Assassination’s Modern Counterpart in Cyberwarfare

Assassination’s Modern Counterpart in Cyberwarfare

Political dissidents from Russia may fear physical assassination less these days, but character assassination through cyber means is on the rise—with new dangers for US citizens.

 

Maskirovka—the Russia word for “deception”—describes Russia’s geopolitical strategy over the past century and a half. The Soviet Union’s covert intelligence agencies, such as the KGB and now FSB, assassinated outspoken critics of Kremlin policies and conducted disinformation campaigns against the United States. When communism fell, the new Russian Federation apparently cast off the old Soviet ways. Yet the current Russian President—a former KGB officer—seems to be bringing back old Soviet habits in a revolutionary way with information operations, conducting “cyber” assassinations that leave the target alive but ruin his or her personal life. The US should consider a two-part response plan: make a cyber peace treaty with Russia and bolster security for vital US databases. Instead of expecting more physical assassinations, the United States should anticipate a new manifestation of Russian maskirovka: cyber disinformation campaigning.

The Old Soviet Man

The Soviet Union’s intelligence apparatus—whether it be the Cheka, NKVD, or KGB—used a tool known as wet working or executive action. “Liquid affairs” refer to covert assassinations and kidnappings of political targets.1 Three of the most defining Soviet assassinations—Leon Trotsky, Lev Rebet, and Stepan Bandera—paint the overall picture of KGB-style executive actions.

Leon Trotsky, an integral Marxist revolutionary and founder of the Soviet Union, held office in the USSR from 1917 to 1927. During his tenure, Trotsky openly criticized Joseph Stalin’s power acquisition and governmental bureaucratization. In a move to consolidate power, Stalin ordered Trotsky’s expulsion from the Soviet Union, but even during his exile, Trotsky attempted to destabilize Stalin’s rule by publicly criticizing Stalin’s leadership of the Soviet Union.2 Stalin finally ordered the NKVD to assassinate Trotsky while he was in Mexico. Ramon Mercader, an NKVD agent, smashed in Trotsky’s head with an ice-axe—but the blow did not kill him. Instead, Leon Trotsky died in a hospital bed two days later, these words resting on his lips: “I will not survive this attack. Stalin has finally accomplished the task he attempted unsuccessfully before.”3

Trotsky’s assassination received international attention. In contrast, the deaths of Lev Rebet in 1951 and Stepan Bandera in 1961 would have gone unnoticed if their killer, Bogdan Stashinsky, had not defected to Germany. Stepan Bandera and Lev Rebet were outspoken critics of the Kremlin. Investigators originally thought that both had died from heart failure. However, Stashinsky explained that he killed the two with a vapor gun that emitted a poisonous gas, simulating the effects of heart failure.4

In addition to assassinations, the Soviet Union carried out disinformation campaigns, known by the Soviets as “active measures.”5 The USSR attempted many times to promulgate false information in order to foster anti-American sentiment. Vasil Mitrokhin, a long-term KGB archivist, recorded many of these attempts in the Mitrokhin Archive. The Archive is now public record and a trove of KGB secrets.

According to the Archive, the Soviets attempted to implicate the Central Intelligence Agency in President John F. Kennedy’s assassination. KGB operatives forged a fake letter between Lee Harvey Oswald and Howard Hunt, a former CIA operative, in which Oswald asked for more operational information before attempting to assassinate the president.5

The Soviets also claimed that the United States created AIDS. Jakob Segal, a Russian biologist, claimed that he had evidence indicating that scientists at U.S Fort Detrick concocted the auto-immune deficiency syndrome.5 The active measure operation was given the code name INFEKTION.6

 Common Elements

 Several key themes permeate the Soviet liquid affairs and active measure campaigns. Misinformation and illusion constituted the backbone of several covert Soviet operations in denial and deception. While Trotsky’s assassination was public knowledge, Rebet and Bandera’s assassinations would have gone unnoticed. Stashinsky’s defection and testimony revealed the insidious motives behind each of their deaths. The Mitrokhin Archives revealed the Soviet Union’s attempts to blame JFK’s assassination on the CIA and AIDS on the United States. These were calculated conspiracy theories. The Soviets designed these misinformation tactics to undermine Americans’ faith in their own country.

