PUTIN’S CYBERWAR 1. Introduction Russia is at war with the West. Not only in a conventional sense, although given the Kremlin’s brazen acts over the last decade – the murder of Alexander Litvinenko in 2006, the invasion of Georgia in 2008, the annexation of Crimea in 2014 and the destabilisation of Ukraine since 2014 – you could be forgiven for thinking otherwise. Russia is also waging a covert war, characterised by scarcely believable, but nevertheless plausible, deniability. It is a war guided by old-school Soviet-style thinking, with strategies that have been adopted to fit new technologies and whose weapons are very much of the twenty-first century. It is a war that reflects a realisation by the Kremlin that in the age of the Internet there are easier and safer ways of attacking the enemy than dropping bombs or firing bullets. It is a war in which computers and keyboards rather than guns and tanks are the materiel. After land, sea, air, and space, it is a war in the fifth domain. It is cyberwarfare.1 Russia, of course, is not unique in waging cyberwarfare against the West. But it is the only country to date to have combined cyberwarfare with conventional warfare. In March 2014, in the midst of 2 Russia’s annexation of Crimea, the main Ukrainian government website was taken offline for about 72 hours following a cyberattack.3 When the European Parliament and Commission began to 4 criticise Russia’s actions on the peninsula, in April 2014, its systems too were hit. Six years earlier, in August 2008, Russia’s invasion of Georgia had been accompanied by widespread cyberattacks against Tbilisi by pro-Russian hackers. As far as the Kremlin is concerned, geeks and hackers now rank alongside soldiers and spies as weapons of the state. This policy paper examines Russia’s cyberwarfare with the West. It seeks to answer two questions in light of this: What are Russia’s capabilities? And what can or should the West do about them? The paper begins by defining what is meant by the term ‘cyber’, before moving on to situate cyberwarfare within the broader context of Russia’s foreign policy. Next, it outlines a number of incidents in which Russia, or hackers close to the Russian government, has waged cyberwar. After considering what Russia’s actions mean, and what the West has done to defend itself thus far, the paper concludes with a review of policy implications for the UK, and for the West as a whole, of Russia’s cyberwarfare. 1 It is not just the West that is targeted, either; the Kremlin’s domestic enemies have also been hit. On the day of Russia’s 2011 parliamentary election, for example, coordinated cyberattacks crashed the websites of many of the country’s liberal media outlets. Internet trolls have reportedly been paid to smear the opposition leader Alexey Navalny. See, Soldatov, A. and Irina Borogan, The Red Web: The Struggle Between Russia’s Digital Dictators and The New Online Revolutionaries (Public Affairs; New York, 2015). 2 The website is www.kmu.gov.ua, last visited: 6 May 2016. 3 Polityuk, P. and Jim Finkle, ‘Ukraine says communications hit, MPs phones blocked’, Reuters, 4 March 2014, available at: http://uk.reuters.com/article/uk-ukraine-crisis-cybersecurity-idUKBREA231QN20140304, last visited: 6 May 2016. 4 Many of the attacks featured a modified version of the Russia-designed ‘BlackEnergy’, which is a kind of malware known as a Trojan horse that remotely takes over computers in order to carry out Distributed Denial of Service, or DDoS, attacks. See, Kovacs, E. ‘Ukraine Accuses Russia of Hacking Power Companies’, Security Week, 30 December 2015, available at: http://www.securityweek.com/ukraine-accuses-russia-hacking-power-companies, last visited: 6 May 2016. 2
Putin's Cyberwar Page 4 Page 6