Hybrid War as a War on Governance / ISN | Report Says Russia Likely Funded Hackers That Targeted NATO, U.S. Gov’t: ‘Significant International Security Implications’

September 17, 2015

Hybrid War as a War on Governance / ISN - By Mark Galeotti and Octavian Manea for Small Wars Journal: This interview was originally published by the Small Wars Journal on 19 August 2015. As Clausewitz emphasized, we first need to understand exactly the nature of the war/threat that we are confronted with. What are the core features of this Russian approach on hybrid warfare? The key thing is to realize the extent to which we all need to return to the essential – almost Clausewitzian – notion of war. In this context, war is a political instrument... Russia is ahead of the curve in global organized crime, where you have a political-criminal-business elite, that is not formed by Tony Soprano-like figures, but from businessmen who have a portfolio of interests that ranges from the essentially legitimate through to the grey and then wholly illegal activities. The boundaries between organized crime, intelligence operations, state-operations have become increasingly unclear... If someone looks at the underlying economic essentials, Russia is not a global super-power, but somewhere between Italy and Brazil. For these reasons, Russia should be as economical as possible: leverage its strengths and exploit the weaknesses of the adversary. But this places a huge premium on effective intelligence in the broader sense of the word.

Report Says Russia Likely Funded Hackers That Targeted NATO, U.S. Gov’t: ‘Significant International Security Implications’: Two new malware tools identified by the researchers are what allowed them to link the group and the attacks more to the Russian government, though the report only says that the evidence “in our opinion [suggests] that the group operates on behalf of the Russian Federation.”

_________________________________

Russian mafia stealing millions from Cancun tourists using ATM skimming devices
Thursday September 17th, 2015 at 11:38 AM

News | Mail Online

Around $5million being stolen from holidaymakers in Cancun every month
Investigation found 19 compromised ATMs along Mexico's Caribbean coast
Rigged with card reading technology and Bluetooth device to retrieve data
Fraudsters allegedly paying ATM technicians to get inside cash machines

By Alasdair Baverstock for MailOnline

Published: 07:26 EST, 16 September 2015 | Updated: 09:47 EST, 16 September 2015

210 shares

The Russian mafia is stealing millions of dollars from tourists on Cancun beaches by rigging ATM machines with the 'most advanced data-stealing hardware ever' which can easily be bought online for just $550, warns a security expert.

The disturbing claims follow an investigation into the tourist hot spot of Cancun - visited by around five million holidaymakers every year - which welcomed around five million holidaymakers last year - which found that 19 separate cash machines had been fitted with the technology.

Brian Krebs, a distinguished cyber-security journalist, claims gangsters are bribing poorly-paid ATM technicians to let them hide tiny devices inside the card slot and the PIN pad.

These steal the card's data and store it on special Bluetooth devices which have also been installed inside the cash machines.

Cyber thieves use their phones to connect to this device - which can hold the data of around 32,000 people - and use the stolen information to empty their victims' bank accounts.

Scroll down for videos

Copy link to paste in your message

Fraud: An investigation found 19 ATM machines in Cancun (pictured), Mexico, were rigged with data-stealing technology

Copy link to paste in your message

Hardware: Hidden inside the card slot were keypad readers (pictured) which steal its information

Copy link to paste in your message

Business: MailOnline discovered a website online which sells the 'ATM skimming' technology being used to steal money from tourists for just $550

Copy link to paste in your message

Sophisticated: The data is stored on Bluetooth devices (pictured) which can store the data of 32,000 users

Copy link to paste in your message

Targets: Holidaymakers in Cancun (pictured) are being scammed out of around $5million a month, cyber security journalist Brian Krebs told MailOnline

Share this article

210 shares

Krebs recently spent four days investigating the compromised cash machines down Mexico's Caribbean coast.

He told MailOnline the fraudulent ATMs are linked to the Russian mafia, preying on the vast number of holidaymakers in Mexico's most popular resorts.

Krebs added: 'This is certainly the most advanced bank machine fraud technology I've ever seen.'

To access the data, the cyber thief simply walks to within a few metres of the machine, connects through a passcode to the Bluetooth beacon, and downloads the data.

This library of information is then sold to online fraud organisations, which make bogus charges to the card.

As much as $5million a month is fraudulently stolen from visitors to Cancun who have used independent (non-bank) ATMs with these data stealing systems installed, Krebs claimed.

Krebs said that this new technology far outstrips any ATM data that has come before it.

'When you think that traditional ATM skimmers rely on hidden camera technology and false PIN pads, then this is a huge leap forward in cyber theft,' he said.

'Hidden cameras need to be replaced and recharged every 12 hours because they're filming continuously,' he said.

'These Bluetooth beacons can sit gathering data for months, and it takes only five seconds to wirelessly access all of that information without ever touching the ATM.'

Investigation finds hacked ATMs across tourist resort of Cancun

Loaded: 0%

Progress: 0%

00:00

LIVE

MinimizeExpandClose

Copy link to paste in your message

Crime: Cyber thieves simply walk near the machine, connect to the Bluetooth beacon and download the data

Copy link to paste in your message

Hot spot: Around five million people visit the popular resorts on Mexico's Caribbean coast (pictured) every year

Krebs, whose website tracks the latest trends in cyber crime, says that the only way for an ATM to be compromised is the complicity of the technician who looks after it.

'There have been reports of men with Eastern European accents approaching technicians and offering them over 100 times their salary for access to the inside of the ATMs they supervise', Krebs told MailOnline.

The Russian mafia on Mexico's Caribbean coast is a well-known criminal organisation.

'These ATM technicians earn very little, so a couple of thousand dollars is hard for them to turn down, although organised crime in the Cancun region is very brutal.

'It would be just as easy for them to send them a picture of their child as a threat', he said. 'That wouldn't surprise me at all'.

