Russia and Cyberspace

Since the advent of the internet age, the world has turned upside down. Between Facebook, Wikipedia, and eBay, our lives are a far cry from how they might have been only a century ago. It hasn’t all been cat videos and Netflix though. Some of these changes have a little more gravitas to them. Like how social media played a unique role during the Arab Spring. Technology has also helped play a role in modern geopolitics. In the realm of international politics, for instance, cyber-attacks have grown more prevalent. And while many countries engage in these subtle yet potent assaults (including good old Uncle Sam), none have garnered as much attention as one nation in particular- Russia. But the hacking of the DNC in 2016 is not the first time Russia has made such bold moves in cyberspace. They have spent over a decade pairing cyber strategy with a particularly aggressive foreign policy. Understanding this decade of attacks may shed some light on their actions yet to come.

The first notable attack occurred in early 2007, after the Estonian government decided to remove a statue from Tallinn, and off to the outskirts of the city. This statue, known as the Bronze Soldier, was erected in 1947 by the Russians who freed the city from Nazi control. For the people, it was either homage to their Russian liberators or a reminder of the pains of Soviet control. The decision to remove the statue led to some genuine fake news. Not the artificial stuff we get nowadays. “Protests were exacerbated by false Russian news reports claiming that the statue, and nearby Soviet war graves, were being destroyed” says Damien McGuinness in this recent BBC News article.

As told by Mr. McGuinness once again, this sparked bedlam in Estonia and then the unexpected happened.

On 26 April 2007 Tallinn erupted into two nights of riots and looting. 156 people were injured, one person died and 1,000 people were detained. From 27 April, Estonia was also hit by major cyber-attacks which in some cases lasted weeks.

Online services of Estonian banks, media outlets and government bodies were taken down by unprecedented levels of internet traffic.

Massive waves of spam were sent by botnets and huge amounts of automated online requests swamped servers.

The result for Estonians citizens was that cash machines and online banking services were sporadically out of action; government employees were unable to communicate with each other on email; and newspapers and broadcasters suddenly found they couldn’t deliver the news.”

The entire nation of Estonia had been swiftly riddled by the most prolific and disruptive cyber attacks of their time. While these attacks have not been definitively linked to the Kremlin, in Mr. McGuinness’ article, an anonymous Estonian official relayed to the BBC that the attacks were initiated by Russia. “Why are these cyber attacks so difficult to trace?” you may be asking yourself. There are a myriad of possible issues- the attackers could have used proxy servers to mask their origin, spoofed their IP address, utilized a VPN (virtual private network) to encrypt their data, and even when the true origin is identified, it does not prove who sat behind the keyboard to initiate the attack. Even without a smoking gun, the circumstantial evidence is damning.

Alas, this was only the beginning. Similar to the Estonian assault, many of the assaults revolved around saving face. In 2008, presumably responding to Lithuania banning the display of Soviet symbols, Russian hackers posted a plethora of the symbols on Lithuanian government websites. In another example from  2009, a media group in Kazakhstan published a quote from their president that spoke poorly of Russia. A DDoS attack soon shut down that same media group.

Saving face is not the motivation for conducting some of these attacks. There are the classic information gathering initiatives as well. For example, Germany in 2015, when the computers in the Bundestag were compromised by Russian hacking. Or like recently here in America, when Russian hackers entered DNC computers and acquired many personal emails that they published to the media.

Even before the debacle in 2016 America, Russians were meddling in other nations democratic processes. Take Ukraine, for instance. A failed attack in 2014 would have demolished their election commission on election day. Be it to sow chaos, rig results towards pro-Russian candidates, or simply to spread the fear of Russian strength, they’ll gladly strike at the opportune moment.

Of course, Russian hackers have put their skills to use in far less surreptitious ways. In Georgia in 2008 and Ukraine in 2014, the Russian government successfully coordinated military and cyber-attacks, shutting down internet providers in both of their assaults. Shutting down the internet in a crisis like this would disrupt government organization and their ability to defend against a coordinated assault. Not to mention it would stop civilians from tweeting out updates on troop positions and where they’re all heading. That would be troublesome.

