Russian Negotiating Positions on Cyber Warfare

by edwardmroche

Difficulty in Controlling Cyber Weapons

One of the chief criticisms of an international treaty for the control of cyber weapons is that countries simply would not agree to it because there is a risk of lessening nation state power. After all, why would a nation-state agree to limit its own cyber weapons.

Since the Russian Federation is a powerful actor in the cyber realm, it may be useful to examine its national cyber security objectives and then extrapolate to estimate Russia’s positions in any proposed international negotiations.


Figure 1 – Inference of Russian Negotiating Positions in connection with cyber warfare and related information operations.

Russian Priorities for International Agreements on Cyber

Much of Russia’s Information Security Doctrine (ДОКТРИНА информационной безопасности Российской Федерации) is defensive in nature. Consequently, the threat recognized by the Russian Federation is the same as in other countries, including those in the European Community and United States.

Financial Crimes and Privacy Cyber Crimes. All countries recognize that financial crimes or stealing of personal information on citizens by hackers are criminal acts. In the Russian Federation, these are recognized also as serious crimes. The practical result is that Russia will be open to negotiations on any international treaty that strengthens law enforcement of international cyber crimes involving theft of money or personal information.

Hacking and Attacks on Cyber Infrastructure. Like in other countries, hacking attacks that are aimed at harming cyber infrastructure are illegal in Russia. Recent reports indicate the Duma (the Russian Congress or Parliament) is considering strong prison sentences for anyone convicted of harming cyber infrastructure through hacking. Again, the practical result is that negotiations that aim to increase international cooperation to combat this type of hacking should be possible between Russia and other nations.

Extradition Treaties. There have been a number of cases in which Russian authorities have wanted a criminal hiding in the West to be handed over, and a number of cases in which criminals located in Russia have been targeted for arrest outside of Russia. For the time being, there is no automatic way to handle extradition. Some countries, such as Israel, simply refuse to extradite their own citizens. We can expect that Russia might be willing to engage in negotiations with a limited purpose of agreeing to extradition arrangements for cyber criminals that are located overseas and yet through their criminal actions inflict harm in Russia. In order to have reciprocity, Russia would need to agree to hand over Russian citizens when they are indicted abroad for cyber crimes.

The general problem with extradition is that each nation handing over its citizens must be confident that the type of justice the person will receive in the receiving country is comparable to the standards found in their own country. For the time being, many countries do not recognized the Russian legal system as having sufficient level of quality to provide credible guarantees. Nevertheless, it might be possible to engage in negotiations, providing there is discussion of a special type of legal protocol for cyber-crimes. This would be a potentially useful area for international legal scholarship and exchange of information. There are many problem, not the least of which is the rules for evidence required for conviction. Nevertheless, until there are such arrangements in place, any extraditions will be handled by nation states on a case-by-case basis.

Information Operations Targeting Russia. In the Russian way of thinking, there is a danger of information operations being conducted by foreign parties against Russia. These are divided into two classes: Class 1 are actions taken inside Russia by organizations that have some connection, usually funding, from non-Russian sources; Class 2 are information operations conducted outside of Russia, even aimed at citizens of other nations, that harm the image of Russia or otherwise sow discord.

Although the Universal Declaration of Human Rights (Всеобщая декларация прав человекаis generally used as a basis for arguing that it is the right of every individual to communicate (even criticize) freely, Russia can plausibly argue that Article 29 ¶2 places limits on communications that disturbs morality, the public order, or general welfare of a nation.  The concept of public order (ordre publique) is very broad in nature. The consequence is that Russia has a legal argument. In addition, Article 30 prohibits information and communication that has the effect of destruction of rights and freedoms.  As a consequence, Russia has an argument that their broad definition of information threats to Russian sovereignty and public order are legal.

To go even further, it would by extension and analogy be possible to reference the United Nations Charter Articles 41 & 42 which give each nation state an inherent right of self-defense. As such, any nation should be able to defend itself against information operations that are a threat to its sovereignty or public order. The counter-argument to this line of thinking is that when the UN Charter was written, these articles referred specifically to military (kinetic) threats. So since information operations are not kinetic threats, then these self-defense articles do not apply. The counter-counter-argument that can be made is that although these Articles definitely apply to kinetic military operations, the major powers involved in the Second World War (Вели́кая Оте́чественная война́) all were heavily involved in various types of information operations. Therefore, since information operations at the time of the signing of the UN Charter were considered to be an inherent aspect of warfare, we can infer that the United Nations Charter and its inherent right of self-defense for nation states as seen in Articles 41 & 42 are inclusive of information operations.

