The use of deniable actors is hardly unique to Russia, but the state’s complicity and even outright involvement in organized crime is. OODA’s reports “The Russian Threat” suggests that “Russia should be considered a kleptocracy, where the rule of law exists as long as it supports the objectives of the state and the ruling oligarchs.” The report further notes that because the law is subject to the state’s whims, Putin is able “to act decisively to defend Russian interests and to pursue opportunities he views as enhancing Russian prestige and power abroad.” The coopting of cyber criminals represents just such an example of kleptocracy enabling the Russian state to seize controversial opportunities that would be waylaid by opposition from “checks and balances” in true democracies.
Putin’s Russia has demonstrated a penchant for relying on proxies to provide a degree of deniability while pursuing its military objectives. As noted in Christoph Zürcher’s book The post-Soviet wars: Rebellion, ethnic conflict and nationhood in the Caucasus, Putin’s popularity emerged in large part due to his successful resolution of the conflict with Chechnya, which he achieved by co-opting the Kadyrov warlords. More recently, Putin has relied on not only deniable Russian forces, but also proxies within Ukraine. Still, blunders by Russian private military companies like the Wagner Group and Slavonic Corps in Syria have demonstrated how this deniability can backfire.
The December 2016 “Grizzly Steppe” joint analysis report issued by the FBI and DHS provided a table of monikers attributable to various Russian cybercriminal organizations serving the state’s intelligence services. However, understanding what these names refer to is a challenge in and of itself. As noted by Florian Roth in a 2018 Medium article, similarities in names do not necessarily indicate a shared meaning, but are more likely attributable to a cybersecurity firm’s naming scheme.
The proliferation of cyber physical systems (CPS) has increasingly enabled cyber actions to have direct kinetic effects on tangible infrastructure, even as cyberspace itself depends on tangible infrastructure vulnerable to kinetic damage.
This report focuses on Russia, a particularly important threat actor to track given their track record of brazen infrastructure attacks. It is almost certain that we will see further attacks from Russia against the infrastructure of other nations. The only uncertainty remaining pertains to what sort of attacks they might be motivated to initiate under what circumstances, and whether we would even know if they had already been accomplished.
Jason Healey has been a vocal advocate for challenging the assumptions and metrics we use to develop a defensible cyberspace and also to ensure that the networks of today continue to afford us great communication, economic, and societal benefits. This in-depth article takes a look at Jason’s work, with a special emphasis on his NY Cyber Task Force. This is essential reading for anyone responsible for defending networks.
It is a truism that every society is only a few meals away from revolution, proven not for the first time when high food prices initiated the Arab Spring, and yet food security is a woefully neglected national security concern. America lacks a national food policy, even though we are headed towards a crisis.