http://orcid.org/0000-0003-4310-999X
![Sample our Politics & International Relations journals, sign in here to start your FREE access for 14 days]({"type":"image" , "src" : "/sda/5947/TOC-Subject-Sample-2021-Politics-International-Relations.jpg"})
Abstract
This article argues that Russian intelligence has achieved recent success in influencing democratic elections and referenda by combining the traditional Human Intelligence (HUMINT) discipline of manipulating useful fools with cutting edge cyber tactics, including hacking, phishing, social engineering, and weaponizing purloined information. This essay further argues that this synthesis yields greater effects than the sum of its parts. Given its potency, democracies and NATO members should expect to confront this type of threat more often. The 2016 American presidential election is used as a case study to conceptualize Russian hybrid intelligence, a new term reminiscent of Soviet ‘complex active measures’ and updated for the twenty-first century.
Notes
1. Sherman Kent Memorandum to the Director of Central Intelligence, “Khrushchev and the American Election.”
2. Memorandum for DCI [sender redacted], “The Soviets and the 1984 US Elections.”
3. Christopher Andrew, The Sword and the Shield.
4. Cyberwar, “Who hacked the DNC?”
5. Statement of James R. Clapper, former Director of National Intelligence, concerning Russian interference in the 2016 United States election before the Committee on the Judiciary Subcommittee on Crime and Terrorism United States Senate, May 8, 2017, available at https://www.judiciary.senate.gov/imo/media/doc/05-08-17%20Clapper%20Testimony.pdf
6. As quoted in Bob Abeshouse, “Facebook, Russian Trolls and the New Era of Information Warfare,” Al-Jazeera Blog, 1 February 2018.
7. Herbert Romerstein, “Disinformation as a KGB Weapon in the Cold War.”
8. Chad Fitzgerald and Aaron Brantly, “Subverting Reality.”
9. Ibid.
10. United States Senate Committee on Armed Services hearing on Foreign Cyber Threats to the United States, 5 January 2017.
11. According to Christopher Andrew and his co-author, KGB defector Vasili Mitrokhin, active measures (aktivinyye meropriatia) ranged from media operations to varying levels of violence. ‘Throughout the Cold War the United States was the main target for KGB active measures as well as for intelligence collection. Most were at the non-violent end of the active measures spectrum—‘influence operations’ designed to discredit the Main Adversary’, as quoted in Andrew, The Sword and the Shield.
12. Gerasimov, “The Value of Science Is in the Foresight.” Originally published in Military-Industrial Kurier, 27 February 2013. Translated from Russian by Robert Coalson on 21 June 2014.
13. Chivvis, “Understanding Russian ‘Hybrid Warfare’ and What Can Be Done About It.”
14. Very little cost in terms of direct financial investment. Russian associated entities spent about $300,000 in social media advertising on Twitter and Facebook during the 2016 campaign. Given that the US responded with economic sanctions on Russia, the true comprehensive cost to Russia may be higher.
15. Mitrokhin, KGB Lexicon.
16. The Soviet intelligence services had some success exploiting useful fools in the West. Notable examples include the many Americans who parroted KGB conspiracy theories that AIDS was developed by the US military at Fort Detrick, Maryland, and that Americans were traveling to South America not to adopt children, but to harvest their body parts.
17. On the development of the technical understanding of social engineering, see Hatfield, “Social Engineering in Cybersecurity.”
18. As quoted in Adam Entous, Ellen Nakashima and Greg Jaffe, “Kremlin Trolls Burned Across the Internet as Washington Debated Options,” Washington Post, 25 December 2017
19. Office of the Director of National Intelligence, “Assessing Russian Activities and Intentions in Recent US Elections.”
