Russia's Experimental Hybrid War With Ukraine

Since 2014 Russia has used Ukraine as a testing ground for its hybrid warfare doctrine, underscoring what some security experts say is a case study for the new kinds of security threats the US and its Western allies can anticipate from Moscow.
 
“The threats Ukraine faces are harbingers of things to come for the US and its other allies,” said Junaid Islam, chief technology officer and president of Vidder, a California-based cybersecurity firm that does work in Ukraine. “It is in the national strategic interests of both the United States and Ukraine to cooperate deeply in cybersecurity because Ukraine is a canary in the cyberspace coal mine,” Islam said
 
A top Ukrainian security official recently disclosed a cyber warfare tactic honed by Russia in Ukraine, which could be a bellwether for Russia’s next act of political warfare against the US.
 
The Ukrainian government recently has been attacked by “undetectable” computer viruses that target “particular individuals, in particular departments, and they’re constructed based on the social understanding of social media by particular people,” Dmytro Shymkiv, deputy head of the Presidential Administration of Ukraine on Administrative, Social and Economic Reform, explained recently at  the 2017 Future in Review conference. “Russia recruit’s psychiatrists, scientists, and neurologists, who construct these things to target particular individuals,” Shymkiv said.
 
According to Ukrainian security officials, Russian agents build a psychological profile of their mark through his or her social media footprint. Then, using that information, the Russians can make personalised computer viruses, or run a social media influence operation specifically crafted with that one particular person in mind. “People say, ‘Well, that’s a science fiction.’ It’s not,” Shymkiv said. “When the annexation of Crimea took place, [Russia] shut down the internet to Ukraine, and they used social media to influence people’s behavior. And you can influence people’s behavior. You do it in a nice way, posting things to their friends, et cetera. There’s a whole factory in Russia doing this.”
 
This is known in the cybersecurity world as “social engineering”, a form of cyberattack in which people are psychologically manipulated into performing actions or divulging confidential information. According to some security experts, the best defense against this kind of threat is education. “Man is the weakest link in the chain of information technology,” said Mykhailo Vasyanovich, head of the Public Council for the Ministry of Information Policy of Ukraine. “With such cyberattacks, which are now taking place in Ukraine, it is necessary to raise the level of information technology literacy of users by conducting educational work on cybersecurity among employees of private and state enterprises,” Vasyanovich said.
 
Some experts worry this reliance on the security savvy of Internet users to fend off Russian cyberattacks might be a vulnerability for the US. “What may especially worry the US is that Russia targets influential individuals, such as journalists or political analysts, especially those of rather skeptical approach toward Moscow,” Daniel Szeligowski, senior research fellow on Ukraine for the Polish Institute of International Affairs, told The Daily Signal. “Unlike institutions or infrastructure, they don’t have state protection and are thus vulnerable to intimidation and blackmailing,” Szeligowski added. “And given the rising popularity of social media, such a threat is even more widespread.”
Hybrid War
 
Russia’s hybrid attacks against Ukraine have included, but are not limited to:
 
• Using social media to shape public opinion among an adversary’s population.
• Turning commercially available computer software into a tool for espionage and cyberwarfare.
• Exploiting smartphones to spy on and wage psychological warfare against an adversary’s military forces.
• Using cyberattacks to undermine an adversary’s electoral process.
• Using pseudo-news reports to push a propaganda line that sows division within an adversary’s national culture.
 
All of these tactics have also been used by Russia against the U.S. since Russo-American relations took a nosedive in the fallout over Russia’s military aggression against Ukraine in early 2014. “Ukraine is a perfect testing ground for hybrid warfare,” Szeligowski said. “Thus, it is no wonder that Russia has already seized the opportunity, and in Ukraine it has made a dry run of all sorts of its offensive techniques.”
 
