TERRORISM AND SOCIAL MEDIA | cyberarmscontrolblog

Russian Negotiating Positions on Cyber Warfare

Difficulty in Controlling Cyber Weapons

One of the chief criticisms of an international treaty for the control of cyber weapons is that countries simply would not agree to it because there is a risk of lessening nation state power. After all, why would a nation-state agree to limit its own cyber weapons.

Since the Russian Federation is a powerful actor in the cyber realm, it may be useful to examine its national cyber security objectives and then extrapolate to estimate Russia’s positions in any proposed international negotiations.

Figure 1 – Inference of Russian Negotiating Positions in connection with cyber warfare and related information operations.

Russian Priorities for International Agreements on Cyber

Much of Russia’s Information Security Doctrine (ДОКТРИНА информационной безопасности Российской Федерации) is defensive in nature. Consequently, the threat recognized by the Russian Federation is the same as in other countries, including those in the European Community and United States.

Financial Crimes and Privacy Cyber Crimes. All countries recognize that financial crimes or stealing of personal information on citizens by hackers are criminal acts. In the Russian Federation, these are recognized also as serious crimes. The practical result is that Russia will be open to negotiations on any international treaty that strengthens law enforcement of international cyber crimes involving theft of money or personal information.

Hacking and Attacks on Cyber Infrastructure. Like in other countries, hacking attacks that are aimed at harming cyber infrastructure are illegal in Russia. Recent reports indicate the Duma (the Russian Congress or Parliament) is considering strong prison sentences for anyone convicted of harming cyber infrastructure through hacking. Again, the practical result is that negotiations that aim to increase international cooperation to combat this type of hacking should be possible between Russia and other nations.

Extradition Treaties. There have been a number of cases in which Russian authorities have wanted a criminal hiding in the West to be handed over, and a number of cases in which criminals located in Russia have been targeted for arrest outside of Russia. For the time being, there is no automatic way to handle extradition. Some countries, such as Israel, simply refuse to extradite their own citizens. We can expect that Russia might be willing to engage in negotiations with a limited purpose of agreeing to extradition arrangements for cyber criminals that are located overseas and yet through their criminal actions inflict harm in Russia. In order to have reciprocity, Russia would need to agree to hand over Russian citizens when they are indicted abroad for cyber crimes.

The general problem with extradition is that each nation handing over its citizens must be confident that the type of justice the person will receive in the receiving country is comparable to the standards found in their own country. For the time being, many countries do not recognized the Russian legal system as having sufficient level of quality to provide credible guarantees. Nevertheless, it might be possible to engage in negotiations, providing there is discussion of a special type of legal protocol for cyber-crimes. This would be a potentially useful area for international legal scholarship and exchange of information. There are many problem, not the least of which is the rules for evidence required for conviction. Nevertheless, until there are such arrangements in place, any extraditions will be handled by nation states on a case-by-case basis.

Information Operations Targeting Russia. In the Russian way of thinking, there is a danger of information operations being conducted by foreign parties against Russia. These are divided into two classes: Class 1 are actions taken inside Russia by organizations that have some connection, usually funding, from non-Russian sources; Class 2 are information operations conducted outside of Russia, even aimed at citizens of other nations, that harm the image of Russia or otherwise sow discord.

Although the Universal Declaration of Human Rights (Всеобщая декларация прав человека) is generally used as a basis for arguing that it is the right of every individual to communicate (even criticize) freely, Russia can plausibly argue that Article 29 ¶2 places limits on communications that disturbs morality, the public order, or general welfare of a nation. The concept of public order (ordre publique) is very broad in nature. The consequence is that Russia has a legal argument. In addition, Article 30 prohibits information and communication that has the effect of destruction of rights and freedoms. As a consequence, Russia has an argument that their broad definition of information threats to Russian sovereignty and public order are legal.