'We know the technicians are complicit because only they have access to the manufacturers' security keys', he said. 'It's only them that can install these devices to the keypad and inner circuitry'.

The compromised ATMs that Krebs found transmitted a Bluetooth network signal which appeared as 'Free2Move'.

A closed network needing a passcode to access it, Brian found the same signal at 19 separate stand-alone ATMs throughout Cancun, Playa del Carmen, Tulum and Cozumel, the most popular resorts along Mexico's Caribbean coast.

He even found a compromised ATM inside the Marriott hotel where he stayed in Cancun, the first port of call on his trip, he claimed.

He said he found three others in the $600-per-night exclusive Barcelo resort, multiple in the resort's popular Caracol shopping centre, and even one in Cancun's international airport.

Brian Krebs explains how cyber thieves rigged the ATMs

Loaded: 0%

Progress: 0%

00:00

LIVE

MinimizeExpandClose

Copy link to paste in your message

'When you think that traditional ATM skimmers rely on hidden camera technology and false PIN pads (pictured), then this is a huge leap forward in cyber theft,' cyber security journalist Brian Krebs told MailOnline

Copy link to paste in your message

Brian found the same signal at 19 separate stand-alone ATMs throughout Cancun, Playa del Carmen, Tulum and Cozumel, the most popular resorts along Mexico's Caribbean coast

A spokeswoman for the Barcelo Costa Cancun resort stated that 'the hotel is unaware of any wrongdoing connected with their ATMs.'

He added: 'We the staff have used these cash machines for years and never encountered any fraudulent activity on our bank statements.'

'We have a tendency to think badly about Mexico because of these kind of unchecked security breaches,' Krebs told MailOnline, 'But this could just as easily occur in the United States.

'For a stand-alone ATM to be profitable it needs around 500 transactions per month.

'If you can compromise just one machine and charge each additional card with the average $500, then you've made a quarter of a million.'

'So how hard can it be to bribe a single technician when you've got multiple ATMs collecting your data?'

MailOnline found a website specialising in ATM skimming technology, which sells the same equipment that Brian Krebs found being used in Mexico.

For just $550 one website sells equipment that has allowed Mexican cyber thieves to steal millions risk-free.

A legitimate Swedish company of the same name produces the 'Free2Move' Bluetooth beacon used in the ATM skimming technology.

Cyber thieves reprogram the hardware to store card data once inside the ATM.

Copy link to paste in your message

Advanced: For just $550 (pictured) sells equipment that allows fraudsters to steal millions risk-free, and a 'magnetic stripe reader' goes for $2,000

Copy link to paste in your message

Expensive: The same website sells a battery for the 'ATM skimming' technology for $550

'The best advice I can give to people wanting to avoid these scammers is to always use ATMs inside banks,' says Brian.

'Bank-owned machines have dedicated staff supervising them, while independent stand-alone machines like the ones you find in hotels, supermarkets and shopping malls have a single and much more corruptible technician who supervises a network of them.'

'Either that or always use your credit card.'

Many travel companies warn tourists of the rampant scams that abound in Cancun. USA Today claims that 'while most local criminals are not looking to hurt you, they do want to take money from unsuspecting tourists.'

Other common Cancun scams include petty thieves dressing as hotel staff and demanding additional fees, dressing as police officers and demanding bribes of rental car-driving tourists or shining shoes while another picks a client's pocket.

The Cancun District Attorney's Office refused to reply to MailOnline's repeated requests for comment. The Casa Magna Cancun Marriott declined to comment.

Krebs' three-part investigation into ATM-skimming in the world's most popular resort is serialised on his website.

Share or comment on this article

Read the whole story

· · · · · · · · · · · · · · · · · · · · ·

Report Says Russia Likely Funded Hackers That Targeted NATO, U.S. Gov’t: ‘Significant International Security Implications’
Thursday September 17th, 2015 at 11:38 AM

TheBlaze.Com - Blog

A security firm released a new report this week linking the Russian government to funding a group of hackers that have attacked governments and political groups worldwide.

Photo credit: Shutterstock

F-Secure, which is based in Finland, published a whitepaper identifying a group called the “Dukes” and saying that they believe its hackers have been “working for the Russian Federation since at least 2008 to collect intelligence in support of foreign and security policy decision-making. More specific targets, according to the report include NATO, a U.S. foreign policy think tank and other ministries in countries like Georgia, Turkey, Uganda and several others. Though not specifically named in the report, a researcher said the group might have been involved in targeting the White House and State Department as well.

While the tech site the Verge pointed out that malware used by the Dukes for cyberespionage have been reported on before, it called this report “the most definitive evidence yet that the Russian government has been sponsoring the attacks.”

“The research details the connections between the malware and tactics used in these attacks to what we understand to be Russian resources and interests. These connections provide evidence that helps establish where the attacks originated from, what they were after, how they were executed, and what the objectives were. And all the signs point back to Russian state-sponsorship,” Artturi Lehtio, F-Secure’s lead researcher for this report, said in a statement.

The report named the various malware tools employed by the Dukes — MiniDuke, CosmicDuke, OnionDuke, CozyDuke, CloudDuke, SeaDuke, HammerDuke, PinchDuke, and GeminiDuke — andreported that they engage in “biannual large-scale spear-phishing campaigns against hundreds or even thousands of recipients associated with governmental institutions and affiliated organizations.”

This type of attack, F-Secure described as “noisy,” but if the information collected is valuable, the firm reported that the hackers “quickly switch the toolset used and move to using stealthier tactics focused on persistent compromise and long-term intelligence gathering.”

Two new malware tools identified by the researchers are what allowed them to link the group and the attacks more to the Russian government, though the report only says that the evidence “in our opinion [suggests] that the group operates on behalf of the Russian Federation.”