Additionally, the Soviets preferred to use proxy-operators, demonstrating their long-reaching influence. The NKVD recruited a Mexican operative, on the other side of the world, to carry out an in-house assassination.2 The KGB implanted false letters and exploited press contacts, also on the opposite side of the world and without detection, in order to bolster conspiracy theories.5 In both of these instances, the Soviet Union went undetected until the release of the Mitrokhin Archive in 1992, after the end of the Cold War.

Most of the Soviet covert operations fall under one final motive: to eliminate dissension against the Kremlin. This made any journalist, political figure, or defecting agent susceptible to elimination.

These themes and motives did not die with the fall of the Soviet Union.

19-3-kish-2

The New Russian Man

The Russian Federation has been implicated in killing outspoken critics against the Kremlin and facilitating cyber-attacks on other nations. Incidents such as Anna Politkovskaya’s assassination and the cyber operations in Estonia and Georgia show that Putin may be reawakening old KGB practices—if indeed they ever stopped.

Anna Politkovskaya wrote many pieces critiquing Russian human rights abuses in the Second Chechen War. In one of her books, Putin’s Russia, she claims “We are hurtling back into a Soviet abyss, into an information vacuum that spells death for our own ignorance.”7 She was shot dead in Moscow on October 7, 2006. The murder trial determined that a Chechen assassinated Politkovskaya, but a number of people, including an FSB lieutenant, were involved. The defense in her murder trial believed that a Russian politician ordered her killing.8 Her death, along with others like Stanislav Markelov, Anastasia Baburova, and Natalia Estemirova, demonstrates a pattern of dissent and disappearance.

Alexander Litveneko, a former KGB agent and outspoken critic of Vladimir Putin, randomly fell ill in London on November 23, 2006. British health officials said that Litveneko died of radiation poisoning from high levels of polonium-210 isotope.9 On his deathbed, Litveneko stated, “You may succeed in silencing one man but the howl of protest from around the world will reverberate, Mr. Putin, in your ears for the rest of your life.”10 Russia’s implicated involvement in Litveneko’s death, much like Leon Trotsky’s assassination, evinces Russia’s long-reaching arm.

Now Add Hacktivism

In addition to assassination, Russia has facilitated hacktivist groups and non-state-sponsored cyberwarfare against other nations. The cyber operations conducted against Estonia and Georgia within the past decade illustrate a modern adaptation of old Soviet habits.

In April of 2007, the Ansip government in Estonia dismantled the Bronze Soldier statue in Tallin. The statue reminded most Estonians of Soviet occupation and oppression. In response, several Russians associated with the Nashi Youth Group protested outside the Estonian embassy in Mexico. Riots broke out across Estonia and amongst the chaos, a group of hacktivists initiated a direct denial of service (DDoS) attack on critical Estonian government servers.11

Estonian investigators believe that Russian hacktivists carried out the cyber-attack. Several members of the Nashi claimed responsibility for the DDoS attack. Russia has a history of outsourcing its cyberwarfare efforts to Russian-backed hacktivist movements like the Nashi and the Russian Business Network.12

A year later, while Russia invaded Georgia, another massive DDoS attack forced significant Georgian government websites to shut down. Targets included the Georgian president, the Georgian parliament, the defense and foreign affairs ministries, the National Bank of Georgia, and several news agencies.11 The Georgians believed that Russia was somehow related to the attack and implemented Russian IP blockers.

The suspicious killings, poisonings, and cyber-attacks of the past decade
exhibit the same themes as Soviet KGB liquid affairs and active measures. Poisoning the Kremlin dissenter Alexander Litveneko in London fits with Soviet habits: making the killing seem natural, demonstrating a long-reaching influence, eliminating dissension. The Estonian and Georgian cyber assaults show other themes such as using proxy-operators and illusion. The Russian Federation, as a facilitator for hacktivism and cyber-crime, asserts itself as a dirty player on the geopolitical chessboard.