To go even further, it would by extension and analogy be possible to reference the United Nations Charter Articles 41 & 42 which give each nation state an inherent right of self-defense. As such, any nation should be able to defend itself against information operations that are a threat to its sovereignty or public order. The counter-argument to this line of thinking is that when the UN Charter was written, these articles referred specifically to military (kinetic) threats. So since information operations are not kinetic threats, then these self-defense articles do not apply. The counter-counter-argument that can be made is that although these Articles definitely apply to kinetic military operations, the major powers involved in the Second World War (Вели́кая Оте́чественная война́) all were heavily involved in various types of information operations. Therefore, since information operations at the time of the signing of the UN Charter were considered to be an inherent aspect of warfare, we can infer that the United Nations Charter and its inherent right of self-defense for nation states as seen in Articles 41 & 42 are inclusive of information operations.

The implication is that although it might be possible to engage Russia in discussions regarding an international agreement regarding control of information operations, the likelihood of success would be minimal because there is a conflict between the danger of information operations, and the need for freedom of the press. In addition, Russian media channels such as RT and Sputnik might be criticized in Europe or the United States in the same way CNN or Voice of America (VOA) might be criticized in Russia. So the consequences are that Russia would be required to place limitations on the content of RT and Sputnik and all of its foreign media operations in exchange for other nations to do the same. These are unrealistic expectations for either Russia or any other nation to agree to, therefore, we can assess there is a very small chance we will see any successful negotiations on the international control of information operations conducted by nation states or major media channels. An additional complication is that the Internet already provides free access to most of the world’s television channels. (See Free Internet TV.)

Default to National Control. Since we can expect no international agreement to limit or control information operations, the only defensive solution is for nation states to take actions within their own territory to limit the supposedly corrosive influence of foreign information. This is the default position of the People’s Republic of China, and a number of other countries. Russia has not been as strict as China in this regard. The United States may be considering taking steps to limit the information operations of Islamic terrorist organizations such as ISIS (Daesh). This would represent a remarkable departure from a policy of almost 100% freedom of information.

Terrorist Propaganda. Terrorist propaganda has been around for a long time, but the current debate is over control of ISIS (Daesh) propaganda that is being transmitted through various social media channels over the Internet. This may cause asyngnotic networks to emerge and trigger terrorist attacks. (See “The Cyber Intelligence Challenge of Asyngnotic Networks“.) The current trend is for nation states to consider censoring this information. Again, this will be done at the nation-state (default) level of control.

An additional argument that Russia might make in justifying these types of actions is found in Article 41 of the United Nations Charter. Here, the article specifically mentions “means of communications” as something that can be interrupted in order to maintain international peace and security.

Religious Dimension to Information Operations. There are arguments made that there should be no control over religious communications across borders, and that to limit these flows of information is to repress religious rights. The counter-argument is that there is no protection provided in any society for information of any type, even religious information, if it promotes hatred or racism, or incites violence. Therefore, “religious” communications from ISIS (Daesh) can be banned in all countries for public safety reasons. There is no “right” to transmit information that may cause people to become violent and endanger peace and security. No international agreement is needed to allow this type of censorship, as these rights of nation states already are written into treaties and agreements.

International Control of Cyber Espionage. Every nation spies, and every nation knows it. Espionage is information collection and analysis conducted by a nation state as a part of its national defense. Russia has a tradition of cooperating in sharing intelligence information under extremely limited circumstances, and when doing so is mutual, and the entire sharing operation is mutually beneficial. These agreements are made on a bilateral basis, and are not published or registered, so are beyond the scope of this analysis. Since every nation has an inherent right of self-defense, there will never be an international agreement to limit or control espionage, even that conducted via the Internet (“cyber espionage”).

Details of Russia’s Information Security Doctrine

By a Presidential Decree of December 5, 2016, Russia adopted a revised information security doctrine (ДОКТРИНА информационной безопасности Российской Федерации). What can we learn from this document that would anticipate Russian policy positions in international negotiations aimed at getting more cyber security for the world?

(Below is the original Russian. Above is not a translation, but instead is a gloss that summarizes the implications of the Russian doctrine. The pertinent Russian phrases have been underlined.)

II.7. Recognizes that information technology has developed into an international phenomena that is cross-border in nature.
(7. Информационные технологии приобрели глобальный трансграничный характер и стали неотъемлемой частью всех сфер деятельности личности, общества и государства.)