Russian hybrid warfare is not covert warfare. Rather, it’s the combined use of conventional military force with other means such as cyberattacks and propaganda to sow chaos and confusion, both on the battlefield and deep behind the front lines.
Hybrid warfare is an evolving threat spanning every combat domain. Particularly, hybrid warfare weaponises many pieces of everyday life, including smartphones, social media networks, commercially available computer software, and journalism.
“Russia is testing in Ukraine both procedures and concepts, which later on are being applied in the West, such as during the US and French elections,” a Polish security spoke incognito, asking not to be named due to professional restrictions on speaking to the media.
 
“In short, Ukraine remains for Russia a crucial hybrid warfare battleground and testbed,” the security official said. “The Russian hybrid warfare model is being further developed, perfected, and tested as we speak. Russia’s ability to escalate rapidly across the whole spectrum of conflict makes the West prone to the ‘surprise effect.’”
 
Russia’s use of social media and cyberattacks as weapons of war might be innovative, but, at its core, it’s a modern revamp of a Cold War-era idea. Hybrid warfare is the Kremlin’s contemporary take on a Soviet military doctrine called “deep battle,” in which front-line combat operations are supported with operations to spread chaos and confusion deep within the enemy’s country. Hybrid warfare also draws on the Soviet Union’s well-documented history of “influence operations” against the US and other Western allies.
 
In effect, Russia’s overall strategy to undermine the West hasn’t changed all that much from the Soviet Union’s playbook. But the world in which those Soviet theories are now put into practice is a radically different one than during the Cold War.
 
The advent of the internet, and social media in particular, has given the Kremlin direct access to the populations of its adversaries, bypassing the gatekeeper role America’s media institutions used to play. “Everything today is digitised, including phone and mail services, and everything runs on the same network,” Kenneth Geers, ambassador of NATO’s cybersecurity center and a senior fellow at the Atlantic Council, told The Daily Signal. “There is only one Internet, and one cyberspace, inhabited by all of the world’s citizens, soldiers, spies, and statesmen.”
 
Meanwhile, Americans’ distrust in their media institutions has reached historic levels. Russia has stealthily taken advantage of Americans’ crisis of confidence in the media to permeate the US news cycle with misinformation spread by propaganda mouthpieces cloaked as alternative news sources, such as RT and Sputnik.
 
Lessons Learned
Some commercial cybersecurity firms have stepped in both to harden Ukraine’s cyber-defenses and use lessons learned from Ukraine to craft better defenses for the US to counter Russia. “With the world increasingly digital and connected, Ukraine is of strategic, vital interest to the West,” said Greg Ness, a cybersecurity specialist and vice president of marketing at Vidder. “What happens in Ukraine doesn’t stay in Ukraine.” California-based Vidder has put together a team of cybersecurity experts to comprise the core of a proposed US-Ukraine cybersecurity center with offices in Kyiv, Washington, and Silicon Valley.
 
“By ensuring that Ukraine adopts leading cybersecurity solutions and best practices, we will not only provide Ukraine with the best protection from cyberattacks, but it also helps US experts develop new and more effective technologies and strategies in the future,” Islam, Vidder’s president, said. “It will also help establish Ukraine as a secure, stable, prosperous, and reliable ally in Eastern Europe.”
 
The war in Ukraine has shaped how NATO forces are training for the next military conflict.NATO and Ukraine already cooperate in a joint center to counter hybrid warfare. The center is part of the Comprehensive Assistance Package that NATO pledged to Ukraine during the alliance’s summit in Warsaw last year.
 
According to NATO, the joint center will be “a platform for identifying lessons learned from hybrid war in Ukraine.”
For its part, the US military has reportedly been studying the war in Ukraine to shape its own military doctrine. Lt. Gen. H.R. McMaster, the Trump administration’s national security adviser, recently directed a study to analyse Russia’s hybrid warfare tactics in Ukraine in order to craft recommendations for the US Army. 
 
Not all of Russia’s hybrid warfare tactics in Ukraine would be effective against the US. “There is a yawning gap between Ukrainian and American cyber capabilities, not to mention cultural and linguistic differences between Russians and Americans,” Szeligowski said. “But it goes beyond any doubt that, at least at some point, Russia already used hybrid warfare instruments against the US, and did it effectively.”
 
