Russia’s Strategy For Information Warfare

Uploaded on 2021-09-06 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Russia recently released its new National Security Strategy, or NSS, a significant official document in which the word “cyber” is conspicuously absent. The omission is not a matter of translation, it’s strategic and this offers a clear signal for Western policymakers about what Russia’s curious word choice reveals about its cyber strategy .

Russia’s goals for digital conflict are much broader than shutting down pipelines and stealing data. Kremlin officials also want to influence the minds and ultimately the behaviour of their adversaries. Indeed, Russian Minister of Defense Sergey Shoigu recently said that “information has become a weapon” while accusing the West of establishing propaganda centers in Eastern Europe.

Instead of the term “cyber security,” (кибербезопасность) the NSS speaks of “information security.” (информационная безопасность) This may seem like a semantic difference, but it is intentional and consequential in the language used by the Kremlin. With a full section in the 2021 NSS devoted to information security, unlike its  2015 predecessor, there is no doubt that the Kremlin is taking the topic very seriously. 

According to Russian military doctrine, information security falls into two complementary categories: 

  • One component is on the technical side. These activities involve operations like shutting down pipelines, stealing data, and surveilling personal devices. Most Americans know this as “cyber security.” 
  • The other element of information security is the much more subtle and downright stealthy. Rather than infrastructure and networks, this psychological side of Russian operations targets the cognitive processes of the adversary’s leaders and population. It focuses on psychological manipulation. 

Russian military strategists Chekinov and Bogdanov said, “In the ongoing revolution in information technologies, information and psychological warfare will largely lay the groundwork for victory.” The chief of staff of the Russian military, Valery Gerasimov, values nonmilitary to military measures as 4 to 1.

Western policymakers need to recognise that one of the Kremlin’s goals include being a cyber superpower. The failure to credibly deter Russia’s information operations will also have detrimental effects on the ability of the US and the West to deter Chinese information operations. 

Its not just about hacking computer systems, Russia  also wants to  disrupt democracy, polarise society and spread doubt and confusion. 

As the Biden administration continues to negotiate with Russia on ending cyber attacks, it is imperative that the US also adopt a holistic approach to information security in which both the Russian technical and cognitive components need to be addressed. Now is the time for a realistic and comprehensive approach to Russian information tactics and capabilities. 

DefenseOne:        AEI:             Industry-Update:       Daily Advent:      Albitross:      Image: Unsplash

You Might Also Read: 

Cyber Warfare Creates Ghosts In Our Machines:

 

« The Cyber Security Market Is Booming
Securing Hybrid Workplaces From Attack »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Conference-Service

Conference-Service

Conference-Service provides a categorised calendar of conferences and events, including Information Security & Privacy.

MSG Systems

MSG Systems

MSG are committed to intelligent IT and industry solutions and offer independent consulting on all aspects of information security.

REVI-IT

REVI-IT

REVI-IT is a Danish state-owned audit firm focusing on enterprise IT business processes and compliance,

DANAK

DANAK

DANAK is the national accreditation body for Denmark. The directory of members provides details of organisations offering certification services for ISO 27001.

Verificient Technologies

Verificient Technologies

Verificient Technologies specializes in biometrics, computer vision, and machine learning to deliver world-class solutions in continuous identity verification and remote monitoring.

CoursesOnline

CoursesOnline

CoursesOnline.co.uk is a database listing IT security courses from providers across the UK.

Microland

Microland

Microland’s delivery of digital is all about making technology do more and intrude less for global enterprises. Our services include Cloud & Data Center, Networks, Cybersecurity and more.

Sekuro

Sekuro

Sekuro is your leading governance and cyber security partner. Building organisational resilience. Enabling fearless innovation.

Prancer

Prancer

Prancer is the industry's first cloud-native, self-service SAAS platform for automated security validation and penetration testing in the cloud.

6WIND

6WIND

6WIND deliver virtualized, cloud-native, distributed high performance & secure networking software solutions to support new applications such as 5G, IoT, SD-WAN.

CommandK

CommandK

CommandK provides companies with infrastructure to protect their sensitive data. Built-in solutions to prevent data-leaks and simplify governance.

Quantum Security Services

Quantum Security Services

Quantum Security Services is a specialist information security firm providing a range of risk, compliance and technical security services.

Btech

Btech

Btech is the market leader in providing affordable managed IT security services for credit unions.

Mother Technologies

Mother Technologies

From Datacentre to Desktop, Mother Technologies has been delivering IT Support, Telecoms, Cybersecurity and Connectivity services to businesses across Scotland and beyond since 2002.

XY Cyber

XY Cyber

XY Cyber enable Generative AI for Cyber Operations. We simplify the complex world of cyber threats into actionable strategies, empowering your defense with AI-powered solutions.

Interpres Security

Interpres Security

Interpres Security operationalizes TTP-based threat intelligence and automates continuous exposure monitoring to help CISOs and security practitioners reduce threat exposure.