II.8(d). Suggests that the government of Russia desires to work at building an international political-legal framework that will help to stop use of information technology that harm stability and sovereignty. This is expressed as the desire for international agreements that will stop foreigners from using cyber to injure Russia’s “information space”.
((д) содействие формированию системы международной информационной безопасности, направленной на противодействие угрозам использования информационных технологий в целях нарушения стратегической стабильности, на укрепление равноправного стратегического партнерства в области информационной безопасности, а также на защиту суверенитета Российской Федерации в информационном пространстве.)

The Russian View of Cyber Threats

III.10. The international flow of information into Russia may help terrorists, extremists or other illegal activities. For example, under this way of thinking, the introduction of ISIS (Daesh) propaganda into muslim communities inside Russia is a serious cyber threat.
(Возможности трансграничного оборота информации все чаще используются для достижения геополитических, противоречащих международному праву военно-политических, а также террористических, экстремистских, криминальных и иных противоправных целей в ущерб международной безопасности и стратегической стабильности.)

III.10. There is a threat of information technology being introduced into Russia without having undergone adequate security testing, and without being integrated with the over-all national efforts at cyber security. (The United States does not have any such program.)
(При этом практика внедрения информационных технологий без увязки с обеспечением информационной безопасности существенно повышает вероятность проявления информационных угроз.)

III.12. Covert action by government secret organizations uses cyber for psychological warfare. In Russia, there is a view that human rights organizations (and others) may be secretly funded by foreign governments to weaken Russia. By “weaken” Russian doctrine means “destabilization of the political and social situation”.
(12. Расширяются масштабы использования специальными службами отдельных государств средств оказания информационно-психологического воздействия, направленного на дестабилизацию внутриполитической и социальной ситуации в различных регионах мира и приводящего к подрыву суверенитета и нарушению территориальной целостности других государств. В эту деятельность вовлекаются религиозные, этнические, правозащитные и иные организации, а также отдельные группы граждан, при этом широко используются возможности информационных технологий.)

III.13. Terrorist organizations use cyber to both sabotage Russia’s technical infrastructure, but also to distribute propaganda.
(Различные террористические и экстремистские организации широко используют механизмы информационного воздействия на индивидуальное, групповое и общественное сознание в целях нагнетания межнациональной и социальной напряженности, разжигания этнической и религиозной ненависти либо вражды, пропаганды экстремистской идеологии, а также привлечения к террористической деятельности новых сторонников. Такими организациями в противоправных целях активно создаются средства деструктивного воздействия на объекты критической информационной инфраструктуры.)

III.14. Hacking and computer crime targeting financial assets and private information.
(14. Возрастают масштабы компьютерной преступности, прежде всего в кредитно-финансовой сфере, увеличивается число преступлений, связанных с нарушением конституционных прав и свобод человека и гражданина, в том числе в части, касающейся неприкосновенности частной жизни, личной и семейной тайны, при обработке персональных данных с использованием информационных технологий.)

III.16. Governments of various nations use cyber to (a) attack Russian infrastructure; (b) conduct cyber espionage; (c) influence political and social stability.
(16. Состояние информационной безопасности в области государственной и общественной безопасности характеризуется постоянным повышением сложности, увеличением масштабов и ростом скоординированности компьютерных атак на объекты критической информационной инфраструктуры, усилением разведывательной деятельности иностранных государств в отношении Российской Федерации, а также нарастанием угроз применения информационных технологий в целях нанесения ущерба суверенитету, территориальной целостности, политической и социальной стабильности Российской Федерации.)

III.19. Internet governance is not equitable between nations. This is a threat because it makes it problematical for Russia to work at creating a system of international information security.
( 19. Состояние информационной безопасности в области стратегической стабильности и равноправного стратегического партнерства характеризуется стремлением отдельных государств использовать технологическое превосходство для доминирования в
информационном пространстве. Существующее в настоящее время распределение между странами ресурсов, необходимых для обеспечения безопасного и устойчивого
функционирования сети “Интернет”, не позволяет реализовать совместное справедливое, основанное на принципах доверия управление ими. Отсутствие международно-правовых норм, регулирующих межгосударственные отношения в информационном пространстве, а также механизмов и процедур их применения, учитывающих специфику информационных технологий, затрудняет формирование системы международной информационной безопасности, направленной на достижение стратегической стабильности и равноправного стратегического партнерства.)