Hybrid Way of Life
The effects of Russia’s proxy war against Ukraine are limited to a 250-mile-long static front line in southeastern Ukraine’s Donbas region. The war is moderated in intensity and is geographically frozen according to the rules of the February 2015 cease-fire deal, known as Minsk II. More than 10,100 Ukrainians have died so far in the war. The conflict has displaced about 1.7 million people. Yet, the physical consequences of the war are quarantined from most of the country. Outside the range of the artillery, mortars, rockets, and tank shots, you’d hardly know there was war going on.
 
On a physical battlefield, a war extends as far as the range of the weapons used. In hybrid warfare, however, the battlefield knows no limit.
 
Consequently, there’s hardly any part of Ukrainian life that hasn’t been affected by Russia’s ongoing hybrid war.
Russian cyberattacks have hit Ukraine’s power grid, water supply systems, the country’s banking system (shutting down ATMs), its largest international airport, and the electoral process.
 
In December 2016, a cyberattack, which Ukrainian officials attributed to Russia, took down one-fifth of Kyiv’s electrical grid. Since 2014, Ukrainian security services have thwarted numerous cyberattacks in which malware from abroad was used in attempts to steal classified information from Ukrainian government networks. In the eyes of Ukrainian security officials, the internet has become as much of a battlefield as the trenches in the Donbas region. The main goal of Russia’s information warfare, according to Ukrainian security officials, is to incite civil unrest throughout all of Ukraine and to undermine the government’s credibility.
 
Since 2014, Ukraine has established a Situation Center for Cybersecurity, and Ukrainian officials have fostered closer ties to Western intelligence agencies to bolster their cyber-defenses.
 
Security State
Russia’s purchase of $100,000 worth of Facebook advertisements in the run-up to the 2016 U.S. presidential election sparked a media frenzy in America and an outcry from lawmakers for social media sites to provide better transparency about the identity of those who purchase advertisements on their sites.
 
In Ukraine, Russia has been exploiting social media as a weapon of war for years.
In a sweeping ban announced in May, Ukrainian officials banned Russian internet search engines, including Yandex, as well as popular Russian social media sites such as VKontakte, which millions of Ukrainians used. The ban prompted some pushback from Ukrainians, who used these sites for many daily tasks and for social reasons. But Ukrainian officials insisted the sites posed a national security threat, which warranted the free speech trade-off.
 
Also in May, Ukraine banned commercially available Russian software, including anti-virus software from Moscow-based Kaspersky Lab, the same company US officials now say was used as a Trojan horse for Russian intelligence agencies to steal classified information from the US government. “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalise on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security,” the Department of Homeland Security said in a Sept. 13 statement posted to its website.
 
US intelligence officials said Russian intelligence services had modified anti-virus software from Kaspersky Lab to clandestinely search computers around the world for classified US government documents and top-secret information.
“Possessing a worldwide deployment of sensors may be too great a temptation for any country’s intelligence service to ignore, and Kaspersky may have been forced into a quiet business partnership with the Russian government,” Geers, the NATO cybersecurity specialist, said.
 
Similarly, news reports recently detailed how Russian military forces have been targeting the smartphones of NATO troops to gather intelligence. Ukrainian soldiers in the eastern war zone have long been advised by their leaders not to turn on their smartphones while in the war zone. Russian forces reportedly have used the cell signals emitting from Ukrainian soldiers’ phones to target its artillery. For years, Ukrainian soldiers have reported receiving death threats and demands for their surrender from their enemies over cellphone text messages.
 
New Weapons
Journalism has been one of Russia’s most lethal weapons against Ukraine. Ukrainian officials have banned a slew of Russian TV stations from broadcasting in Ukraine, and foreign journalists accused of spreading Russian propaganda have been booted out of the country. Anti-propaganda outlets in Ukraine such as StopFake.org also monitor media reports for Russian disinformation and are dedicated to setting the record straight.
 
To counter Russian propaganda in the war zone, Ukraine’s government has rebuilt its TV and radio broadcast network in the east, which Russia and its separatist proxies destroyed in the opening days of the war.
 
