Russian Cyber War Doctrine

by edwardmroche

What is the Cyber War Doctrine of the Armed Forces of the Russian Federation? Examining The Military Doctrine of the Russian Federation, we can see a number of references to the information aspects of war. Below we examine the Russian Military Doctrine of 2010 and compare it to the updated version published in 2015.

Analysis of Russian Cyber War Doctrine

Much of Russian cyber military doctrine is similar to what we would find in the United States. For example, there is an emphasis on the role of information technology in command and control. There also is a specific emphasis placed on development of advanced weaponry using cyber. In addition, the Russian military is charged with protecting the information infrastructure of the Russian Federation.

But it appears that Russian military doctrine defines the cyber and information aspects of warfare in a considerably broader way than in the United States. Here are a few examples:

Information Actions Precede Combat Action.  Before being used, Kinetic force (traditional military action) is to be preceded by all other non-violent instruments of statecraft. Information operations (cyber operations), therefore, are viewed as a precursor to kinetic warfare.


Figure 1 –– Differents function of cyber in Russian military doctrine. The references refer to parts of the official Russian Military Doctrine published in 2015(*). These are translated below.

Protection of Russian Territory Includes Information Territory. Apart from protecting the physical territory of Russia, the concept of territory has been extended to include “cyber space” or “national cyber space”, and the military is specifically tasked with protecting all of the cyber space within the Russian Federation.

Cyber Weapons Are Viewed as Increased Threat. In the Russian view, the conventional (including nuclear) strength of the Russian military is such that it is less likely Russian will receive a conventional attack. Paradoxically, the Russians view this as increasing the risk that Russia will be attacked through communication and information technologies. It is a cyber version of guerilla warfare.

Very Broad Definition of Cyber Attack. The type of cyber incident considered by be an “attack” is very broad. It needs only to have an effect on political independence or sovereignty. Any attack against infrastructure also is included. This would cover denial-of-service, or malware. But if a cyber incident has a destabilizing effect on the “social” or “political” situation, then it also is considered to be an attack.

Spiritual and Patriotic Traditions Protected Against Cyber Attack. An information incident can be classed as a “subversive information activity” if it is “aimed at undermining” the opinions of young citizens towards “historical, spiritual and patriotic traditions”. This would mean, for example, that it is the duty of the Russian military to protect Russia against information that undermines Russian traditions.

The Non-Military Population Can be Used for Cyber Defense. The Russian military is empowered to work with non-military elements in Russia for the purpose of taking “information” measures for defense. This refers to the “army” of civilian hackers that work ostensibly outside of government control.

Cyber Attacks Are Authorized Anywhere. The Russian military is authorized to launch a cyber attack (defensive action) against the enemy anywhere in the “global information space”, e.g., not only within the territory of the enemy state.

Cyber Weapons “Indirect and Asymmetric” in Nature. Cyber weapons, and other means, are viewed as being potentially indirect and asymmetric in their utility. In this case, “asymmetric” means “low cost; high impact” or “low cost; high defensive cost”.

Information Operations. The Russian military is empowered to engage in information operations that are aimed at influencing public associations and political groups. The military is empowered to “neutralize” threats through political and non-military means. This is a very broad mandate.

Cyber Espionage is Doctrine. The use of information technology and “modern technical means” is authorized for assessment and forecasting. This is the classical function of foreign intelligence operations.

Control Over Internet to Protect Third Countries. The military is empowered to take steps to make it impossible for any force to use information and communications technologies to influence sovereignty and political independence not only of Russia, but of other states as well.

Excerpts from Russian Cyber Military Doctrine

(The operative terms are underlined.)

Part I §5. The Military Doctrine reflects the commitment of the Russian Federation to taking military measures for the protection of its national interests and the interests of its allies only after political, diplomatic, legal, economic, informational and other non-violent instruments have been exhausted. (В Военной доктрине отражена приверженность Российской Федерации к использованию для защиты национальных интересов страны и интересов ее союзников военных мер только после исчерпания возможностей применения политических, дипломатических, правовых, экономических, информационных и других инструментов ненасильственного характера.)