2016 The Year of Cyber War 0.7

Is Interference in Campaigns “Cyber War”?

2016 was the year of cyber war, and we will call it “cyber war 0.7” because it not a complete cyber war in the proper sense of the word. The most incredible event was the role of WikiLeaks in the election for the president of the United States. WikiLeaks was able to publish a large number of emails from the Democratic National Committee. These emails indicated a certain level of untoward behavior on the part of the leadership of the Democratic committee. As a result of this, there were various personnel changes in the Democratic National Committee.

The emails seem to indicate a number of activities that were considered by the opposition to be improper. Although these activities or not reported upon widely in the mainstream media, nevertheless, they seemed to have a decisive effect on the election. The connection between the leak of these emails and the election found it’s nexus in the investigation by the Federal Bureau of Investigation. In particular, only about one week before the vote, the FBI announced that it was re-opening its investigation of the Clinton emails. According to most commentators on the Democratic side, this specific action by the FBI was responsible primarily for the loss of Hillary Clinton in the election. The opposition claimed however that the real reason why she lost the election had to do with her policies regarding industrialization and foreign trade policy for the United States. It is difficult to know what all of the reasons were, but this discussion regarding the role of WikiLeaks, and the role of cyber warfare in the election has continued.

US Retaliation Against Russian Diplomats

After the election for the president but before the inauguration of the new administration, President Obama announced that the United States would be taking retaliatory action against the Russian Federation. This retaliation involves the expiration of 35 diplomats and their families from the United States within 72 hours. That’s at the same time, the Russians or forced to abandon two facilities that they have been operating for more than a quarter of a century. And additional hardship imposed upon the Russians was that this expulsion came only a few days before the New Year’s celebration which in Russia, like in so many other countries, is a major celebration. The representative of the Russian Federation in San Francisco stated that the cook for the New Year’s festivities had been expelled from the United States. He lamented publicly on television that because of this it would not be possible for the consulate to invite the large number of American guest as was customary.

This time, it still is not clear exactly what role the Russian Federation had in the release of the Clinton emails. For example, Julian Assange, the head of WikiLeaks, as stated on numerous occasions, including today in a live interview on the Fox news Channel, that the Russian Federation government had absolutely no connection to the release of the emails. In spite of these numerous denials, many still argue that it was the intervention of the Russian government in the presidential election that was responsible for the election of Donald Trump as the 45th president of the United States.

During this past week, there also was a report that malicious code from the Russian Federation had been injected into the electrical supply control mechanism for the state of New Hampshire. This news item turned out to be false.

The Chinese Office of Personnel Hack

There were many other significant events involving cyber warfare or cyber espionage during the year 2016. One of the most significant incidents was when a group operating from the People’s Republic of China managed to hack into the personnel records of more than 2 million employees of the federal government. They took a large amount of extremely confidential information including background investigation and security information regarding these government employees. What is peculiar about this incident is that the Obama administration did not take the type of harsh countermeasures that it has taken in the case of the legend Russian hacking of the US election.

Terrorists Use of Social Media

A third major theme of cyber warfare during the year 2016 involved the role of I S I S in it’s propaganda efforts to recruit terrorists around the world. These recruitment efforts have been very successful, particularly in Europe. During this year, Europe has seen a dramatic increase in terrorism and has lost a large number of people. In general, the situation seems to be getting much worse in Europe. In spite of this rise in the number of deaths originating in terrorism, Europe still seems to be refusing to place any controls on the propaganda coming from the Middle East. Placing controls on information is very difficult because it is a direct contravention of the international law regarding freedom of speech and freedom of communication. These principles were incorporated into the Universal Declaration of Human Rights. Unfortunately, we can see that international declarations are not to the same as international law.

We can say confidently that the year 2016 was one in which all aspects of the cyber issue came to the forefront in the international news. We can also say that during the coming year we should continue to see an escalation of problems in the cyber domain.

This blog continues to maintain the position that until there is a very significant outage or Internet crisis which affects a number of countries at the same time there will not be any recognition of the need for an international agreement to limit the proliferation and development of cyber weapons.