For years, Ukrainian citizens in eastern Ukraine could access only Russian TV channels for their news. Now, Ukraine has taken back control of the airwaves. While not as evident or as spectacular as the artillery bombardments and the tank battles, the battle for broadcast dominance in eastern Ukraine is a key piece of the overall war effort for Kyiv. After all, many Ukrainian citizens in eastern Ukraine can’t tell whether the artillery they are living under is fired from Ukrainian or Russian forces. And so long as they had access only to Russian television networks, which exclusively painted Ukrainian forces as the aggressor and, consequently, responsible for all civilian casualties, public opinion toward Ukraine’s central government was under an endless stress test as the war dragged on.
 
Now, with Ukraine able to defend itself on the airwaves, Russia has lost a potent weapon to turn the citizens of eastern Ukraine against their own government. Similarly, US lawmakers have debated how to defend the US population against Kremlin-backed news outlets, including RT (formerly Russia Today) and Sputnik, which US officials have called out as Russian propaganda mouthpieces.
 
The FBI reportedly has turned to a US law intended to prevent the spread of Nazi propaganda to determine whether the two Russian media outlets should register as foreign agents.
 
In America, as has been the case in Ukraine, manipulation of the media by a foreign power increasingly is regarded as a hostile act warranting retaliation. “America has experienced a sustained attempt by a hostile power to feed and exploit our country’s division,” former President George W. Bush said in alast year. Russia “has made a project of turning Americans against each other,” Bush said, adding, “Foreign aggressions, including cyberattacks, disinformation, and financial influence, should never be downplayed or tolerated.”
 
Daily Signal
 
You Might Also Read: 
 
Russian General Brags About Cyberwar Successes:
 
US Ready To Fight Hybrid War By 2030:
 
 
 
 
« UK Police Give Cybercrime Warning
US Cyber Soldiers Go To The Battlefield »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Concise Technologies

Concise Technologies

Concise Technologies provide specialist IT and telecoms solutions, support services, managed backup, disaster recovery, cyber security and consultancy to SME businesses across the UK and Europe.

edgescan

edgescan

edgescan is a cloud-based continuous vulnerability management and penetration testing solution.

FixMeStick

FixMeStick

FixMeStick is a virus removal device, a USB key that removes malware conventional antivirus software often can’t detect.

FoxGuard Solutions

FoxGuard Solutions

FoxGuard Solutions develops customized cyber security, compliance and industrial computing solutions for critical infrastructure entities and control system vendors.

Global Security Network (GSN)

Global Security Network (GSN)

GSN focuses on specialized IT Security solutions & services for the military, law enforcement, critical infrastructure and oil & gas sectors in the Middle East.

Protec

Protec

Protec is a leader in cyber resilience providing information security, risk management and audit services – bringing stability and peace of mind to our customers.

Newralers

Newralers

Newralers is a leader in artificial intelligence and big data analysis offering solutions in areas including the smart detection of insurance fraud.

M2M Intelligence

M2M Intelligence

M2M Intelligence is a global provider of secure, resilient IoT connectivity solutions.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

Have I Been Pwned (HIBP)

Have I Been Pwned (HIBP)

Have I Been Pwned is a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach.

Stronger International

Stronger International

Stronger International provides expert cyber services and training to organizations and individuals to enhance IT and security knowledge.

Coretelligent

Coretelligent

Coretelligent is a leading providers of Managed and Co-Managed IT, cybersecurity and private cloud services.

Plante Moran

Plante Moran

Plante Moran is a leading audit, tax, consulting, and wealth management firm. Areas of consulting expertise include cybersecurity.

NorthRow

NorthRow

NorthRow provides digital transformation compliance solutions to help businesses manage regulatory and financial crime risks.

Goldilock

Goldilock

Goldilock is redefining how sensitive data, devices, networks and critical infrastructure can be secured.

Oxeye

Oxeye

Oxeye fills the gap between cloud and code to show exploitable vulnerabilities, and their path from API to code. More visibility. Less noise. More time to build.