“The connections identified in the report have significant international security implications, particularly for states in Eastern Europe and the Caucasus,” Patrik Maldre, a junior research fellow with the International Center for Defense and Security, said in a statement. “They shed new light on how heavily Russia has invested in offensive cyber capabilities, and demonstrate that those capabilities have become an important component in advancing its strategic interests. By linking together seven years of individual attacks against Georgia, Europe, and the United States, the report confirms the need for current and prospective NATO members to strengthen collective security by increasing cyber cooperation in order to avoid becoming victims of Russian information warfare, espionage, and subterfuge.”

In April, Russian hackers were linked to attacks on the White House network. The State Department also reported that its computers had been targeted by hackers that month as well. While the Verge pointed out that F-Secure’s report doesn’t implicate the Dukes in these attacks, it reported researcher Lehito said that the firm believes “it is possible that the Dukes are also behind the recent compromises of the State Department and the White House.”

Read F-Secure’s full report.

(H/T: Gizmodo)

—

Front page image via Shutterstock.

Read the whole story

· · ·

F-Secure Linked Cyberattacks to Russian Intelligence Gathering | news.sys-con.com
Thursday September 17th, 2015 at 11:37 AM

F-Secure Linked Cyberattacks to Russian Intelligence Gathering

F-Secure Labs Links Nearly a Decade of State-Sponsored Cyberattacks to a Group of Hackers Backed by Russia

By Marketwired .	Article Rating:
September 17, 2015 02:00 AM EDT

SAN JOSE, CA -- (Marketwired) -- 09/17/15 -- A new report published by F-Secure Labs links a number of state-sponsored cyberattacks to a hacking group engaged in Russian intelligence gathering. The whitepaper provides an in-depth analysis of a hacking group called "the Dukes," and outlines seven years of their attacks against governments and related organizations in the United States, Europe and Asia.

The report provides a detailed account of "the Dukes" -- a group of attackers using a family of unique malware toolsets used to steal information by infiltrating computer networks and sending the data back to attackers. According to the report, the group has been using these toolsets to launch cyberattacks that support Russian intelligence gathering for at least seven years.

Specific targets of the attacks discussed in the report include the former Georgian Information Center on NATO (now called the Information Center on NATO and EU), the Ministry of Defense of Georgia, the ministries of foreign affairs in both Turkey and Uganda and other government institutions and political think tanks in the United States, Europe and Central Asia.

Artturi Lehtiö, the F-Secure researcher heading the investigation, said the new analysis strengthens claims that the group is backed by Russia and is working to support Russian intelligence gathering. "The research details the connections between the malware and tactics used in these attacks to what we understand to be Russian resources and interests. These connections provide evidence that helps establish where the attacks originated from, what they were after, how they were executed, and what the objectives were. And all the signs point back to Russian state-sponsorship."

The Dukes use nine different variants of malware toolsets, and while many of those toolsets were previously known to researchers, it was Lehtiö's discovery of two new variants that allowed him to make new connections between the group and the attacks. According to Patrik Maldre, a junior research fellow with the International Center for Defense and Security, these connections provide vital information that researchers can use to put together a bigger picture about how Russia uses cyberattacks to support their intelligence gathering and political objectives.

"The connections identified in the report have significant international security implications, particularly for states in Eastern Europe and the Caucasus," said Maldre. "They shed new light on how heavily Russia has invested in offensive cyber capabilities, and demonstrate that those capabilities have become an important component in advancing its strategic interests. By linking together seven years of individual attacks against Georgia, Europe and the United States, the report confirms the need for current and prospective NATO members to strengthen collective security by increasing cyber cooperation in order to avoid becoming victims of Russian information warfare, espionage, and subterfuge."

Mika Aaltola, program director for the global security research program at the Finnish Institute of International Affairs, said the report has special significance for countries in Northern Europe. "Smaller countries, such as Sweden and Finland, are particularly vulnerable to this kind of espionage. Nordic and Baltic countries are always trying to balance Russian and Western interests, and Russia uses their cyberattack capabilities to find ways to tip the balance in their favor. Attributing cyberattacks is notoriously challenging, which lets Russia deny their activities in this space, and exert their influence in much softer, much less visible ways."

Both Maldre and Aaltola are currently working on research that incorporates Lehtiö's study on the Dukes. Lehtiö's whitepaper, called "The Dukes: 7 Years of Russian Cyberespionage," is now available for download from F-Secure Labs.

More information:The Dukes Whitepaper
History of the Dukes
F-Secure Labs

F-Secure - Switch on freedomF-Secure has been defending tens of millions of people around the globe from digital threats for over 25 years. Our award-winning products protect people and companies against everything from crimeware to corporate cyberattacks, and are available from over 6000 resellers and 200 operators in more than 40 countries. We're on a mission to help people connect safely with the world around them, so join the movement and switch on freedom!

Founded in 1988, F-Secure is listed on NASDAQ OMX Helsinki Ltd.

f-secure.com | twitter.com/fsecure | facebook.com/f-secure

Published September 17, 2015
Copyright © 2015 SYS-CON Media, Inc. — All Rights Reserved.

Read the whole story

· · · ·

Are Russian Hackers Using Monkey...
Thursday September 17th, 2015 at 11:36 AM

Google News

Are Russian Hackers Using Monkey Videos to Attack US?

<a href="http://NBCNews.com" rel="nofollow">NBCNews.com</a> - ‎1 hour ago‎

Hackers backed by Moscow have been carrying out a seven-year campaign to steal intelligence information from western governments and organizations, a report from cybersecurity researchers F-Secure claims. Specific targets of the attacks detailed in the ...

Report Says Russia Likely Funded Hackers That Targeted NATO, U.S. Gov't ...

<a href="http://TheBlaze.com" rel="nofollow">TheBlaze.com</a> - ‎2 hours ago‎

A security firm released a new report this week linking the Russian government to funding a group of hackers that have attacked governments and political groups worldwide. Photo credit: Shutterstock. F-Secure, which is based in Finland, published a ...

