Russia’s Approach to Cyber Warfare
This report was published by CNA.
Russia views cyber very differently than its western counterparts, from the way Russian theorists define cyberwarfare to how the Kremlin employs its cyber capabilities. The paper examines the Russian approach to cyber warfare, addressing both its theoretical and its practical underpinnings. The following is a summary of its key findings:
- Russian officials are convinced that Moscow is locked in an ongoing, existential struggle with internal and external forces that are seeking to challenge its security in the information realm. The internet, and the free flow of information it engenders, is viewed as both a threat and an opportunity in this regard.
- Russian military theorists generally do not use the terms cyber or cyberwarfare. Instead, they conceptualize cyber operations within the broader framework of information warfare, a holistic concept that includes computer network operations, electronic warfare, psychological operations, and information operations.
- In keeping with traditional Soviet notions of battling constant threats from abroad and within, Moscow perceives the struggle within “information space” to be more or less constant and unending. This suggests that the Kremlin will have a relatively low bar for employing cyber in ways that U.S. decision makers are likely to view as offensive and escalatory in nature.
- Offensive cyber is playing a greater role in conventional Russian military operations and may potentially play a role in the future in Russia's strategic deterrence framework. Although the Russian military has been slow to embrace cyber for both structural and doctrinal reasons, the Kremlin has signaled that it intends to bolster the offensive as well as the defensive cyber capabilities of its armed forces. During the contingencies in Georgia and Ukraine, Russia appeared to employ cyber as a conventional force enabler.
- The Georgia and Ukraine conflicts also provided opportunities for Russia to refine their cyberwarfare techniques and procedures and to demonstrate their capabilities on the world stage. These demonstrations may later serve as a basis to signal or deter Russia's adversaries.
- Hacktivists and cyber-criminal syndicates have been a central feature of Russian offensive cyber operations, because of the anonymity they afford and the ease with which they can be mobilized. However, the crowd-sourced approach that has typified how the Kremlin has utilized hackers and criminal networks in the past is likely to be replaced by more tailored approaches, with the FSB and other government agencies playing a more central role.