Part II §11. There is a tendency towards shifting the military risks and military threats to the information space and the internal sphere of the Russian Federation. At the same time, despite the fact that unleashing of a large-scale war against the Russian Federation becomes less probable, in a number of areas the military risks encountered by the Russian Federation are increasing. (Наметилась тенденция смещения военных опасностей и военных угроз в информационное пространство и внутреннюю сферу Российской Федерации. При этом, несмотря на снижение вероятности развязывания против Российской Федерации крупномасштабной войны, на ряде направлений военные опасности для Российской Федерации усиливаются.)

The main external military risks are:
Part II §12(k)(l) use of information and communication technologies for the military-political purposes to take actions which run counter to international law, being aimed against sovereignty, political independence, territorial integrity of states and posing threat to the international peace, security, global and regional stability; (использование информационных и коммуникационных технологий в военно-политических целях для осуществления действий, противоречащих международному праву, направленных против суверенитета, политической независимости, территориальной целостности государств и представляющих угрозу международному миру, безопасности, глобальной и региональной стабильности;)

13. The main internal military risks are:
Part II §13(a) activities aimed at changing by force the constitutional system of the Russian Federation; destabilizing domestic political and social situation in the country; disrupting the functioning of state administration bodies, important state and military facilities, and information infrastructure of the Russian Federation; (деятельность, направленная на насильственное изменение конституционного строя Российской Федерации, дестабилизацию внутриполитической и социальной ситуации в стране, дезорганизацию функционирования органов государственной власти, важных государственных, военных объектов и информационной инфраструктуры Российской Федерации;)

Part II §13(c) subversive information activities against the population, especially young citizens of the State, aimed at undermining historical, spiritual and patriotic traditions related to the defense of the Motherland; (деятельность по информационному воздействию на население, в первую очередь на молодых граждан страны, имеющая целью подрыв исторических, духовных и патриотических традиций в области защиты Отечества;)

Characteristic features and specifics of current military conflicts are:
Part II §15(a) integrated employment of military force and political, economic, informational or other non-military measures implemented with a wide use of the protest potential of the population and of special operations forces; (комплексное применение военной силы, политических, экономических, информационных и иных мер невоенного характера, реализуемых с широким использованием протестного потенциала населения и сил специальных операций)

Part II §15(b) massive use of weapons and military equipment systems, high-precision and hypersonic weapons, means of electronic warfare, weapons based on new physical principles that are comparable to nuclear weapons in terms of effectiveness, information and control systems, as well as drones and autonomous marine vehicles, guided robotic weapons and military equipment; (массированное применение систем вооружения и военной техники, высокоточного, гиперзвукового оружия, средств радиоэлектронной борьбы, оружия на новых физических принципах, сопоставимого по эффективности с ядерным оружием, информационно-управляющих систем, а также беспилотных летательных и автономных морских аппаратов, управляемых роботизированных образцов вооружения и военной техники)

Part II §15(c) exerting simultaneous pressure on the enemy throughout the enemy’s territory in the global information space, airspace and outer space, on land and sea; (воздействие на противника на всю глубину его территории одновременно в глобальном информационном пространстве, в воздушно-космическом пространстве, на суше и море)

Part II §15(f) enhanced centralization and computerization of command and control of troops and weapons as a result of transition from a strictly vertical system of command and control to global networked computerized systems of command and control of troops (forces) and weapons; (усиление централизации и автоматизации управления войсками и оружием в результате перехода от строго вертикальной системы управления к глобальным сетевым автоматизированным системам управления войсками (силами) и оружием)

Part II §15(i) use of indirect and asymmetric methods of operations; (применение непрямых и асимметричных способов действий)

Part II §15(j) employment of political forces and public associations financed and guided from abroad. (использование финансируемых и управляемых извне политических сил, общественных движений)

Part III §21(a) to assess and forecast the development of the military and political situation at global and regional levels, as well as the state of interstate relations in the military-political field with the use of modern technical means and information technologies; (оценка и прогнозирование развития военно-политической обстановки на глобальном и региональном уровне, а также состояния межгосударственных отношений в военно-политической сфере с использованием современных технических средств и информационных технологий)

Part III §21(b) to neutralize potential military risks and military threats through political, diplomatic and other non-military means; (нейтрализация возможных военных опасностей и военных угроз политическими, дипломатическими и иными невоенными средствами)

