Image courtesy of Taskin Ashiq/Unsplash.com
This article was originally published by the Australian Strategic Policy Institute (ASPI) on 1 June 2018.
In the past three years, barely a week has gone by without a report of a critical cyberattack on a business or government institution. We are constantly bombarded by revelations of new ransomware strains, new botnets executing denial of service attacks, and the rapidly expanding use of social media as a disinformation and propaganda platform.
This article was originally published by the Finnish Institute of International Affairs (FIIA) on 20 December 2016.
Russia´s new Information Security Doctrine follows the line adopted in previous strategic documents whereby Russia is perceived as a besieged fortress. The doctrine identifies a number of external threats to Russia’s information space and calls for intensified monitoring of the Russian segment of the internet, Runet.
On 5 December 2016, President Vladimir Putin signed a new Information Security Doctrine of the Russian Federation, replacing the Information Security Doctrine published in 2000. The Doctrine is one of the strategic planning documents and, as such, it expresses the official view about the management of national security in the information sphere. Rhetorically, the text resembles the National Security Strategy, adopted in December 2015, which signalled a heightened sense of threat towards Russia, and underlined the importance of maintaining strategic stability. Consequently, the spirit of the new Doctrine is sharper, almost bellicose in tone, and the threats are described in more concrete terms.
The information sphere is defined in a broader sense than in the previous doctrine. The key term in this regard is “informatization”, which refers to social, economic and technical processes for adopting and expanding information technology in society and the country as a whole, and for securing access to information resources. This change indicates recognition of the role of the information sphere in technological development but, most importantly, regards it as a tool to change the fabric of society. The Doctrine describes how this tool is used in the interests of Russia’s national security, and calls for an increased role for internet and information security management and the domestic production of information technology.
This article was originally published by the Foreign Policy Research institute (FPRI) on 21 November 2016.
President-elect Donald Trump is in the midst of selecting his national security team. He not only needs to decide the “who,” but also the “how” of national security decision-making. It is unclear whether he will adopt Ronald Reagan’s model of entrusting empowered Cabinet secretaries to handle such matters; follow in Richard Nixon’s footsteps of retaining close control over foreign policy within the White House through the National Security Advisor; or emulate George H.W. Bush’s hybrid “gang” blending both White House staff and senior officials.
Beyond his staffing choices, the president-elect and his counselors must also be prepared to tackle a series of questions about U.S. foreign policy and defense strategy, both to inform his continuing selection of personnel to serve in his administration and to shape his conversations with foreign leaders who are anxious to take the temperature of the new Chief Executive. In addition, his answers will be critical if he wants to link his campaign promises with actual policies.
Courtesy of Yusuke Umezawa / Flickr
This article was originally published by War on the Rocks on 19 October 2016.
Late in May 2014, a group calling itself CyberBerkut leaked a map of the Ukrainian Dnipropetrovsk Oblast administration’s IT resources, information on the Central Election Commission of Ukraine’s servers, and the correspondence of its staff. In the following days, which included the country’s presidential election, CyberBerkut claimed they had again compromised the election commission’s servers, leaked more confidential information, conducted a distributed denial of service (DDoS) attack the commission’s website (which instructed potential voters how and where to vote), and blocked the phones of election organizers. The group also released documents implying that the recently appointed governor of the Dnipropetrovsk Oblast, Igor Kolomoisky, was complicit in pro-European Ukrainian plans to promote the “correct” candidate for president of Ukraine.
Despite the best effort of the Russian group behind CyberBerkut, the center-right, pro-European Petro Poroshenko won the Ukrainian presidency. But CyberBerkut wasn’t finished. Almost exactly five months later, the group used similar tactics in the days preceding the Ukrainian parliamentary elections. The results were largely the same: Pro-European candidates won the majority of seats. An uninitiated observer might be keen to discard these events as failed electioneering. After all, Moscow did not succeed in getting its men elected. But to label the operation a failure is to assume that the primary goal was to get pro-Russia officials elected. Over the course of the past four months, we have seen similar operations unfold in the United States, and — as was the case in Ukraine — there are reasons to believe that swaying the election is not the primary objective. Just as in the case of the CyberBerkut incidents, among the key observers of these operations in the United States have been cyber-security firms like FireEye. The manager of their information operations analysis team recently shared some of their findings with me, which informs the analysis below.