 The Russian Mindset on Cyber Disinformation Operations

Two documents, the Military Doctrine and the Doctrine on Information Security of the Russian Federation, establish the Russian doctrine on information warfare (IW). Russia’s primary goal in IW is to influence any opponents’ decision-making process and control their actions.13 14 This goal, combined with the maskirovka mentality, establishes the latest threat Russia poses to United States national security: cyber disinformation campaigning.

Mashal Mikolai Orgakov, the chief Soviet General Staff in the 1980s, explained that Russia, over the next several years would experience a Military Technical Revolution (MTR).11 This revolution would shift Russian offenses from mass-armed operations to technologically-driven operations. When Orgakov made this observation, technical operations were limited because interconnected networks were still in the developmental phase. However, in the past decade and a half, everyone and every system has connected to multi-server networks.

From a tactical standpoint, the Russian’s recognize that every system—whether nation, organization, or group—has a center of gravity (CoG) and a series of critical vulnerabilities (CVs). These include systems such as telecommunications, banking/financial systems, and power grids—all exploitable over network hacking.11 Russia believes that information warfare should be used in peacetime and wartime. Information manipulation can influence the outcome of any war with illusions and lies.14 Russia has explicitly stated that she will seek to control her enemies by fostering false interpretations of reality, also known as disinformation campaigning.

Integral to a disinformation campaign is the ability to access national and international databases. Yulia Stepanova, the Russian 800-meter runner in the 2014 Winter Olympics, revealed a Russian government-sponsored doping regimen for Olympic athletes.15 Stepanova, fearing Russian retaliation, fled to the United States with her family. Two years later, the World Anti-Doping Agency (WADA) revealed that a hacking group targeted Stepanova’s account in the agency’s database, illegally obtaining her address in the United States.15 The isolation of the attack in combination with Russia’s propensity to use proxy-operators to carry out her dirty work points to one conclusion: Russia has the ability to get access to databases in order to inform information operations.

More recently, Crowdstrike, the cybersecurity company hired to investigate the infiltration of the Democratic National Committees’ servers, attributes two significant server security breaches to Russian intelligence agencies. Investigators believe that the WikiLeaks contributor, “Guccifer 2.0”, released over 20,000 emails stolen from the DNC servers.16 Both the CIA and FBI are investigating Guccifer’s link to the GRU, Russia’s military intelligence agency.

The US Needs to Prevent a Cyber Cold War

Vladimir Putin has re-instituted the Soviet habits of illusion, deception, and dissension deterrence by proxy operators, with vigor. Although the United States and the international community cannot officially blame Russia for criminal hacktivism, the United States should consider a two-part solution: peace and protection.

First, the United States should pursue a cyberwarfare peace treaty with Russia. The Motherland recognizes in its doctrinal documents that cyberwarfare could be just as destructive as nuclear war.11 The main drive behind cyberwarfare is command and control operation. If one country could neutralize another country’s network-rooted infrastructure, there would be a drastic economic and security fallout. In order to avoid a cyber Cold War with Russia, the United States should pursue a peace treaty.11

However, as history has shown, Russia does not necessarily honor such agreements. Therefore, the US should prepare for counteroffensive cyber-strategies that address the capabilities of both Russian intelligence cyber-operations and non-state-sponsored hacktivist groups.

One target, for example, could be the Justice Department. Russia could try to   prevent potential analysts from obtaining security clearances by adding false criminal records or fabricated foreign contacts to their files. The attacks on the DNC servers show that there is a possibility cyberwarfare operatives could gain access to such records.

