
Also in May, Ukraine banned commercially available Russian software, including anti-virus software from Moscow-based Kaspersky Lab, the same company US officials now say was used as a Trojan horse for Russian intelligence agencies to steal classified information from the US government. “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalise on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security,” the Department of Homeland Security said in a Sept. 13 statement posted to its website.
 
US intelligence officials said Russian intelligence services had modified anti-virus software from Kaspersky Lab to clandestinely search computers around the world for classified US government documents and top-secret information.
“Possessing a worldwide deployment of sensors may be too great a temptation for any country’s intelligence service to ignore, and Kaspersky may have been forced into a quiet business partnership with the Russian government,” Geers, the NATO cybersecurity specialist, said.
 
Similarly, news reports recently detailed how Russian military forces have been targeting the smartphones of NATO troops to gather intelligence. Ukrainian soldiers in the eastern war zone have long been advised by their leaders not to turn on their smartphones while in the war zone. Russian forces reportedly have used the cell signals emitting from Ukrainian soldiers’ phones to target its artillery. For years, Ukrainian soldiers have reported receiving death threats and demands for their surrender from their enemies over cellphone text messages.
 
New Weapons
Journalism has been one of Russia’s most lethal weapons against Ukraine. Ukrainian officials have banned a slew of Russian TV stations from broadcasting in Ukraine, and foreign journalists accused of spreading Russian propaganda have been booted out of the country. Anti-propaganda outlets in Ukraine such as StopFake.org also monitor media reports for Russian disinformation and are dedicated to setting the record straight.
 
To counter Russian propaganda in the war zone, Ukraine’s government has rebuilt its TV and radio broadcast network in the east, which Russia and its separatist proxies destroyed in the opening days of the war.
 
For years, Ukrainian citizens in eastern Ukraine could access only Russian TV channels for their news. Now, Ukraine has taken back control of the airwaves. While not as evident or as spectacular as the artillery bombardments and the tank battles, the battle for broadcast dominance in eastern Ukraine is a key piece of the overall war effort for Kyiv. After all, many Ukrainian citizens in eastern Ukraine can’t tell whether the artillery they are living under is fired from Ukrainian or Russian forces. And so long as they had access only to Russian television networks, which exclusively painted Ukrainian forces as the aggressor and, consequently, responsible for all civilian casualties, public opinion toward Ukraine’s central government was under an endless stress test as the war dragged on.
 
Now, with Ukraine able to defend itself on the airwaves, Russia has lost a potent weapon to turn the citizens of eastern Ukraine against their own government. Similarly, US lawmakers have debated how to defend the US population against Kremlin-backed news outlets, including RT (formerly Russia Today) and Sputnik, which US officials have called out as Russian propaganda mouthpieces.
 
The FBI reportedly has turned to a US law intended to prevent the spread of Nazi propaganda to determine whether the two Russian media outlets should register as foreign agents.
 
In America, as has been the case in Ukraine, manipulation of the media by a foreign power increasingly is regarded as a hostile act warranting retaliation. “America has experienced a sustained attempt by a hostile power to feed and exploit our country’s division,” former President George W. Bush said in alast year. Russia “has made a project of turning Americans against each other,” Bush said, adding, “Foreign aggressions, including cyberattacks, disinformation, and financial influence, should never be downplayed or tolerated.”
 
Daily Signal
 
You Might Also Read: 
 
Russian General Brags About Cyberwar Successes:
 
US Ready To Fight Hybrid War By 2030:
 
 
 
 
« UK Police Give Cybercrime Warning
US Cyber Soldiers Go To The Battlefield »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / Zero Trust Network Access Guide

Perimeter 81 / Zero Trust Network Access Guide

Curious how you can Implement a Zero Trust roadmap with insights from Gartner? Download this free report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

SABSACourses

SABSACourses

SABSA is a development process used for solving complex problems such as IT Operations, Risk Management, Compliance & Audit functions.

ITrust

ITrust

ITrust develops breakthrough products in Cyber/Artificial Intelligence, offering its products in Europe, America and Africa through its partner network (VAR, MSSP, OEM).

Hacker House

Hacker House

Hacker House teaches you what hackers can learn about your business and systems so that preventative solutions to protect your assets can be applied through active measures.

Echoworx

Echoworx

Echoworx primary and exclusive focus is providing organizations with secure email services.

ST Engineering

ST Engineering

ST Engineering is a leading provider of trusted and innovative cybersecurity solutions.

Police Digital Security Centre (PDSC)

Police Digital Security Centre (PDSC)

PDSC is a not-for-profit organisation, owned by the police, that works across the UK in partnership with industry, government, academia and law enforcement.

RISE

RISE

RISE is an independent, State-owned research institute, which offers unique expertise and over 100 testbeds and demonstration environments for future-proof technologies, products and services.

Secure Access Technologies (SAT)

Secure Access Technologies (SAT)

SAT provides a security solution that’s ready to replace passwords with adaptive multi-factor authentication.

Reflectiz

Reflectiz

Reflectiz empowers digital businesses to make all web applications safer by non-intrusively mitigating any website risks without a single line of code.

Imageware

Imageware

Imageware is a leader in biometric cybersecurity. Protect against costly, damaging ransomware hacks by employing biometric cybersecurity solutions.

Singtel Innov8

Singtel Innov8

Singtel Innov8, the venture capital arm of the Singtel Group, invests in and partners with innovative technology start-ups globally.