Kremlin-Backed Hackers Spying on Europe, Asia, US: F-Secure

NDTV - ‎3 hours ago‎

Russia has been sponsoring systematic cyberespionage in Europe, the US and Asia for seven years, Finnish data security firm F-Secure claimed in a report published on Thursday. The report "links a number of state-sponsored cyber attacks to a hacking ...

Kremlin-backed hackers spying on Europe, Asia, US: cybersecurity firm

Times LIVE - ‎3 hours ago‎

Russia has been sponsoring systematic cyberespionage in Europe, the US and Asia for seven years, Finnish data security firm F-Secure claimed in a report published. Regulate supplement industry to fight scams · Judge hammers porn company's 'blackmail ...

Report: Russian Government Has Been Running a 7-Year Malware Campaign

Gizmodo - ‎8 hours ago‎

According to a new report by security researchers at F-Secure Labs, hacking groups funded by the Russian government have been a running a large-scale malware campaign that's hit the likes of NATO and U.S. government institutions. The new report ...

A new report ties the Russian government to a seven-year malware campaign

The Verge - ‎9 hours ago‎

A new report from F-Secure has found evidence that the Russian government is behind the widespread Duke malware strain, orchestrating a seven-year campaign that has targeted Chechnya, NATO and possibly as far as the State Department and White ...

F-Secure warns of Russian state-supported cyber espionage

<a href="http://ComputerWeekly.com" rel="nofollow">ComputerWeekly.com</a> - ‎48 minutes ago‎

F-Secure Labs has warned that a hacker group known as “the Dukes” is engaged in Russian intelligence gathering. According to a report from F-Secure, the Dukes have used a family of unique malware toolsets to steal information by infiltrating computer ...

Introducing 'The Dukes' – a Powerful Russia-backed APT Group

Infosecurity Magazine - ‎51 minutes ago‎

Security researchers at F-Secure have lifted the lid on a major new APT group they claim has been operating for the past seven years, gathering intelligence from government and related organizations in the US, Europe and Asia. Activity linked to APT29, ...

Russian Government Tied To The Dukes Hacking Group, Accused Of Seven-Year ...

Tech Times - ‎2 hours ago‎

Security researchers have found evidence that links the Russian government to a hacking group called The Dukes and claims it has been running large-scale malware campaigns and cyberespionage for at least seven years. (Photo : F Secure | Tech Times).

Dukes hacking group 'based in Moscow', claims F-Secure

Computing - ‎4 hours ago‎

And that would appear to be a conclusion shared by F-Secure's Russian rival Kaspersky, which claims that the group's working times coincides with Moscow time, as well as timestamps taken from samples of GeminiDuke, one of the toolsets used by the group ...

The Dukes accused of hacking Western governments

ITProPortal - ‎4 hours ago‎

Security firm F-Secure has accused a hacking group called The Dukes of being state-sponsored by Russia, and assaulting multiple Western government organisations, grabbing lots of data in the process. According to a whitepaper (PDF) on the group ...

7 years of malware and espionage heavily linked to Russia — F-Secure

<a href="http://Siliconrepublic.com" rel="nofollow">Siliconrepublic.com</a> - ‎5 hours ago‎

In an amazing piece of work from cybersecurity experts F-Secure, a cyber-espionage group dubbed the Dukes has been linked to seven years worth of Russian spying. The report details a timeline of attacks attributed to the Dukes, almost following a ...

Russian Government behind Malware-Aided Cyberespionage for 7 Years

Hacked - ‎6 hours ago‎

Cybersecurity researchers have discovered a state-sponsored Russian hacking group called “the Dukes” running cyber espionage operations against other Governments for nearly a decade, according to reports. Finland-based F-Secure Labs, a security firm, ...

Seven years of malware linked to Russian state-backed cyberespionage

Ars Technica UK - ‎6 hours ago‎

For the past seven years, a cyberespionage group operating out of Russia—and apparently at the behest of the Russian government—has conducted a series of malware campaigns targeting governments, political think tanks and other organizations.

Malware links Russians to 7-year global cyberspy campaign

The Register - ‎6 hours ago‎

Security researchers have shone the spotlight on an ongoing campaign by Russian cyberspies to snoop on western governments and NGOs, as well as targets in Georgia, using the Dukes malware. The Dukes group of attackers employ a family of unique ...

Russia has been using the Duke malware family to spy on other countries since ...

Graham Cluley Security News - ‎6 hours ago‎

Dukes The Russian Federation has been in cahoots with a cyberespionage gang tasked with collecting intelligence from foreign governments and affiliated organisations via "smash-and-grab" hacking attacks designed to steal as much data as possible in the ...

Russians behind western malware attacks

Fudzilla (blog) - ‎6 hours ago‎

For the past seven years, a cyberespionage group operating out of Russia on the orders of Tsar Putin have been conducting a series of malware campaigns targeting governments, political think tanks and other organizations. Researchers at F-Secure have ...

Russia: 7-year cyberwar against Nato, EU and US by Kremlin-sponsored hackers ...

Yahoo News UK - ‎7 hours ago‎

Cybersecurity researchers have uncovered a state-sponsored Russian hacking group named "The Dukes" that has allegedly carried out attacks against foreign governments and organisations over a seven year period. A new report, published by ...

Russia-backed hacking group The Dukes uncovered targeting the West

V3.co.uk - ‎7 hours ago‎

A Russian government-sponsored hacking group nicknamed The Dukes has been uncovered after a seven-year rampage against numerous Western governments and organisations. Security firm F-Secure reported uncovering the group, which it said has ...