20. Hacquebord, “Update on Pawn Storm.”
21. Statement from the Department of Justice U.S. Attorney’s Office for the Southern District of New York, “Russian Banker Sentenced in Manhattan Federal Court to 30 Months in Prison for Conspiring to Work for Russian Intelligence”, 25 May 2016, available at https://www.justice.gov/usao-sdny/pr/russian-banker-sentenced-manhattan-federal-court-30-months-prison-conspiring-work
22. Statement by the Department of Justice U.S. Attorney's Office for the Southern District of New York, “Attorney General, Manhattan U.S. Attorney, and FBI Announce Charges Against Russian Spy Ring in New York City,” 26 January 2015, available at https://www.fbi.gov/contact-us/field-offices/newyork/news/press-releases/attorney-general-manhattan-u.s.-attorney-and-fbi-announce-charges-against-russian-spy-ring-in-new-york-city
23. Department of Justice sealed criminal complaint, United States of America v. Evgeny Buryakov, et.al, Southern District of New York, 23 January 2015, available at https://www.justice.gov/sites/default/files/opa/press-releases/attachments/2015/01/26/buryakov-complaint.pdf
24. Sluzhba Vneshney Razvedki, the Russian external intelligence successor to the Soviet KGB.
25. Some terminology here is important; specifically, the critical difference between case officers and sources, agents, or assets – the latter three terms are basically interchangeable. Case officers are the ones calling the shots. They are the ones working overseas, often under cover, to locate and handle new sources of secret information. They have authorization and resources from their governments to make secret offers to potential intelligence assets. On this agent and case officer relationship, see Wippl, “The Qualities That Make a Great Case Officer.”
26. An “illegal” is an experienced SVR or Soviet Military Intelligence (GRU) officer who is living and working abroad without diplomatic status, sometimes under a false identity. As the Department of Justice charged: “Buryakov operated under ‘non-official cover’, meaning he entered and remained in the United States as a private citizen, posing as an employee in the Manhattan office of a Russian bank.” See Buryakov complaint.
27. Lambridge, “A Note on KGB Style.”
28. Global Energy Partners website is http://globalenergycap.com/index.php, accessed 12 January 2018.
29. Buryakov complaint.
30. Carter Page confirmed he was the FBI’s ‘Male 1’ to journalist Ali Watkins in April 2017.
31. See note 29 above.
32. In American construction, if the target accepts the recruitment pitch, the terminology changes. His status is now that of ‘agent’, ‘source’, or ‘asset’. The CIA has a binary approach to recruitment: An agent is either a fully recruited agent or he isn’t. Russian understanding of the term agent encompasses a spectrum of case officer and agent relationships. In the Russian view, as long as the agent is providing the material, documents or operational support that his case officer requires, the semantics of agent recruitment matter rather less. Russian intelligence may therefore have relationships with cooperative contacts who don’t necessarily need to be fully recruited in order to serve their purpose.
33. Given the diplomatic sensitivity of international espionage, it is conducted by a specifically trained subset of intelligence officers called ‘operations officers’ in the US intelligence community vernacular and ‘case officers’ more universally. Most people in most countries are loyal to their own governments, so the task of the case officer is to find someone with ‘placement and access’ to information that the case officer is seeking and then manipulate that person to betray their compatriots, company, or country, to work as an asset or agent. There are plenty of people (usually civil servants or military personnel) who have access to secrets; the trick is to figure out which one of them might betray their country, for what reasons, and under what circumstances. This takes extensive training, years of experience, and a high degree of emotional intelligence with a manipulative personality. At the same time, however, it’s also a numbers game. Case officers often lament that they need to ‘kiss a lot of frogs to find the prince’.
34. Traditional recruitment factors play on personal motivations such as Money, Ideology, Coercion, and Ego (‘MICE’), although there are mnemonics with more nuances, and it’s usually a combination of all of these factors. Like any recipe, it’s vitally important to understand the right ingredients and in the right proportions. Also part of understanding that person is assessing their suitability for the high stress game of espionage. Will the person crack under the pressure of a double life? Are they discreet? Do they show good judgment and follow directions? If so, the case officer will attempt to develop a cooperative relationship with that person. If the case officer can identify a target’s ‘motivation’ or ‘vulnerability’ (a reason to spy), he will craft a recruitment ‘pitch’, as individually tailored as a bespoke suit, in which the case officer secures the target’s assent to the recruitment.
