NATIONAL INTELLIGENCE ESTIMATE RUSSIA: CYBER PROFICIENCIES, PROTOCOLS, AND PRACTICES This National Intelligence Estimate portrays the views Author with the advice and assistance of Dr. Michelle Black, the U.S. Intelligence Community, and PSCI 4250-850 Intelligence and National Security. APPROVED FOR RELEASE DATE: 3 DECEMBER 2017 University of Nebraska at Omaha Page 1 of 9 Key Judgements Russian-U.S. relations are as unpredictable as ever in light of the 2016 election and the controversy of Russian interference. With the constantly revolving relationship ranging from post-Cold War friendship to current skepticism, there is still the power struggle that remains. Russia has been identified as one of the United States’ greatest geopolitical threats next to China, with their cyber capabilities surpassing all other nations aside from the United States. The primary source of Russian interference and infiltration can be found in American social media. The goal of the creation of social media accounts is to create divisiveness, placing any nation experiencing these attacks in a significantly more vulnerable position. The overall strategy of “divide and conquer” is ultimately the objective of Russian authorities to undermine the American democratic electoral system. Russia’s intrusion into the American democratic electoral process this past election cause the United States to come to the jarring realization of the significance of Russian cyber abilities. The lack of preparation exemplified in this most recent interference is an unsettling trend. The United States must combat this threat to sustain the ideal of democracy as it is currently known. Conclusions drawn after extensive open intelligence research are as follows: • • • • • Cyber-attacks are only an initial means of attack before additional information is compromised and more detrimental attacks are initiated. 1 Disinformation is becoming more prevalent and permissible under Western liberal democracy’s first amendment rights and protections. 2 Over 3,000 ads were purchased on Facebook costing over $100,000 and linked to over 450 falsified accounts. 3 Russian agents propagate divisive posts that reached over 126 million Facebook users. 4 Over 1,000 videos were published to Google’s YouTube service and more than 131,000 messages published on Twitter.5 Majumdar, D. (2017, September 21). Russia and China Have a Sneaky Way to Crush America if World War III Goes Down. Retrieved December 02, 2017, from http://nationalinterest.org/blog/the-buzz/russia-china-have-sneakyway-crush-america-if-world-war-iii-22420 2 Rutenberg, J. (2017, September 13). RT, Sputnik and Russia’s New Theory of War. Retrieved December 02, 2017, from https://www.nytimes.com/2017/09/13/magazine/rt-sputnik-and-russias-new-theory-of-war.html 3 Shane, S., & Goel, V. (2017, September 06). Fake Russian Facebook Accounts Bought $100,000 in Political Ads. Retrieved December 02, 2017, from https://www.nytimes.com/2017/09/06/technology/facebook-russian-political 4 Isaac, M., & Wakabayashi, D. (2017, October 30). Russian Influence Reached 126 Million Through Facebook Alone. Retrieved December 02, 2017, from https://www.nytimes.com/2017/10/30/technology/facebook-googlerussia.html 5 Ibid 1 Page 2 of 9 • NSA reports attempts by Russian military intelligence to infiltrate election software vendor's computers the use of that information to send emails containing malicious software to approximately 122 local election offices. 6 DISCUSSION: RUSSIA AND CYBER INTERNATIONAL RELATIONS Russian cyber interference is an attempt to undermine the American democratic electoral process and additionally impacting outside nations and causing skepticism regarding the legitimacy of American elections, therefore attacking the United States while simultaneously influencing international spectators. 7 Russia’s RT is a Kremlin-financed television network that has bolstered its content to accent the faults of the U.S. democracy and offers almost unrecognizable misinformation to create doubt regarding democratic institutions and to destabilize Western culture. 8 Cyber-attacks in addition to cyber infiltration are the means by which Russia can most effectively attack both the United States and foreign nations, because it is the most difficult method to both identify and to destroy as opposed to using economic or military power. Figure 1 Fessler, P. (2017, September 22). 10 Months After Election Day, Feds Tell States More About Russian Hacking. Retrieved December 02, 2017, from https://www.npr.org/2017/09/22/552956517/ten-months-after-election-dayfeds-tell-states-more-about-russian-hacking 7 Krastev, I. (2017, November 01). Robert Mueller Will Never Get to the Bottom of Russia’s Meddling. Retrieved December 02, 2017, from https://www.nytimes.com/2017/11/01/opinion/mueller-election-meddling-russia.html?r=0 8 Erlanger, S. (2017, March 08). Russia’s RT Network: Is It More BBC or K.G.B.? Retrieved December 02, 2017, from https://www.nytimes.com/2017/03/08/world/europe/russias-rt-network-is-it-more-bbc-or-kgb.html 6 Page 3 of 9 This tactic is not isolated to just the United States, but also throughout Europe in countries such as France, Germany, and Amsterdam. Emmanuel Macron, now current President of France, faced the struggle of Russian cyber-interference during his campaign against Marine Le Pen prior to the 2017 Presidential election. Macron was reportedly prepared for any assault on his campaign and when staff received hacked emails searching for passwords, the team was prepared with a plan and disoriented hackers by providing incorrect passwords. 9 Additionally, France has implemented many safeguards to limit and impede any damage to the integrity of the election process and as a result, Russian hackers were unsuccessful in their attempt to impact the French presidential election, but it is presumed that their efforts will be moved to Great Britain’s upcoming elections. 