The implication is that although it might be possible to engage Russia in discussions regarding an international agreement regarding control of information operations, the likelihood of success would be minimal because there is a conflict between the danger of information operations, and the need for freedom of the press. In addition, Russian media channels such as RT and Sputnik might be criticized in Europe or the United States in the same way CNN or Voice of America (VOA) might be criticized in Russia.   So the consequences are that Russia would be required to place limitations on the content of RT and Sputnik and all of its foreign media operations in exchange for other nations to do the same. These are unrealistic expectations for either Russia or any other nation to agree to, therefore, we can assess there is a very small chance we will see any successful negotiations on the international control of information operations conducted by nation states or major media channels. An additional complication is that the Internet already provides free access to most of the world’s television channels. (See Free Internet TV.)

Default to National Control. Since we can expect no international agreement to limit or control information operations, the only defensive solution is for nation states to take actions within their own territory to limit the supposedly corrosive influence of foreign information. This is the default position of the People’s Republic of China, and a number of other countries. Russia has not been as strict as China in this regard. The United States may be considering taking steps to limit the information operations of Islamic terrorist organizations such as ISIS (Daesh). This would represent a remarkable departure from a policy of almost 100% freedom of information.

Terrorist Propaganda.  Terrorist propaganda has been around for a long time, but the current debate is over control of ISIS (Daesh) propaganda that is being transmitted through various social media channels over the Internet. This may cause asyngnotic networks to emerge and trigger terrorist attacks. (See “The Cyber Intelligence Challenge of Asyngnotic Networks“.) The current trend is for nation states to consider censoring this information. Again, this will be done at the nation-state (default) level of control.

An additional argument that Russia might make in justifying these types of actions is found in Article 41 of the United Nations Charter. Here, the article specifically mentions “means of communications” as something that can be interrupted in order to maintain international peace and security.

Religious Dimension to Information Operations. There are arguments made that there should be no control over religious communications across borders, and that to limit these flows of information is to repress religious rights. The counter-argument is that there is no protection provided in any society for information of any type, even religious information, if it promotes hatred or racism, or incites violence. Therefore, “religious” communications from ISIS (Daesh) can be banned in all countries for public safety reasons. There is no “right” to transmit information that may cause people to become violent and endanger peace and security. No international agreement is needed to allow this type of censorship, as these rights of nation states already are written into treaties and agreements.

International Control of Cyber Espionage. Every nation spies, and every nation knows it. Espionage is information collection and analysis conducted by a nation state as a part of its national defense. Russia has a tradition of cooperating in sharing intelligence information under extremely limited circumstances, and when doing so is mutual, and the entire sharing operation is mutually beneficial. These agreements are made on a bilateral basis, and are not published or registered, so are beyond the scope of this analysis. Since every nation has an inherent right of self-defense, there will never be an international agreement to limit or control espionage, even that conducted via the Internet (“cyber espionage”).

Details of Russia’s Information Security Doctrine

By a Presidential Decree of December 5, 2016, Russia adopted a revised information security doctrine (ДОКТРИНА информационной безопасности Российской Федерации). What can we learn from this document that would anticipate Russian policy positions in international negotiations aimed at getting more cyber security for the world?

(Below is the original Russian. Above is not a translation, but instead is a gloss that summarizes the implications of the Russian doctrine. The pertinent Russian phrases have been underlined.)

II.7. Recognizes that information technology has developed into an international phenomena that is cross-border in nature.
(7. Информационные технологии приобрели глобальный трансграничный характер и стали неотъемлемой частью всех сфер деятельности личности, общества и государства.)