35. Buryakov complaint. Some intelligence services, notably the Russians, use various forms of coercion, such as blackmail, usually based on compromising material. This may work for a time, but ultimately leads to an adversarial relationship with a recruited agent, who might either seek his revenge at some point or perhaps confess his unenviable situation to his own counterintelligence or security service, who may run him back as a double agent against his erstwhile handlers. The optimal case officer and agent relationships are therefore based in genuine rapport and a shared sense of a common goal.
36. Watkins, “A Former Trump Adviser Met With A Russian Spy”.
37. It is important to emphasize that not all agents provide classified information in the classical sense of the term. Many companies would surely understand privileged information might not carry governmental classification markings, but they would certainly consider their intellectual property, trade secrets, future negotiating positions, and contract tenders to be information that should not be shared with foreign intelligence services.
38. Head of the SVR station. Equivalent to a Head of Station in UK parlance or Chief of Station in American parlance.
39. See note 29 above.
40. See note 29 above.
41. Lefebvre and Porteous, “The Russian 10…11: An Inconsequential Adventure?”
42. See note 29 above.
43. US District Attorney Statement, 25 May 2016.
44. Vladimir Putin has no biological niece.
45. Zavadski, “‘Putin’s Niece’, Olga Polonskaya, Disappears From the Internet.”
46. Maza, “Who is Putin's mysterious ‘niece’ who met with Papadopoulos?”
47. US Department of Justice, United States v. George Papadopoulos, US District Court for the District of Columbia. Case 1:17-cr-00182-RDM *SEALED* Filed 5 October 2017, accessed at https://www.justice.gov/file/1007346/download
48. Ibid.
49. Kutner, “Who is Joseph Mifsud, The Professor in the George Papadopoulos Russia Investigation?”
50. Lafraniere, Mazzetti and Apuzzo, “How the Russia Inquiry Began.”
51. “Fancy Bear” is a moniker given to a cyber threat actor that cybersecurity firm CrowdStrike has linked with Russian Federation military intelligence service, the GRU (Glavnoye Razvedyvatel'noye Upravleniye). This threat actor has been termed “Pawn Storm” by cybersecurity firm Trend Micro, and Advanced Persistent Threat 28 (APT28) by FireEye.
52. “Cozy Bear” is the CrowdStrike nomenclature for a cyber threat actor associated with the Russian SVR or the Russian Federal Security Service (FSB). FireEye refers to this group at Advanced Persistent Threat 29 (APT 29). The US Government refers to malicious Russian intelligence cyber activity as GRIZZLY STEPPE. See US Department of Homeland Security, “GRIZZLY STEPPE – Russian Malicious Cyber Activity”, Joint Analysis Report, 29 December 2016, accessed https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf
53. Alperovitch, “Bears in the Midst: Intrusion into the Democratic National Committee.”
54. Ibid.
55. The original “Guccifer” was the online handle of Romanian hacker Marcel Lehel Lazar, who is serving a prison term in the United States.
56. McKirdy, “WikiLeaks’ Assange: Russia didn’t Give Us Emails.”
58. Joint Statement from the Department Of Homeland Security and Office of the Director of National Intelligence on Election Security, October 7, 2016.
59. DNI, “Assessment”, 6 January 2017.
60. Lafraniere, Mazzetti and Apuzzo, “How the Russia Inquiry Began.”
61. DHS, Joint Analysis Report.
62. Central Intelligence Agency, “Director Pompeo Delivers Remarks at CSIS.”
63. See DOJ Indictment, United States of America v. Internet Research Agency, et al., filed February 16, 2018, in the US District Court for the District of Columbia. Case 1:18-cr-00032-DLF, available at https://www.justice.gov/file/1035477/download
64. DNI, Assessment, 7 January 2017.
65. DOJ Indictment of IRA.
66. Ibid.
67. Ibid.
68. Ibid.
69. As quoted in Kurt Wagner, “Mark Zuckerberg Says It’s ‘Crazy’ to Think Fake News Stories Got Donald Trump Elected,” Recode.net, 11 November 2016.