10 Secretary General of NATO Jens Stoltenberg warns Canada to prepare itself for Russian attacks as the threat of cyber interference is constantly evolving and nations have to adapt their cyber systems to combat these threats. 11 While it is important for all nations to bolster their cyber security, vulnerability exhibited by nations who are under American intervention regarding cyber Riotta, C. (2017, May 13). How Emmanuel Macron beat Putin's hackers at their own game. Retrieved December 02, 2017, from http://www.newsweek.com/emmanuel-macron-french-election-uk-vote-cyber-attack-hack-securitymarine-le-596310 10 Ibid 11 CBS News. (2017, November 9). ‘Canada is a neighbour of Russia’ when it comes to cyber threats, says Estonian Defense Minister. Retrieved December 02, 2017 from http://www.cbc.ca/news/politics/nato-head-warns-canadaover-russia-1.4407919 9 Page 4 of 9 security affairs then becomes the vulnerability of the United States cyber security. 12 Extensive investment in foreign cyber security must not be performed without proper precaution, as vulnerability is interchangeable between nations and awareness is not as focused on the nation providing assistance, that being the United States. 13 NATO is now looking to reinforce their cyber capabilities in response to Russia’s increasing threats. The United States is struggling in deciding how best to address the issue of cyber-infiltration and spread of misinformation as there is no specific instruction within international law to explicitly identify and address cyberwarfare. 14 It would be in the best interest of the United States to implement a plan of action, as France has done regarding their elections, but despite the fact that the United States has not put this particular procedure into practice the U.S. sets the precedent for response to Russian attacks because of the resources and knowledge available. Europe has no identifiable technological leader within its borders and relies on the United States to provide a reference in regards to the response that is to be performed. 15 Russia’s behavior continues to make the Euro-Atlantic security environment less stable and predictable allowing any member of NATO that feels there is a threat significant enough, Article 5 of the North Atlantic Treaty can be invoked; Article 5 presenting the principle that an attack on an individual member of NATO is an attack on all members of the organization, resulting in an attack on Russia by force in retaliation of cyber-attacks. 16 17 18 Figure 2 Ferdinando, L. (2015, February 19). Dempsey: Russia, Terrorists, Cyber Among Top Threats. Retrieved December 02, 2017 from https://www.defense.gov/News/Article/Article/64134/dempsey-russia-terrorists-cyberamong-top -threats/ 13 Barnes, J.E. (2017, November 07). NATO to Discuss Bolstering Cyberwarfare Capabilities. Retrieved December 02, 2017 from https://www.wsj.com/articles/natio-to-discuss-bolstering-cyberwarfare-capabilities1510071706 14 Larson, S. (2017, November 3). Is Russian social media meddling 'cyberwarfare'? Retrieved December 02, 2017, from http://money.cnn.com/2017/11/03/technology/business/russian-social-media-info-ops-cyberwar/index.html 15 Nougayrede, N. (2017, November 04). Beware: this Russian cyber warfare threatens every democracy| Natalie Nougayrede. Retrieved December 2, 2017, from http://www.theguardian.com/commentisfree/2017/nov/04/bewarerussian0cyber-warfare-threatens-every-day-democracy-kremlin 16 NATO. (2017, June 16). Relations with Russia. Retrieved December 02, 2017, from https://www.nato.int/cps/en/natolive/topics_50090.htm 17 Larson, S. (2017, November 3). Is Russian social media meddling 'cyberwarfare'? Retrieved December 02, 2017, from http://money.cnn.com/2017/11/03/technology/business/russian-social-media-info-ops-cyberwar/index.html 18 Barnes, J.E. (2017, November 07). NATO to Discuss Bolstering Cyberwarfare Capabilities. Retrieved December 02, 2017 from https://www.wsj.com/articles/natio-to-discuss-bolstering-cyberwarfare-capabilities1510071706 12 Page 5 of 9 Russia, while they participate in the election process, has a very corrupt election system. The action of voting itself in Russia is an insult to American democracy because of the significant amounts of corruption. In the 2016 Presidential election, Vladimir Putin’s election was so predictable voter turn-out hit an all-time low of 47.8% with most voters believing that participation in Russian elections is ineffectual because the end result is a product of fraud. 19 It is evident that the mistrust of Russian officials is the mistrust that the Russian government wants to associate with Western democracy. Russia is assuming a more assertive cyber position based on its willingness to target critical infrastructure systems and conduct covert operations even when detected and under increased public scrutiny. 20 Russian cyber operations are likely to target US interests to support several strategic objectives, such as that to undermine democracy. 21 19 DATA TEAM. (2016, September 19). Fraud in Russia's elections. Retrieved December 02, 2017, from https://www.economist.com/blogs/graphicdetail/2016/09/daily-chart-12 20 Connell, M. et. all, (2017 March). Russia’s Approach to Cyber Warfare. Retrieved December 02, 2017, from https://www.cna.org/cna_files/pdf/DOP-2016-U-014231-1Rev.pdf 21 Ibid Page 6 of 9 Figure 3 Page 7 of 9 Page 8 of 9 Figure Sources Figure 1: http://www.pewglobal.org/2015/06/10/nato-publics-blame-russia-for-ukrainian-crisis-but-reluctant-to- provide-military-aid/russia-ukraine-report-18/ Figure 2: http://assets.pewresearch.org/wpcontent/uploads/sites/2/2017/07/27165328/PG_2017.08.01_Global Threats_04.png Figure 3: https://www.economist.com/blogs/graphicdetail/2016/09/daily-chart-12 Page 9 of 9