The implementation of technology has reached a point where the world is becoming more digital and interconnected. In such an environment, cyber threats must be taken seriously in the equation of threats that we deal with on a daily basis. This very danger involves, of course, the EU member state citizens as well, a fact that highlights cyber security as a key priority for the EU. As cyber attacks become more frequent and sophisticated day by day it is necessary to be addressed, not only by government institutions, but also by commercial organizations as well. That’s why many countries are currently investing funds and resources in establishing and strengthening their cyber capabilities.
It is essential to keep in mind that in order to effectively address the EU’s security environment, it is crucial to take into consideration a combination of both physical and cyber threats, especially when it comes to the European Digital Single Market and the enforcement of the EU’s digital economy, where the endeavour will take place in digital platforms.
The complexity of today’s threats can be seen in the rise of hybrid warfare, where there are no distinct boundaries between peace and war, and cyber operations account for a major part of hybrid threats. Given the fact that anonymity establishes the lack of attribution of a cyber attack, and the existing legal gap reduces the political risk for perpetrators, cyber operations seem to be an ideal choice for exploitation and benefit acquisition. Of course, there are also non-state actors who perform cyber attacks and thus operate like a scapegoat to governments. Such non-state groups took the blame several times in the past on behalf of Russia[1], such as the DDoS attack in Estonia.
For Russia, cyber operations are a vital part of its information warfare along with psychological operations, information operations etc. In its National Security Strategy 2020 declares that succeeding in the cyber domain accounts for a major endeavour and thus achieving superiority is a crucial goal. As the time passes there are evolving strategies facilitating Russian policy, for instance at the Cold War era there were ‘active measures’ or disinformation operations, and now there are hybrid operations enhancing and reinforcing the former ones. Hence, it is necessary to understand the importance of cyberspace in the overall Russian political and military operations. Russia has already conceived that information warfare provides opportunities and asymmetrical possibilities that undermine the fighting potential of the adversary, involving the manipulation of social media regarding propaganda dissemination and disinformation. Of course, the end-game is a major influence of public opinion in favor of certain political ends.
Russia is considered one of the global leading actors in the cyber domain attributed with numerous attacks at significant enemy infrastructures. Its cyber capabilities are fundamental to its broader geopolitical goals, such as the maintenance of a ‘great power’ status in the international arena, the consolidation of dominance over its sphere of influence, the decrease of NATO’s influence in the EU, the undermining of Western powers and so on.
The European Union has recognised Russia’s threat in the region and in 2016 the European Parliament stated in a resolution that Russia’s goal among others is to achieve a division among the members of the EU, sabotage the EU-U.S. relations and undermine the EU institutions and its values. It is known that Russia is involved in cyberattacks, disinformation operations and it has financially influenced campaigns of at least 27 European and North American countries since 2004. It is also suspected of supporting the cyberattacks on energy infrastructures in Ukraine and the Baltic States, and it has been attributed the WannaCry and NotPetya attacks against Ukraine in 2017.
Other significant attacks were held in 2017, when Russian advanced persistent threats (APTs) were performed throughout Europe. Specifically, Germany accused the Russian APT28 hacking group for placing malware in a government network and thus had access to both foreign ministry and defense ministry. In addition, several national energy firms’ computer networks have been targeted as well. Norway, Denmark, the Netherlands and Italy received incidents of Russian cyber espionage too. Such cyber espionage activities targeted high-profile government institutions and infrastructure, in order to exploit classified information and manipulate data. The impact of these operations is mostly in the loss of integrity of the manipulated data. Once it is compromised, data is no longer reliable to be used.
It is crucial to keep in mind that currently about 97% of global communications operate physically through transoceanic cables. Thus it is obvious that these cables are significant for the digital societies and they can easily be weaponized as a hybrid threat. This very sector is possible to be exploited from Russia in the future, as the latter expresses its interest in this field with submarines and increased activity. The Western countries seem to worry about a potential scenario like this, because this kind of operation fits perfectly with the Russian modus operandi, expressing a part of asymmetric operations.
The Russian interference in the EU further expanded with the involvement of the former to major national election procedures, especially in France, in Italy, in Brexit referendum and even to the broader Western societies, such as the manipulation of the US General Election in 2016.
Conclusion
Digitalized era has come and countries have to deal with, not only physical security of infrastructure, but with cyber security as well. The EU countries need to find a way to defend themselves against such sophisticated attacks. Given the fact that the more digitized societies are, the more vulnerable they become to cyber attacks. Thus, there is an increasing necessity from the part of the EU to take some initiatives in order to achieve better results.
