In January 2018, speaking to State Duma deputies, Defense Minister Sergei Shoigu announced the creation of special units in the Russian armed forces that would be engaged in information operations. At the same time, the minister did not go into details of this decision.
Few doubted the existence of such structures in the Russian law enforcement agencies (including the Defense Ministry), therefore, Shoigu’s statement can rather be called the first official recognition that Russia does conduct certain and very specific operations in the information space.
In general, Russian cyber attacks and cyber espionage in recent years have become the talk of the town, the Western media just adore this topic. Its apogee can be called a scandal with Russian hackers in the United States, which is still gaining momentum. As well as the recent arrests of the Hackty-Dumpty hacker group, which "broke" the mail of high-ranking Russian officials and sold them the same information for amounts with six zeros. Among the victims were Russian ministers, employees of the presidential administration, and well-known journalists.
So here, as they say, there is no smoke without fire.
However, services that are engaged in various delicate operations on the Internet exist in many countries of the world, they appeared almost immediately after the invention of the World Wide Web. Today, the tasks of the cyber-front fighters include not only cracking the computers of the enemy's General Staff, but also waging the information war on the Internet, which every year penetrates deeper into the lives of everyone on the planet. So the usual network "bots" and "trolls" - this is the same technique of cyber warfare, as well as cracking other people's passwords.
Cyber war is a completely official term, which means a set of actions aimed at destabilizing the enemy’s computer networks. In our era, when computers manage almost everything - from the work of the largest trading exchanges to the city sewage system - a well-conducted cybernetic attack can do no less harm than weapons of mass destruction and literally plunge the enemy into the stone age.
As for the confessions of Shoigu, they can hardly be called a sensation. The creation of Russian information operations troops was spoken about back in 2013, and in 2014, the same Shoigu ordered the creation of a cyber command at the General Staff of the Russian Armed Forces, which is supposed to protect domestic electronic networks from enemy hackers. Domestic and foreign experts believe that Russia is among the top five in the world along with the United States, China, the United Kingdom and South Korea in terms of hacker training. However, there is nothing special to be surprised about here: the national programming school has always been on top.
It is believed that today the Americans have the most prepared and numerous cybernetic army, its budget is at least $ 7 billion. This amount is spent on the maintenance of approximately 9 thousand hackers. In second place are the Chinese, who, as usual, take quantity: at the disposal of the Chinese government 20 thousand hackers, they cost China about $ 1.5 billion. They are followed by the British, who for about $ 450 million contain about 2 thousand computer hackers. South Korea has 700 hackers and spends about 400 million dollars on them annually. Russia, according to experts, has about 1,000 trained hackers and spends about $ 300 million a year on them.
Naturally, these figures are more than conditional. The "fighting" on the Internet has been going on for many years, but so far they are more connected with the desire to get more information about the enemy than to cause him serious harm. Let's just say that everyone who has the ability to carry out cybernetic operations, do it, the rest are trying to create their own cyber warfare. There is nothing surprising in this: our world is increasingly becoming digital and virtual, so today cyber warfare and computer espionage is an important part of the so-called hybrid war, and then its value will only increase.
By the way, Americans are very serious about the possibilities of Russian hackers. For example, the leading expert of The Atlantic Council in Washington, and in the past CIA analyst Matthew Burroughs in 2018, said that our country is very competitive in everything related to actions in the virtual space, and the attacks of Russian hackers can have very serious consequences.
Cyber war is a new type of war that is very likely to take place in the near future. At the same time, it can be no less destructive than ordinary war.
Trenches of virtual cyberwar
Let's start with the definition. Cyber warfare (cyber war) is a confrontation in the information (cybernetic) space, the purpose of which is to influence the enemy’s computer networks. It should not be confused with the information war, which is a broader concept and represents a complex of actions aimed at the psychological suppression of the enemy. Cyber war is only an integral part of information warfare.
In just a few decades, a computer completely changed the life of every person on the planet, and the Internet, invented as a military information network, created a new reality. Today, neither a government agency, a huge corporation, nor an airport, nor the General Staff can work without a computer. And all of them, as a rule, have access to the World Wide Web. Computer networks have become a real nervous system of our civilization, the blow on which is capable of knocking out any opponent. A cyber attack against a developed modern state will be especially destructive, as you might guess, the Taliban hackers are not afraid.
A feature of virtual attacks is that it is very difficult to prove the involvement of one or another state. Thus, cyber warfare and cyber espionage are the ideal weapons of hybrid warfare.
Cyber attacks can be of a different nature:
- vandalism;
- cyber espionage or information gathering;
- propaganda;
- attacks to disrupt the normal operation of computers and local networks;
- cyber attacks aimed at the destruction of the critical infrastructure of cities, industrial centers, disruption of transport, communications and other critical facilities.
Vandalism is a cyber attack, the purpose of which is to damage web pages, disrupt websites, destroy information contained on them or replace it with another. This kind of interference with the operation of information systems seems rather harmless, but this impression is somewhat deceptive. Vandalism and propaganda in the virtual space in recent years have become one of the most effective ways of waging information warfare. As the experience of the "color" revolutions of the last decade shows, the Internet and social networks are becoming one of the most important fronts of psychological warfare. Creating fake accounts, stuffing false or biased information, coordinating anti-government speeches, conducting propaganda - the list of these methods of information warfare in the virtual space can be continued. It should be noted that various terrorist groups often resort to propaganda on the Internet, since most other media outlets are simply closed to them.
Cyber espionage is the most common type of cyber warfare. Extraction of secret information has always been the main task of the special services, but if earlier it was necessary to send spies to the enemy’s camp or search for traitors, today the work of the special services to collect enemy secrets has been simplified - they can be found in the virtual space. If before the information was stored in folders and archives, today it has moved to the hard drives of computers. Although, of course, no one has canceled the good old methods of intelligence work.