F-Secure Linked Cyberattacks to Russian Intelligence Gathering

EIN News (press release) - ‎9 hours ago‎

/EINPresswire.com/ -- A new report published by F-Secure Labs links a number of state-sponsored cyberattacks to a hacking group engaged in Russian intelligence gathering. The whitepaper provides an in-depth analysis of a hacking group called "the ...

Russian government behind seven-year cyber-espionage campaign by 'Dukes ...

Computing - ‎9 hours ago‎

A well-resourced Russian hacking group called "Dukes" has spent nearly a decade conducting cyber-espionage attacks against Western governments on behalf of the Kremlin, Finnish security company F-Secure has claimed. The accusation against the ...

In order to show you the most relevant results, we have omitted some entries very similar to those already displayed. If you like, you can repeat the search with the omitted results included.

Read the whole story

· · · · · · · · ·

Hybrid War as a War on Governance / ISN
Thursday September 17th, 2015 at 11:28 AM

News Stories - ISN

This interview was originally published by the Small Wars Journal on 19 August 2015.

As Clausewitz emphasized, we first need to understand exactly the nature of the war/threat that we are confronted with. What are the core features of this Russian approach on hybrid warfare?

I like to use the term non-linear warfare, in part because it means nearly nothing, and doesn’t come with the intellectual baggage of a term like hybrid warfare which, after all, it is a term that was designed to discuss how insurgents fight modern armies. We don’t have yet a proper vocabulary. The key thing is to realize the extent to which we all need to return to the essential – almost Clausewitzian – notion of war. In this context, war is a political instrument. War is one means of making the other side do what you want it to do, such as simply to remain part of your sphere of influence. What this approach is really about, in a way, is about placing kinetic military operations back in the toolbox. For a long time we thought them as entirely separate: diplomacy and politics on the one hand and warfare in the other. In some ways, warfare happens when the other things fail. What this doctrine is saying is no, let’s just appreciate that in fact we are talking about a whole spectrum of capabilities that can range from soft power suasion, to economic pressure, to increasingly tough diplomatic lines to a whole gradation of military operations that can range from sending 10 people into blocking a bridge, to sending a hundred people to help foment a local insurrection, to sending 10.000 people in a full-scale war. These instruments can and should be used together rather than as entirely separate pieces. In a way, the point of non-linear war is to bring war back in to the spectrum of modern statecraft, to appreciate that it is an acceptable instrument in Russian eyes and to make sure that policy-makers and policy executors realize the importance of the political impact. It is not about metrics of casualties inflicted, how many bombing raids you manage to launch, all the things that we often see replacing actual military success as an indicator. It comes back to the political effect and the use of the military as a political instrument.

Is NATO’s Eastern Flank vulnerable to non-linear warfare?

Here is the key thing: if we look at what is going on, none of the current uses of the Russian military power should be considered the standard blueprint. If they do anything direct in the Baltic States – and I don’t actually think that they will – it will not be Crimea 2.0 or Donbass 2.0, but something that will be tailored to the situation there, to their perception of the threats and to what they actually want to achieve.

Let’s look at the three current uses of the military force. In Crimea the role of the military was to create a fait accompli. The forces were there to act as symbols of Russian statehood. In Donbass, we have forces being deployed with these manufactured local insurrections to create chaos, not because for one moment the Russians are eager for the post-industrial decaying Donbass, but precisely as a way of putting pressure on Kiev. If we look at the Baltic States, the long-range bombers that Russia is flying there are not intended to actually launch a military attack, but to create a constant political as well logistical stress on NATO. Three very different uses of military forces. The military provides a series of capacities within a highly integrated military, political, economic, social media, intelligence campaign to achieve your ends.

Why this evolution towards comprehensiveness?

It reflects a variety of processes, but the most fundamental one is the extent to which traditional war, especially between the most advanced powers, is almost incomprehensible in terms of actual direct costs, in terms of economic and political costs. There is a low-intensity war between Russia and Ukraine, but at the same time I can take a plane in Moscow and I can fly to Kiev. There is trade crossing the border, both legal and very heavily illegal. We live in a world where the old notion of war, war as a binary process, where you are at war or you are at peace, means increasingly less. So on one hand, traditional warfare is much less a usable tool. On the other hand, there is the fact that all societies now are much more casualty-averse. Even today’s Russia is not Stalin’s Soviet Union, can’t treat people as ammunition. Old traditional warfare is hardly conceivable unless it is essentially civil war where rational calculations tend to go out of the window. This is less of a new way of war so much as a way of fighting a war in a new world. It is the world that it has changed rather than the tactics and the ideas.

It is in this changed context that everyone is talking about the need to interconnect government agencies and apply a whole-of-government approach. The very reason why they are doing that is that the world has become so heavily interconnected. Of course, at the same time one of the pathologies of complex bureaucracies is departmentalization. In this respect, the Russians have an advantage. Not because they don’t have huge monolithic and often deeply competitive bureaucracies – which they do – but precisely because, at the top at least, Russia remains a pretty authoritarian regime. You have a chief executive who can force coordination in a way that is much harder in a democratic society.

Why was the Arab Spring perceived as being part of the warfare spectrum by the Gerasimov doctrine? Why has Arab Spring become an inspiration for the Gerasimov doctrine?

Two reasons, really. The first is that many Russians genuinely believe, all evidence to the contrary, that the Arab Spring – like the “color revolutions” in post-Soviet Eurasia – was the product of Western, mainly US, political technologies, engineered regime change. When viewed in those terms, these revolutions, sprung from failures of governance, seem to demonstrate Gerasimov’s point thatthese days it is frighteningly easy to shatter states and their capacity to govern. (Even if a great deal harder to ensure what follows is to your liking.) The second is a classic Russian habit, one dating back to Soviet times, of using other countries’ experiences and strategies as an allegorical way of talking about your own. When he talks about Western or US ways of political warfare, he is really talking about how Russia is planning to fight and win such conflicts, but in a way that avoids making Russia look like the bad guy.