70. As quoted in Tom LoBianco, “Hill Investigators, Trump Staff Look to Facebook for Critical Answers in Russia Probe,” CNN.com, 20 July 2017.
71. As quoted in Issie Lapowsky, “Eight Revealing Moments from the Second Day of Russia Hearings,” Wired, 11 January 2017.
72. Entous, Dwoskin and Timberg, “Obama Tried to Give Zuckerberg a Wake-up Call over Fake News on Facebook.”
73. Draznin, “Facebook exec on Russian Election Meddling.”
74. Liptak, “Mark Zuckerberg warns about Facebook ‘becoming arbiters of truth’.”
76. Lapowsky, “Eight Revealing Moments”.
77. DNI Assessment.
78. See note 76 above.
79. Kirby, “The City Getting Rich from Fake News.”
80. Ibid.
81. Wippl, “The Qualities That Make a Great Case Officer.”
82. Reilly, “Trump Campaign Gave Page Permission for Moscow Trip.”
83. GPS Fusion “Company Intelligence Report” 2016/080, hereafter “Steele Dossier”
84. Ibid.
85. Ibid.
86. Carter Page testimony to U.S. House of Representatives Permanent Select Committee on Intelligence.
87. Ibid.
88. The Republican majority on the House Permanent Select Committee on Intelligence has declassified a highly partisan memo that alleges that the FBI and DOJ acted improperly when petitioning the court for the FISA warrant. The FBI had ‘grave concerns’ about its release and the Democratic minority on the committee argued it was highly selective and therefore the memo’s primary conclusions were erroneous. The memo can be read at https://www.theatlantic.com/politics/archive/2018/02/read-the-full-text-of-the-nunes-memo/552191/
89. It is important to understand what ‘recruitment’ means in the intelligence world. In short, it means that there is a formal agreed to enter into a clandestine relationship with a foreign intelligence service. It means switching allegiance, crossing the line. It is characterized by provision of information sought by another intelligence service. It is not a back channel dialogue and it is not consulting.
90. As quoted in Stephanie Kirchgaessner, Spencer Ackerman, Julian Borger, and Luke Harding, “Former Trump adviser Carter Page held ‘Strong Pro-Kremlin Views’, Says Ex-Boss,” The Guardian, 14 April 2017.
92. As quoted in Kirchgaessner, et al., “Former Trump Advisor”.
93. As quoted in Steven Mufson and Tom Hamburger, “Trump Adviser’s Public Comments, Ties to Moscow Stir Unease in Both Parties,” Washington Post, 5 August 2016.
94. As quoted in Aaron Blake, “Carter Page Confirms He Called Himself an ‘Informal Advisor’ to Russia’s Government — but Let Him Explain,” Washington Post, 6 February 2018.
95. Testimony of former CIA Director John Brennan before the U.S. House of Representatives Permanent Select Committee on Intelligence, 23 May 2017.
96. Dilanian, “Russians Paid Mike Flynn $45 K for Moscow Speech, Documents Show.”
97. As quoted in Damien Sharkov, “Flynn-Putin Dinner: Russian Leader Had No Idea Who U.S. General Was, Says RT Chief,” Newsweek, 4 December 2017.
98. As quoted in Robert Windrem, “Guess Who Came to Dinner with Flynn and Putin,” NBCnews.com, 18 April 2017.
99. Congressional Testimony of James Clapper, 8 May 2017.
100. Jones, “Americans Can Spot Election Meddling Because They’ve Been Doing It for Years.”
101. Mitrokhin, KGB Lexicon, 33.
102. Cyberwar, “Who Hacked the DNC?”
103. Press release from the office of Angus King, “King Questions Facebook, Twitter, Google on Russian Social Media Disinformation Campaigns and Interference in 2016 Election”, Senator’s homepage, 1 November 2017.