A possible solution is following an old-fashioned defensive strategy through de-digitalization of significant services and processes, such as national elections. For instance, Finland is considered one of the most digitized countries, and yet it decided to keep the election procedure out of cyberspace, due to the risks of potential manipulation. Similarly, in the Netherlands the government re-introduced the traditional hand-counted votes in order to avoid Russia’s hacking aspirations.
Another solution would be the expansion of the EU’s ‘political cyber playbook’ that still remains poor. Hence, there would be practical tools to respond to cyber activities and the overall EU’s deterrence capability would be reinforced. It is time for the EU to establish effective counter strategies against Russia and maintain the political courage to act against it.
Furthermore, the involvement of private sector companies accounts for a crucial step in the battle against cyber attacks. These companies have the capabilities to collect and analyze data, develop sophisticated algorithms, and even create their own undersea cable system. Their presence in discussions and decision making procedures regarding cybersecurity issues should be strongly supported.
A final and more general step is sharing information among the EU countries, as common experiences could lead more effectively to more direct and successful solutions against such attacks. Although there are challenges in this particular scenario, the EU members should keep in mind that cooperation in this sector will provide them greater benefits than costs.
References
- Anderson, E. (2018, February 15). Russia accuses Europe of meddling in presidential election. Politico. https://www.politico.eu/article/russia-accuses-europe-election-meddling/
- Connell, M., & Vogler, S. (2017, March). Russia’s Approach to Cyber Warfare. Center for Naval Analysis. https://www.cna.org/cna_files/pdf/DOP-2016-U-014231-1Rev.pdf
- Dorell, O. (2017, September 07). Alleged Russian political meddling documented in 27 countries since 2004. USA Today. https://eu.usatoday.com/story/news/world/2017/09/07/alleged-russian-political-meddling-documented-27-countries-since-2004/619056001/
- DW. (2018, February 28). Germany admits hackers infiltrated federal ministries, Russian group suspected. https://www.dw.com/en/germany-admits-hackers-infiltrated-federal-ministries-russian-group-suspected/a-42775517
- European Parliament. (2016, November 23). European Parliament resolution of 23 November 2016 on EU strategic communication to counteract propaganda against it by third parties (2016/2030(INI)). https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52016IP0441
- European Union Agency for Network and Information Security (ENISA). (2018, January 15). Threat Landscape Report 2017. https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2017
- Galeotti, M. (2018, March 05). I’m Sorry for Creating the ‘Gerasimov Doctrine’. Foreign Policy. https://foreignpolicy.com/2018/03/05/im-sorry-for-creating-the-gerasimov-doctrine/
- Geers, K. (Ed.). Cyber War in Perspective: Russian Aggression against Ukraine. NATO CCD COE Publications. ISBN 978-9949-9544-5-2
- Herzog, S. (2011, Summer). Revisiting the Estonian Cyber Attacks: Digital Threats and Multinational Responses. Journal of Strategic Security, Vol.4(No.2), pp. 49-60. https://www.jstor.org/stable/26463926
- Limnell, J. (2016, May 08). The Cyber Arms Race is Accelerating- What are the Consequences? Journal of Cyber Policy, Vol.1(No.1), pp. 50-60. https://doi.org/10.1080/23738871.2016.1158304
- Muncaster, P. (2018, February 19). Five Eyes Nations United in Blaming Russia for NotPetya. Info-Security. https://www.infosecurity-magazine.com/news/five-eyes-united-blaming-russia/
- Reuters. (2018, June 20). German intelligence sees Russia behind hack of energy firms: media report. https://www.reuters.com/article/us-germany-cyber-russia/german-intelligence-sees-russia-behind-hack-of-energy-firms-media-report-idUSKBN1JG2X2
- Security Council of the Russian Federation. (2009). National Security Strategy to 2020.
- Stanglin, D. (2017, February 04). Norway blames Russian hackers for cyber attack on spy agency, ministries. The Sydney Morning Herald. https://www.smh.com.au/world/norway-blames-russian-hackers-for-cyber-attack-on-spy-agency-ministries-20170204-gu5hx4.html
- Sunak, R. (2017). Undersea Cables: Indispensable, insecure. Policy Exchange. https://policyexchange.org.uk/wp-content/uploads/2017/11/Undersea-Cables.pdf
- Symantec. (2017, October 20). Dragonfly: Western energy sector targeted by sophisticated attack group. Broadcom software. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/dragonfly-energy-sector-cyber-attacks
[1] For instance the hacker groups APT28 known as Fancy Bear and Sofacy, and APT29 known as Cozy Bear and The Dukes.
By The European Institute for International Law and International Relations.