You are a researcher who also focuses on the crime world. Is this useful in understanding the shifting boundaries of waging warfare in this new world that you are emphasizing? Projecting power through the underground crime world?

Large organized crime organizations are essentially highly entrepreneurial bureaucracies that are shifting to become highly entrepreneurial networks. It is to some extent the same kind of pattern that we see in the upper legitimate world: a transition from the old, big monolithic structures towards much more flexible ones.

Looking at the underworld shows what happens in voids of governance. Organized crime flourishes where governance fails and because no governmental system is perfect there always will be organized crime. But the scale, the size and the depth of criminal operations depend on the scale of the governance failure. Modern war is increasingly determined precisely by how one seeks to impact the other side’s governability (we see this trend particularly in Ukraine) and also how one can exploit the weaknesses of the other side’s governability. This is not new. One could look at WW2, at the campaign in Italy and the deals struck with the Mafia to provide intelligence and assistance in seizing Sicily. What is new is that what was seen as a disagreeable ad-hoc tactic is becoming the way the Russians are approaching full-spectrum warfare. It is just seen as another perfectly viable, legitimate opportunity. If we look at Crimea. when the “little green men” were deployed there, they were complemented by much less professional, much less uniformly uniformed, thuggish local “self-defense groups.” It has become clear that they were the gunmen of the local organized crime groups, pressed into service as auxiliaries. And when you look at the regime installed in Crimea from the premier down, it is very heavily penetrated by people from within the criminal world. The same pattern happened also in Donbass, where organized crime figures have become local warlords. My belief is also that some of the terrorist actions in the rest of Ukraine were carried out not directly by sympathizers of the rebellion or Russian government agents, but actually by organized crime figures paid by the Russians. Russia is ahead of the curve in global organized crime, where you have a political-criminal-business elite, that is not formed by Tony Soprano-like figures, but from businessmen who have a portfolio of interests that ranges from the essentially legitimate through to the grey and then wholly illegal activities. The boundaries between organized crime, intelligence operations, state-operations have become increasingly unclear.

Can we identify a center of gravity in non-linear warfare?

The center of gravity is necessarily in the heads of the people who make the final political decisions, and the people who influence them. Of course, people operating in essentially authoritarian regimes will tend to conceptualize the rest of the world in similar terms. I am always struck when I am talking here in Moscow with people who are close to the political and military circles by the mirror imaging that is at work, the extent to which they genuinely believe, at some level at least, that Western democracy is a sham, something manipulated by press barons, media spinners, political technologists. They really think that the West is a slightly more liberal version of Russia. Ultimately, if their purpose is to persuade Poroshenko and company that they need to cut a deal with Moscow, they see the Ukrainian population as merely one more instrument, one more lever. If you get the population angry, it will put pressure on the government and sooner or later the leadership will need to listen to and respond to their grievances. This is the way the Russian see it.

I am very concerned by the clear Russian campaign to support political movements and groupings in Europe perceived as useful because they are sympathetic to Russia or hostile to the European Union. Their concept of the West is one where you really can buy politics. If there is a handful of people that you need to convince, how are we going to convince them? It might be by invading a province of that country, or it might simply be by bribing them. Ukraine was managed for so long in effect by bribery, after all. Or it may be through blackmail, or sponsoring inconvenient political movements, or destabilizing the country so people’s lives get miserable by doing everything that could actually bring the pain to bear. This is the nature of the full spectrum warfare. It ties in with the so-called Gerasimov doctrine which is not a doctrine in military terms. It is actually a broader description of how he sees the nature of conflict emerging. To me, the most important line in that was he said was that non-military means could be far more effective than military means. When you have a career general saying that actually his trigger-pullers may not be crucial, that is significant. That is the key point.

During the final stages of the Cold War, the Pentagon built its strategy on exploiting its own competitive advantages and the weaknesses of the Soviet Union. Is this also the Russian approach that we see deployed in its near-abroad?

This is very much the Russian approach. The aim is to exploit the weaknesses, the vulnerabilities of the other side. Elsewhere, I called this approach “guerilla geopolitics.” It reflects on some level, however Moscow wants not to admit it, an understanding of how weak Russia is. Its hard-power is fine if you want to roll into Georgia, but even in Ukraine is questionable how useful it is. If someone looks at the underlying economic essentials, Russia is not a global super-power, but somewhere between Italy and Brazil. For these reasons, Russia should be as economical as possible: leverage its strengths and exploit the weaknesses of the adversary. But this places a huge premium on effective intelligence in the broader sense of the word. One of the reasons that Russians are stuck in what is clearly the quagmire that is Donbass is because they miscalculated.

For me, the tragedy is that had there been even a single firefight in Crimea, had there been any sense that the Ukrainian government or military was willing to resist, I imagine that currently there would not be war in the Donbass. Because Crimea was so easy, in some way Russia became far too overconfident and thought that likewise it could easily pressurize Kiev. I was in Moscow at the time and the people who were speaking from foreign policy and defense circles were very bullish. They felt that the new regime in Kiev would be out in at no more than six months and by the end of that period, Kiev will be forced to capitulate. What they didn’t realize was precisely the national mood, not so much the resistance of people like Poroshenko or prime minister Yatsenyuk, but the extent to which they could not have made the deal that Moscow was demanding without being swept away in Maidan 2.0. We need to be careful. There is always the risk of making the other side 10 feet tall. Actually the Russians have distinctly limited capacities and they have demonstrated that they can do something that is brilliant and effective in Crimea and something tactically effective but strategically disastrous in the Donbass.

What made Ukraine the ideal victim/target for hybrid warfare? What are the societal prerequisites/conditions, the ideal set-up that enables hybrid warfare?