Cyberwarfare is not limited to any tangible domain. The United States should put protections in place that sprevent both state-sponsored cyber-attacks or irregular attacks from hacktivist groups operating within Russia. The Russian Federation maintains the same strategies and motives as the Soviet Union. Both KGB-style assassinations and Russian-implicated deaths around the globe fall under the common themes of denial, deception, and illusion. Soviet active measure campaigns and Russian cyber operations maintain the tendency to use proxy-operators. Russia does not like clarity; it prefers to have shadows cast over her actions in order to support an aura of illusion and omnipresence. ■

  1. Norman, Polmar. Spybook: The Encyclopedia of Espionage. Random House, 1997.
  2. Cummins, Joseph. The War Chronicles, from Flintlocks to Machine Guns: A Global Reference of All the Major Modern Conflicts. Beverly, MA: Fair Winds Press, 2009. 274.
  3. Broome, Mikayla. “Leon Trotsky.” Prezi.com. 2013. Accessed September 15, 2016. https://prezi.com/m/9hns-xlqrtyp/leon-trotsky/.
  4. “Soviet Use of Assassination and Kidnapping.” Central Intelligence Agency. 2011. Accessed September 15, 2016. https://www.cia.gov/library/center-for-the-study-of-intelligence/kent-csi/vol19no3/html/v19i3a01p_0001.htm.
  5. Andrew, Christopher M., and Vasili Mitrokhin. The Sword and the Shield: The Mitrokhin Archive and the Secret History of the KGB. New York: Basic Books, 1999. xxiv.
  6. “Operation INFEKTION.” Central Intelligence Agency. 2010. Accessed September 15, 2016. https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/vol53no4/soviet-bloc-intelligence-and-its-aids.html.
  7. Politkovskaya, Anna. Putin’s Russia: Life in a failing Democracy. New York: Metropolitan Books, 2005.
  8. “Geopolitical Diary: The Curious Politkovskaya Case.” Stratfor. August 28, 2007. Accessed September 15, 2016. https://www.stratfor.com/geopolitical-diary/geopolitical-diary-curious-politkovskaya-case?0=ip_login_no_cache=957b56ca6d346ba1bda81ea48935c560.
  9. “The Litvinenko Case and the Obstacles to Cross-Territorial Investigations.” Stratfor. December 9, 2006. Accessed September 15, 2016. https://www.stratfor.com/analysis/litvinenko-case-and-obstacles-cross-territorial-investigations.
  10. “In Full: Litvinenko Statement.” BBC News. November 24, 2006. Accessed September 15, 2016. http://news.bbc.co.uk/2/hi/uk_news/6180262.stm.
  11. “Emerging Cyber Threats and Russian Views on Information Warfare.” March 2010. http://www.foi.se/reportfiles/foir_2970.pdf.
  12. Jones, Andy, and Gerald L. Kovacich. Global Information Warfare: The New Digital Battlefield. Auerbach Publications, 2015.
  13. “The Military Doctrine of the Russian Federation.” Theatrum Belli. December 5, 2015. Accessed September 15, 2016. http://www.theatrum-belli.com/the-military-doctrine-of-the-russian-federation/.
  14. War, World In. “Information Security Doctrine of the Russian Federation (draft) #cybersecurity – World in War.” World in War. 2016. Accessed September 15, 2016. http://www.worldinwar.eu/information-security-doctrine-of-the-russian-federation-draft/.
  15. “The Long Arm of Russian Intelligence.” Stratfor. August 25, 2016. Accessed September 15, 2016. https://www.stratfor.com/weekly/long-arm-russian-intelligence.
  16. “Here’s What We Know About Russia and the DNC Hack.” Wired.com. August 27, 2016. Accessed September 15, 2016. https://www.wired.com/2016/07/heres-know-russia-dnc-hack/.

Image credits—

  • Sönke Städtler | https://www.flickr.com/photos/soenke-s/13309415983
  • Vladimir Putin | http://en.putin.kremlin.ru/bio

About Stephen Kish

Stephen Kish has created 6 entries.

Post A Comment

YOUR CAPTCHA HERE