The 2008 Ukraine assault is historically significant. While cyber attacks had been used to cause mayhem and gather information before then, never had they been used as part of a planned military invasion. As technology becomes more and more prolific in everyday life, it is likely that these joint assaults will also grow in ubiquity. The cyber half having the unique advantage of lacking an immediate, present source. For instance, a soldier with a rifle can only do so much damage so quickly at significant risk of retaliation. A hacker could seemingly strike out of thin air and hit something especially critical (at a fraction of the cost or even gaining money). This is similar to what was done to Ukraine in 2015, where hackers locked the controllers of a power plant out of their own system. This attack left over 230,000 homes without power.

Bearing what we know about Russia’s past with cyber attacks, let’s consider what they might set their sights on next. Russia seems to have a complex about former eastern bloc nations, such as Georgia and Ukraine. Especially in Ukraine.

As was alluded to earlier, Russia and Ukraine have had very rough relations over the last decade. This has no doubt been heavily influenced by the Orange Revolution. This mass protest in 2004 decried the election of a very pro-Russian president, Viktor Yanukovych, when information suggesting that the results were rigged came to light. The scale of the fraud was enormous- over one million extra votes in favor of Yanukovych. News of the corruption spread rapidly online, uncorrupted by the censorship of mainstream media, until the people took action. Ukrainians flooded the streets in response! People clad in orange, the oppositions party color, contested the results and eventually a second election was conducted. This time the other candidate, Viktor Yuschenko, a very pro-West candidate, was declared the winner. But not before an attempt was made on his life. Yuschenko found himself disfigured from dioxin poisoning that left him severely scarred in the midst of the Orange Revolution. While the perpetrator of the attempt has never been stated forthright, it has been repeatedly hinted that an unhappy Russia would have had the motive and means to do this. If that’s the case, it wouldn’t be a stretch to say the Russians are still displeased that the most populous of former USSR states is drifting from them towards the West. The danger, in that case, would not be limited to Ukraine alone. According to Yuschenko, “Every politician in this country and neighbouring countries who turns towards the West is facing that kind of danger… My poisoning took place because I had started taking steps towards the European Union. We have a neighbour who does not want this to happen.”

The upcoming German elections are another potential target. The Russians are suspected of penetrating the Bundestag in 2015 and have a history of interfering in elections. It’s not impossible that we will see increased activity in that arena in the very near future. Especially considering Putin’s less-than-friendly relationship with the current German Chancellor, Angela Merkel. Another potential factor in this could be the construction of Nord Stream 2, a natural gas pipeline being constructed beginning in Russia and ending in Germany. This pipeline will not replace the original Nord Stream, which brought 43.8 billion cubic meters of natural gas into the flagging EU energy market. Continued EU sanctions and Americas expansion of current sanctions will harm both the German and Russian businesses behind constructing the pipeline. Very recently, Moscow nominated Gerhard Schröder, the former Chancellor of Germany, to be an independent director on the board of Rosneft, a Russian oil company with a majority share owned by Moscow. Schröder isn’t just a former Chancellor of Germany, but also chairman of the shareholders committee of Nord Stream AG, the consortium behind both Nord Stream pipelines. Though Rosneft is not among the current shareholders of Nord Stream AG, if Rosneft joined in this profitable enterprise, some share of the profits would go directly to Moscow. Rosneft would not be the only company holding shares that at least partially belongs to Moscow. Gazprom, who holds 51% of the shares in Nordstream, is also partially owned by Moscow.. This adds incentive to Russia to ensure that all parties involved in the Nord Stream project continue making decisions favorable to Moscow until the project is complete. And what better way to ensure these outcomes than the subtle hand of cyber interference? Plus adding a Former Chancellor of Germany legitimizes the further entanglement of the nations fates in the energy market. Of course, this is still speculation at this point. But given their recent relations, this would be a smart move on their part.

In our ever-evolving digital world, international cyber attacks are a new threat that needs to continually be addressed through further innovation and vigilance. Not only by political bodies, but private organizations as well. The significance of cyber attacks on foreign policy decisions grows constantly. The effects they can have should not be overlooked. Russia is only one example of many modern nations trying to integrate this new dimension of modern life to their policy objectives. They’re trying to ride the crest of this new wave too. And it doesn’t look like it’ll crash anytime soon.

IMG_0915Elliot Maynard is a University of Kentucky alumni with a bachelor’s degree in Mathematical Economics. In his free time, you are just as likely to find him reading up on the latest economic news and tech trends as you would find him hiking, playing board games with friends, and travelling.



Featured Image: Data Security Breach by Blogtrepreneur, Flickr Creative Commons 

Leave a Reply

Your email address will not be published. Required fields are marked *