The tragedy of Ukraine has been the tragedy of its history since 1991. This is not so much a failed state as a state that never succeeded in the first place. For all the genuine passions, enthusiasms and professionalism of many people within it, Ukraine has demonstrated that is possible to run your country worst than Russia: extraordinary levels of corruption, the worst kind of predatory corruption, but also a failure to cohere socially and politically. Although clearly the referendum in Crimea was a questionable one, nonetheless, I don’t doubt that the majority of Crimeans thought that Moscow couldn’t be a worse master than Kiev. Ukraine is physically large, but in governance and resilience terms looked incredibly weak. On the one hand there is the presence of disgruntled Russian-speaking Ukrainians who were afraid of what may happen in the post-Maidan order. The security structures, both military and internal security agencies, were thoroughly penetrated by Russian allies and agents, but also thoroughly mistrusted by the new regime in Kiev. On top of that, we have a country that was in an awfully state ranging from the quality of its military to the quality of the public services. From Russia’s point of view what was not to love? Russia had already a huge network in place in Ukraine, a thoroughly corrupted political system vulnerable to its use of bribery and suasion, an economy dependent on trade from Russia.

How would you assess the ability of Russia to create disorder on NATO’s Eastern Flank?

Particularly in the North and the Western of Europe, is always nice to think of it as a Southern and Eastern problem. But if one looks for example to the extent to which the rise of Marine Le Pen in France does cause significant issues for the Western Alliance. Or at the potential for disruption that would have been created if Scotland voted to separate from the United Kingdom and it is worth noting that Russian TV channel RT was a strong supporter of this step. Before we analyze the real vulnerable flanks we should realize that this is something broader, reflecting problems in the legitimacy and coherence of Europe as a whole.

That said, on the whole the Russians’ opportunities are limited. They are able to take advantage of the simple fact that in the West, especially in Europe, we don’t like conflict. We follow rules, norms and etiquette. The Russians have little scope to make the West do anything; what they can do in their interest is making Western countries not do things. They want to encourage divisions, uncertainties within the population; they want to create a situation where actually challenging Russia looks a lot more dangerous than it really is.

When it comes down to it, Putin is actually risk-averse and quite limited in what he wants. His catchphrase always has been sovereignty: no one should have the right to tell Russia what to do, not an international court, not the international norms of governmental behavior. In his optic, Russia deserves to have a sphere of interest – the post Soviet area. He is quite conservative and defensive in his posture. Of course, he would love to dictate policy in Bucharest or Berlin if he had the opportunity. But when it comes down to it, that is not really on his wish list or expectation. What he wants to do is to make sure that governments in Bucharest, Berlin and elsewhere cannot do anything that would actually resist Russia in the areas that really matter to him.

The nature of this long term geopolitical campaign is that when perceived opportunities and vulnerabilities arise, then the Russians will seek to seize them. The Donbass adventure was because of a misperception, a Russian belief based on how easy Crimea went, that actually Ukraine as a whole could be easily bullied. This is one of my concerns. Not because I think there is a grand Russian plan to press forward Westward. But if we (it could be one country, could be the whole Western alliance and anything in between) look vulnerable, then it might raise temptations in Moscow. Just as the authoritarianism in Moscow means that it is in some ways more able to knit together a whole variety of capacities in order to wage a full-spectrum campaign, it also means that they have fewer checks and balances, obstacles to dumb ideas coming from the very top. For this reason it is not just that we need to be secure in the West, but we need to be clearly, visibly secure such that Moscow doesn’t mistakenly think that we are vulnerable.

What should the hybrid defense look like? How should we re-conceptualize defense in this world where non-military tools are becoming a way in the first line of offense?

We live in an era of the insurgency of the mind. This is not about encouraging people to blow up post offices. It is not even about encouraging people to take a particular position. Back in the Cold War period, Soviet propaganda aimed to persuade everyone else about the rightness of their position, of the Soviet way of looking to the world. The interesting thing is that the modern campaign has been flipped around. It is not about convincing anyone else of a Russian point of view so much as to undermine people’s belief in any point of view, to create an environment in which no one can be quite sure about anything. In the West what they are doing is trying to exploit every single vulnerable point, whether it is the exclusion of communities or the people’s concern about gay couples being able to adopt. Not for a minute do the Russians care whether European gay couples adopt or not. But if they can put a little bit of money and a little bit of support into dividing communities and creating a problem for a government so it is distracted, then all to the good. By throwing out a variety of ludicrous conspiracy theories about how the MH17 plane was shot down (when the reality is pretty cut and dried – a Russian missile launched by Russian-backed insurgents) their hope is that people will start believe that we will never know for certain. They try to undermine our certainties. And this links back to the governance issues. Why are people willing to believe some of the bizarre conspiracy theories that come from RT or other state-backed media? The answer is because people are mistrustful in their own governments and their own politicians, so public disillusionment becomes an opportunity. They feel they’ve been lied before. All the Russians are doing is tapping into all that.

Ultimately, hybrid defense is about legitimate and effective governance. On so many levels this is precisely a war of governance. If for example the Russian speaking Estonians really feel angry about the way they are treated, then they become potential instruments for Moscow. On the whole my sense of Russian-speaking Estonians is that they are solid Estonian citizens, that they realize that in terms of everything from economic opportunities to political rights, being member of an EU state is infinitely better than being a Russian citizen. So what are the other threats to the sovereignty and to the capacity to act of the Western Alliance? It is that moment when the public becomes sick of spending money on the military, on supporting Ukraine, or when they question the credibility of their legal and political systems. Or the challenge comes from financial systems that are not only thoroughly penetrated by dirty money from Russia and elsewhere but thoroughly unstable because of their own internal practices. We must realize that however effective capitalism and democracy are as systems for managing modern societies, they do have distinct internal contradictions. And the Russians will exploit those precisely to weaken, divide and demoralize the West. In many ways, going back to this point of whole-of-government responses, proper financial regulation is just as much an effective security issue as spending 2% of your budget on tanks.