II.8(d). Suggests that the government of Russia desires to work at building an international political-legal framework that will help to stop use of information technology that harm stability and sovereignty. This is expressed as the desire for international agreements that will stop foreigners from using cyber to injure Russia’s “information space”.
((д) содействие формированию системы международной информационной безопасности, направленной на противодействие угрозам использования информационных технологий в целях нарушения стратегической стабильности, на укрепление равноправного стратегического партнерства в области информационной безопасности, а также на защиту суверенитета Российской Федерации в информационном пространстве.)

The Russian View of Cyber Threats

III.10. The international flow of information into Russia may help terrorists, extremists or other illegal activities. For example, under this way of thinking, the introduction of ISIS (Daesh) propaganda into muslim communities inside Russia is a serious cyber threat.
(Возможности трансграничного оборота информации все чаще используются для достижения геополитических, противоречащих международному праву военно-политических, а также террористических, экстремистских, криминальных и иных противоправных целей в ущерб международной безопасности и стратегической стабильности.)

III.10. There is a threat of information technology being introduced into Russia without having undergone adequate security testing, and without being integrated with the over-all national efforts at cyber security. (The United States does not have any such program.)
(При этом практика внедрения информационных технологий без увязки с обеспечением информационной безопасности существенно повышает вероятность проявления информационных угроз.)

III.12. Covert action by government secret organizations uses cyber for psychological warfare. In Russia, there is a view that human rights organizations (and others) may be secretly funded by foreign governments to weaken Russia. By “weaken” Russian doctrine means “destabilization of the political and social situation”.
(12. Расширяются масштабы использования специальными службами отдельных государств средств оказания информационно-психологического воздействия, направленного на дестабилизацию внутриполитической и социальной ситуации в различных регионах мира и приводящего к подрыву суверенитета и нарушению территориальной целостности других государств. В эту деятельность вовлекаются религиозные, этнические, правозащитные и иные организации, а также отдельные группы граждан, при этом широко используются возможности информационных технологий.)

III.13. Terrorist organizations use cyber to both sabotage Russia’s technical infrastructure, but also to distribute propaganda.
(Различные террористические и экстремистские организации широко используют механизмы информационного воздействия на индивидуальное, групповое и общественное сознание в целях нагнетания межнациональной и социальной напряженности, разжигания этнической и религиозной ненависти либо вражды, пропаганды экстремистской идеологии, а также привлечения к террористической деятельности новых сторонников. Такими организациями в противоправных целях активно создаются средства деструктивного воздействия на объекты критической информационной инфраструктуры.)

III.14. Hacking and computer crime targeting financial assets and private information.
(14. Возрастают масштабы компьютерной преступности, прежде всего в кредитно-финансовой сфере, увеличивается число преступлений, связанных с нарушением конституционных прав и свобод человека и гражданина, в том числе в части, касающейся неприкосновенности частной жизни, личной и семейной тайны, при обработке персональных данных с использованием информационных технологий.)

III.16. Governments of various nations use cyber to (a) attack Russian infrastructure; (b) conduct cyber espionage; (c) influence political and social stability.
(16. Состояние информационной безопасности в области государственной и общественной безопасности характеризуется постоянным повышением сложности, увеличением масштабов и ростом скоординированности компьютерных атак на объекты критической информационной инфраструктуры, усилением разведывательной деятельности иностранных государств в отношении Российской Федерации, а также нарастанием угроз применения информационных технологий в целях нанесения ущерба суверенитету, территориальной целостности, политической и социальной стабильности Российской Федерации.)

III.19. Internet governance is not equitable between nations. This is a threat because it makes it problematical for Russia to work at creating a system of international information security.
( 19. Состояние информационной безопасности в области стратегической стабильности и равноправного стратегического партнерства характеризуется стремлением отдельных государств использовать технологическое превосходство для доминирования в
информационном пространстве. Существующее в настоящее время распределение между странами ресурсов, необходимых для обеспечения безопасного и устойчивого
функционирования сети “Интернет”, не позволяет реализовать совместное справедливое, основанное на принципах доверия управление ими. Отсутствие международно-правовых норм, регулирующих межгосударственные отношения в информационном пространстве, а также механизмов и процедур их применения, учитывающих специфику информационных технологий, затрудняет формирование системы международной информационной безопасности, направленной на достижение стратегической стабильности и равноправного стратегического партнерства.)