Part III §21(s) to create conditions to reduce the risk of using information and communications technologies for the military-political purposes to undertake actions running counter to international law, directed against sovereignty, political independence or territorial integrity of states or threatening international peace and security, and global and regional stability. (создание условий, обеспечивающих снижение риска использования информационных и коммуникационных технологий в военно-политических целях для осуществления действий, противоречащих международному праву, направленных против суверенитета, политической независимости, территориальной целостности государств и представляющих угрозу международному миру, безопасности, глобальной и региональной стабильности)

Part III §35(b) to provide for a more effective and secure functioning of public administration and military governance system and to ensure communication between federal government agencies, bodies of the constituent entities of the Russian Federation and other government authorities in addressing defense and security tasks; (повышение эффективности и безопасности функционирования системы государственного и военного управления, обеспечение информационного взаимодействия между федеральными органами исполнительной власти, органами исполнительной власти субъектов Российской Федерации, иными государственными органами при решении задач в области обороны и безопасности)

Part III §35(j) to improve the system of information security of the Armed Forces, other troops and bodies; (совершенствование системы информационной безопасности Вооруженных Сил, других войск и органов)

Part III §39(d) ensuring the reliable functioning of the command and control system of the Armed Forces, other troops and bodies in peacetime, under the conditions of an imminent threat of aggression and in wartime; (обеспечения надежного функционирования системы управления Вооруженными Силами, другими войсками и органами в мирное время, в период непосредственной угрозы агрессии и в военное время)

Part III §39(h) formation of territorial troops to provide protection and defense of military, state and special facilities, critical infrastructure, including transport, communications and energy, as well as potentially hazardous sites; (формирования территориальных войск для охраны и обороны военных, государственных и специальных объектов, объектов, обеспечивающих жизнедеятельность населения, функционирование транспорта, коммуникаций и связи, объектов энергетики, а также объектов, представляющих повышенную опасность для жизни и здоровья людей;)

Part III §39(l) ensuring effective information security of the Armed Forces, other troops and bodies; (эффективного обеспечения информационной безопасности Вооруженных Сил, других войск и органов)

Part III §46(c) to enhance capacity and means of information warfare; (развитие сил и средств информационного противоборства) Note: The word “противоборства” does not mean strictly “warfare”, but instead means “confrontation” which could be thought of as a level of violence short of full-scale warfare.

Part III §46(d) to improve the quality of the means of information exchange on the basis of up-to-date technologies and international standards, as well as a single information field of the Armed Forces, other troops and bodies as part of the Russian Federation’s information space; (качественное совершенствование средств информационного обмена на основе использования современных технологий и международных стандартов, а также единого информационного пространства Вооруженных Сил, других войск и органов как части информационного пространства Российской Федерации;)

Part III §46(f) to develop new types of high-precision weapons and means of counteracting them, aerospace defense assets, communication systems, reconnaissance and command systems, radio jamming systems, complexes of unmanned aerial vehicles, robotic strike complexes, modern transport aviation and individual protection systems for military personnel; (создание новых образцов высокоточного оружия и средств борьбы с ним, средств воздушно-космической обороны, систем связи, разведки и управления, радиоэлектронной борьбы, комплексов беспилотных летательных аппаратов, роботизированных ударных комплексов, современной транспортной авиации, систем индивидуальной защиты военнослужащих;)

Part III §46(g) to create basic information management systems and integrate them with the systems of command and control of weapons and the computerized systems of command and control bodies at the strategic, operational-strategic, operational, operational-tactical and tactical levels. (создание базовых информационно-управляющих систем и их интеграция с системами управления оружием и комплексами средств автоматизации органов управления стратегического, оперативно-стратегического, оперативного, оперативно-тактического и тактического масштаба)

Part III §55(f) to develop a dialogue with interested states on national approaches to confronting military risks and military threats brought about by the extensive use of information and communications technologies for military and political purposes; (развитие диалога с заинтересованными государствами о национальных подходах к противодействию военным опасностям и военным угрозам, возникающим в связи с масштабным использованием информационных и коммуникационных технологий в военно-политических целях)

Russian Cyber Military Terminology

информация инструмент –– “information instruments”.  This is a general term that applies to any use of information to further nation state objectives, including military objectives. 

информационное пространство –– “information space”. The Russian defines the nation as having an information space. This is the entire cyber infrastructure of Russia, including government, commercial, military and private networks and information processing systems. In this sense, Russians believe it is important to protect this “information space” as much as it is important to protect physical land mass.