Cyber espionage is a very effective method of collecting secret information. With it, you can get a list of enemy agents or informers, or steal the latest developments in the field of military or industrial technology. It is believed that Chinese hackers are most actively engaged in industrial espionage, most often the targets and targets of their attacks are enterprises and research centers in the United States and Western Europe. At the same time, the Chinese comrades categorically deny their participation in such actions.
By stealing scientific discoveries and industrial technologies, China is saving itself billions of dollars and a lot of time that it would spend on developing its own similar programs. During the Cold War, the Soviet Union was actively involved in the theft of technology in the West, but at that time there were practically no computers.
An example of a successful cyber espionage campaign is the publication of a huge amount of top-secret data on the Wikileaks website. In this case, a cyber attack led to the promulgation of a significant array of documents relating to the American wars in Afghanistan and Iraq, and then the secret correspondence of American diplomats. The publication of these materials not only revealed a network of American agents around the world, but also caused significant damage to the image of this state. This case clearly shows that even such a technologically developed and rich country as the United States cannot fully protect itself from the threat of cyber attacks.
When the Internet is more dangerous than a nuclear bomb
However, cyber espionage, and conducting information operations in the virtual space - this is just a soft way to conduct cyber warfare. In the arsenal of modern fighters of the cyber front there are much more powerful and deadly means.
In the summer of 2010, the Iranian nuclear power plant in Bushehr became the target of a cybernetic attack. A network worm, Stuxnet, was found in the station’s computers, which disrupted the station’s equipment. According to unofficial information, this computer virus managed to disable more than 1 thousand centrifuges, on which Iranians enriched uranium. According to most experts, as a result of a hacker attack, Iran’s nuclear program was dropped a few years ago. After this, Stuxnet "broke free" and infected several hundred thousand in Iran and Europe. The infection of the nuclear power plant computers was not a clean hacker attack, a virus was brought to the station by one of the employees or workers, because the station’s computer network did not have access to the Internet.
No one ever took responsibility for this sabotage, but today there is little doubt that this was a joint operation between the United States and Israel.
It should be noted that Iran itself has repeatedly been accused of organizing cyber attacks on various objects in the United States, Europe and Israel. In particular, the Americans suspect Iranian structures involved in the hacker attack on US financial institutions in 2012.
Another well-known recent cyber attack is breaking into the information systems of several large South Korean banks in February 2013. Then more than 30 thousand computers came under attack, not only from financial institutions, but also from a number of large TV companies in the country. The events of 2013 were the largest cyber attack in the history of South Korea. The organizer of this operation was never named, but the authorities of the country have no doubt that the special services of North Korea were behind it. According to information received from representatives of the Western intelligence community, the security services of the DPRK have special units that are engaged in cyber espionage and cyber attacks.
Not only poor states, but even individual terrorist organizations can afford a cyber war. This feature makes war in the virtual space even more dangerous.
However, neither the past events, nor the real scandals connected with the intervention of Russian hackers in the American elections, fortunately, do not yet reach the real cybernetic war. Potentially, the consequences of conducting aggressive actions on the Internet are much more serious. Today, almost all spheres of vital activity of any country are controlled by computers: air and railway traffic, city life support systems, state energy systems, mobile and landline communications, banks, hospitals and emergency services. A serious hacker strike on any of the above systems will lead to a collapse and tens of thousands of dead. A strike at the Bushehr nuclear power plant knocked out uranium centrifuges, and if his goal was a working nuclear reactor? It is likely that the Middle East would get its Chernobyl. Each state has dozens or even hundreds of such vulnerable points: nuclear power plants, gas and oil pipelines, chemical plants, and electrical networks. To protect them all is very difficult.
It is enough to intercept the power supply control and de-energize a large metropolis for several days to cause a humanitarian catastrophe.
In the West, they are well aware of the danger that cybernetic attacks can carry. In 2010, the private company Bipartisan Policy Center conducted a simulation of a massive cyber attack on the territory of the United States. The results of it were disappointing. The Americans recognized the fact that if the strike was really well prepared, then they most likely would not be able to repel it. A massive hacker attack will be able to quickly “put on” mobile and wired communications, and also poses a serious threat to the country's power system. The simulation showed that a competent cyber attack only half an hour would be able to leave without electricity the residents of the entire eastern part of the United States, it would take about an hour to disable the mobile connection, and the United States’s financial heart, Wall Street, could last for several hours.
However, it should be understood that such an attack is beyond the power of organizing lone hackers or small groups of cybercriminals. Cyber war against the United States can succeed only if there is another state behind its organization.
Currently, there are cybersecurity structures in Germany, China, Israel, Great Britain, and South Korea. It is clear that specialists who are able to protect information networks from cyber threats can themselves participate in their creation. The military already perceive the Internet, as well as another battlefield on which they will have to fight against the enemy.
In 2007, an experimental command to repel cyber threats was created in the United States, and in 2009, the Americans created a cyber command, which included several organizations that had previously dealt with this topic. The head of the Cyber Command is the head of the National Security Agency of the country. In the United States, there is a national cyber security strategy, which clearly states that a massive cyber attack on a country is Casus belli in exactly the same way as an act of ordinary war.
There are structures that deal with issues of cyber security in Russia. In 2014, by decree of the President of the Russian Federation, Information Technology Forces were formed, which should reflect possible cyber attacks on Russia. Although their activities are mainly related to military computer systems. However, there is no doubt that other Russian law enforcement agencies have similar structures.