One can look at the situation in Greece as a classic example. On one hand, Greece willfully mismanaged itself over multiple political generations. But on the other hand, the EU and the lenders facilitated this process. They didn’t properly assess whether or not Greece should be part of the euro. For ideological reasons they just decided that it is something that they had to swallow. Everyone knew that Greece was cooking the books, but no one wanted to say so. It was a problem that everyone hoped would naturally go away. I have little sympathy for the Greek regime, but it is clear that the way the lenders and the European community treated Greece was quite toxic. For all these reasons, I feel quite likely that at least for a generation, Greece will be vulnerable to Russian propaganda, to Russian influence and will precisely be the awkward element in both NATO and the EU. By mismanaging, by letting legitimate politic and economical grievances arise, we have given Russia if not a win, certainly an opportunity.

As the nature of this war is one on governance, does this mean that the EU should be in the lead and not necessarily NATO?

It is not something that NATO is for or can do. Ultimately NATO is a military alliance. Military structures these days are governments’ Swiss army knives. Saving migrants in the Mediterranean, delivering disaster relief, going to New Orleans after a terrible storm, if in doubt you call on your soldiers. Soldiers can do policing, but they are not as good for it as police. Soldiers can do development work, but they are not as good at it as development agencies. If we suddenly said that NATO has to handle everything from countering Russian propaganda, to auditing financial flows to ensure that Russian dirty money is not used for corrupting financial and political systems, to ensuring that ethnic minorities in border regions have their own schools, NATO would become a Western super-governmental structure. It is better for NATO to handle the kinetic stuff and someone else to do the governance stuff.

In many ways the EU is a very elephantine beast, It is not quick, subtle or cheap. So if we put our trust in the EU, I am not sure of how effective the results will be. The EU should play a coordinator role, in terms of spreading best practices, providing active support rather than trying to regulate. Maybe it is better to have regional sub-blocs because I think that de facto there is increasingly an Eastern Flank policy emerging. Most of the CEE countries see a common threat and essentially are looking for common responses to those threats. In these frontline states the concern is much more about political, financial and intelligence penetration and also having a very clear tripwires to make clear that NATO is behind them in case of a direct threat.

In the end for me we need to be thinking about re-writing our concept of what “security” means. On a theoretical basis, we all talk the talk that security is equally about “soft” security issues, about human trafficking, about epidemics spreading across borders and so on, but we still naturally default to an old model, hard power related mindset. We really need genuinely to address the issue of what is security and create structures that are going to address the real threats rather than threats of the 1940s or 1970s. Corruption and kleptocracy should be seen as absolutely central to the modern security. Too often they are seen as a frictional cost on governance rather than as a real security issue. The EU cannot impose good governance and legality. What it can do is support and facilitate when there is a genuine grass-root desire to see them take root. It empowers and gives certain political and judicial actors an alibi to declare war on the corrupt elite within their own political and economical system: I have to change the rules on you because of Europe, because of outside forces. But its virtuous role is in supporting society rather than imposing change on it. If it tried that, then it would become part of the problem, one of the grievances that outside actors, including the Russians, could exploit.

Disclaimer: This interview is part of the Romania Energy Center project “Black Sea in Access Denial Age”, a project co-financed by the North Atlantic Treaty Organization (NATO). To read more, go tohttp://www.roec.biz/bsad/

Dr. Mark Galeotti is Professor of Global Affairs at New York University’s SCPS Center for Global Affairs and author of the In Moscow’s Shadows blog.

Octavian Manea was a Fulbright Junior Scholar at Maxwell School of Citizenship and Public Affairs (Syracuse University) where he received an MA in International Relations and a Certificate of Advanced Studies in Security Studies.

Read the whole story

· · · · · · · · · · · · · · ·

The Ultimate Hybrid War Strategy: Attack Deep-Sea Fiber-Optic Cables
Thursday September 17th, 2015 at 11:24 AM

When a July 2015 undersea tremor triggered a rockslide between the islands of Saipan and Tinian in the Northern Marianas Islands, it cut the only fiber-optic cable connecting the archipelago to the global network. Air traffic control grounded flights, automated teller machines shut down, web and phone connections broke.

All the feared impacts of a cyber attack became real for the islanders. A Taiwan-based cable repair ship eventually restored the link, but that was a single break from one natural occurrence. How much more disruption could a deep-sea-faring nation cause its rivals through malicious intent?

Though often mentioned in passing, the fact that the overwhelming bulk of Internet activity travels along submarine cables fails to register with the public. High-flying satellites orbiting the crowded skies, continent-spanning microwave towers and million miles of old 20th Century copper phone wire all carry but a fraction of the Earth's Internet traffic compared with deep-sea fiber-optic cables.

All that buzz occurs in the dark cold parts of inner space and a few very quiet places on land. If you want to tap into that buzz, those quiet places where the sea cables make landfall—from the onshore facilities out to deep-water offshore—are your prized targets. The U.S. has developed exquisite abilities to access underwater things.

One of America's greatest techno-spy capers of the Cold War involved tapping Soviet Navy communications via a submarine cable in the 1970s and 1980s. Before IVY BELLS ended with its unmasking by Soviet spy Ronald Pelton, its clandestine aquanauts, spy sub and nuclear-powered "bug" made espionage history.

If, however, you wish to practice hybrid warfare—disruption and degradation with little overt engagement—then the ability to cut submarine cables at will and at depth gives you a very powerful weapon. Cut up undersea hydrophone networks and you deafen your adversary. Cut Internet cables and you have the ultimate denial-of-service cyber weapon.

In the 1960s, America's advancing deep-sea capabilities alarmed the Soviets for good reason. If the Americans could locate sunken subs and retrieve satellites from the supposedly inviolable deeps, their underwater black ops directly threatened Soviet security.