информационная инфраструктура –– “information infrastructure”. This refers also to the entire country, but is more specific than “information space” because it focuses on the specific technical details of the computing and telecommunications network.

деятельность по информационному –– “information activities”. This refers to communication of information, such as through publications, the media, social media or other means that can have a negative effect on Russia. These are considered to be subversive.

комплексное применение –– “integrated employment”. Here this refers to the integration of military force with information (cyber) activities by the population.

информационно-управляющих систем –– “information and control system”.  This refers to the cyber components of military weapons. It encompasses everything from general command and control to artificial intelligence or other technologies that enable more intelligence weapons.

глобальное информационное пространство –– “global information space”. This refers to the World Wide Web, and everything connected to it. The doctrine calls for identification of activities on the enemy throughout the world’s cyber infrastructure and then attacking these points, even if they are outside of the national territory of the enemy country.

информационное противоборство –– “information confrontation”. A cyber conflict that fall short of full-scale military warfare.

информационные технологии –– “information technology”. Used the same as in the United States.

невоенные средства –– “non-military means”. Cyber weapons and information operations are viewed as being a type of military action without using kinetic force.

информационная безопасность –– “information security”. Generally the same as the term “cyber security”. It refers to protection of information systems and other infrastructure from hackers.

информационная война –– “information warfare”. Cyber and information operations conducted by the Armed Forces.

обмен информацией –– “information exchange”. Refers to communication within the military.

Russian Military Doctrine Published in 2010

By comparing the 2010 version with the 2015 version above, it is possible to see the giant advance in cyber strategy made by the Russian Federation.

Part I §4. Use of informational instruments for the protection of the national interest.

Part II §9(c). The informational infrastructure of the Russian Federation is a vulnerability because it might be disrupted.

Part II §12(d). Information warfare is an essential component of military conflict.

Part II §13(d). Information warfare should be used prior to kinetic military force so as to shaping international public opinion.

Part III §19(a). Information technology should be used to assess international relations [between countries] and for prediction of political events. (This is a reference to classical intelligence; thus the use of cyber tools to collect intelligence.)

Part III §30(j). Cyber is to be used to provide information support to the armed forces. (This is the same as US doctrine.)

*Part III §41 (c). The armed forces are to develop resources for information warfare.

Part III §41(d). The Russian Federation has an “information space” and the Armed Forces are to have a “single information field” within that space. Cyber is to be improved within those spaces so that information exchange is easier and more efficient. (The concept of a “single information field” for a country is an interesting one. It goes against the idea of the Internet being a global and essentially transnational technical system for movement of information.)

Part III §41(f). Cyber should be used to support “new models of high-precision weapons”.

Part III §41(g). The armed forces will develop information systems that will be integrated for command and control, including automating some functions. This will be done at the “strategic, operational-strategic, operational, operational-tactical, and tactical levels”. (This refers to communication and information exchange within the armed forces.)

Analysis of 2010 Russian Military Doctrine

Much of the Russian doctrine is focused on the use of information technology for improving command and control of the Armed Forces. This includes Part III §30(j), Part III §41(d), Part III §41(f) and Part III §41(g).

Other parts of the doctrine define cyber war as a tool or one method (among many) of protecting the national interest. These include Part I §4, Part II §12(d), and Part III §41 (c).

There is an interesting notion of a national “information space” and the fear that it might be a target for attack by enemies. Part II §9(c), and Part III §41(d).

The final part of the doctrine covers the offensive use of cyber weapons (or information tools) as an extension of state power. First, they should be used to shape international public opinion. Part II §13(d). This is the classic use of propaganda or “public diplomacy” in international relations. Second, they should be used to collect intelligence. Part III §19(a).

The doctrine does not clearly spell out the offensive use of cyber weapons. In Part III §41(f) there is mention of “new models of high-precision weapons”. In generally understood language, this would mean items such as precision guided munitions. It would be possible, however, to define a “new model” weapon as being a cyber weapon. But it is doubtful this is the meaning. In Part III §41(c) there is a call for resources for information warfare, but this is not defined. So possibly cyber weapons could be included under this section.

In any case, the essence of the Russian doctrine is clear. Cyber weapons, or information operations, are to be used in place of kinetic military force preceding a conflict, and hopefully to avoid a further escalation of a conflict. If the conflict deepens, then cyber weapons will continue to be used to support the Armed Forces.


(*) It was published December 25, 2014.