Former White House national security advisor Michael Flynn looks like a Kremlin plant. Russian fighter jets are buzzing a U.S. Navy destroyer at close range. One of its spy ships is hanging out off the east coast. And last night, we learned President Donald Trump’s campaign aides were in contact with Russian intelligence officials last year. But don’t think Russian President Vladimir Putin is playing the U.S. for a fool solely because he despises America—there’s a lot of precedent for these tactics.
Putin’s Kremlin has been hacking and meddling in the domestic affairs of its neighbors in Europe since the 2000s, so they had a lot of practice leading up to its alleged hacking of the Democratic National Committee. Be it the cyber attacks against Estonia in 2007, the hacking of Georgia’s government internet servers during its war against the country in 2008, the power grid hack in Ukraine in 2015 and its fake news offensives in Europe against opponents of nationalists politicians who favor the Kremlin, the Russians are pros at engineering chaos in a country’s political affairs.
Below is a brief history of how the Kremlin has masterfully meddled in its neighbors’ affairs, and how this kind of high-level destabilization is a new kind of warfare.
In April and May of 2007, Russian hackers launched a series of cyber attacks that shut down dozens of government and corporate sites in Estonia for weeks. The denial-of-service attacks overwhelmed state-owned websites and commercial servers, forcing them to shut off access from outside of the country in some cases. (Russia denied any involvement.)
This all started when the Estonian government decided to relocate a six-foot-tall bronze statue in downtown Tallinn commemorating the fallen soldiers of World War II. The decision drew many ethnic Russians to the streets because they felt it was a slap in their faces. As far as the Estonian government was concerned, it was a symbol of colonialism that needed to be removed from downtown. (A little background: The Nazis occupied Estonia, along with the other Baltic nations Lithuania and Latvia, during the war. When the Soviets defeated the Nazis, they decided to stay and set up shop in the country until 1991 when the USSR fell. Roughly a quarter of the country is ethnic Russian, and Soviet imagery means a lot to them.)
In any case, the mere thought of moving the statue infuriated Moscow and is widely viewed as the motivating factor behind its hacking of the Estonian government’s internet systems.
The hack was preceded by a fake news offensive with Russian-leaning news sites claiming the Estonians cut the statue into pieces, making ethnic Russians in the country even angrier. Of course, as CNN reported, that wasn’t true at all. But the damage was already done. Ethnic Russians, who were already pissed that they were marginalized by the state (long story), had another reason to rise up against the government and develop a protectionist attitude towards Moscow.
The Estonians have since beefed up their digital security and are aiming to become what they call “a hack-proof government.” Now, no country is really hack-proof, but they’re giving it a go—having Russia as a neighbor gives them incentive to try. The U.S. would be wise to take a few lessons from the Estonian experience.
I was in Georgia in August of 2008 when the Russians hacked into that country’s government computer systems. The hacking took place during its short, eight-day war with Russia, which was prompted by Georgian forces invading South Ossetia because they claimed the Russians were preparing to attack them first.
As far as the hack goes, David Hollis, a senior policy analyst with the Office of the Undersecretary of Defense for Intelligence and a reserve Army officer at U.S. Cyber Command, said the hacks in Georgia were concealed through third-parties, making it harder to link the attacks back to Moscow, according to Foreign Policy.
Here is more on how the Russians conducted the attack, per FP:
According to Hollis, Russian offensive cyber operations began several weeks before the outbreak of the more familiar kinetic operations. Russian cyberintelligence units conducted reconnaissance on important sites and infiltrated Georgian military and government networks in search of data useful for the upcoming campaign. During this period, the Russian government also began organizing the work of Russian cybermilitias, irregular hackers outside the government that would support the campaign and also provide cover for some of the government’s operations. During this period the government and cybermilitias conducted rehearsals of attacks against Georgian targets.
When the kinetic battle broke out on Aug. 7, Russian government and irregular forces conducted distributed denial-of-service attacks on Georgian government and military sites. These attacks disrupted the transmission of information between military units and between offices in the Georgian government. Russian cyberforces attacked civilian sites near the action of kinetic operations with the goal of creating panic in the civilian population. Russian forces also attacked Georgian hacker forums in order to pre-empt a retaliatory response against Russian targets. Finally, the Russians demonstrated their ability to disrupt Georgian society with kinetic and cyber operations, yet refrained from attacking Georgia’s most important asset, the Baku-Ceyhan oil pipeline and associated infrastructure. By holding this target in reserve, the Russians gave Georgian policymakers an incentive to quickly end the war.
It is important to note that Georgia’s former president, Mikheil Saakashvili, won office in 2004 after leading a pro-west “Rose Revolution” that aimed for EU and NATO membership. This irked Putin and put Saakashvili in Putin’s crosshairs onward.
Hackers were even able to create a collage of Saakashvilli photos next to images of Hitler. A widespread information war ensued with Russian television broadcasting RT-style coverage placing all of the blame on for the war on the Georgian government. Walking through the streets of Batumi, a sea resort town in western Georgia, during the middle of this, I often ran into Georgians who were just as angry with Saakashvili as they were with Putin. Though the country rallied in protest against Russia’s actions, the information war against Georgia’s leadership had done its damage.
A quarter million people in the Ivano-Frankivsk region of Ukraine lost power in December of 2015, after Russian hackers attacked its power girds, as reported by CBS News. Unable to respond, workers at the electric control center filmed the blackout with their cellphones. But the cyber attack went even further. Emails with infected attachments were sent to employees that collected their login information, leading to the loss of power at nearly 60 substations.
Russia, as usual, said, “It wasn’t me.”
The Ukrainians restored power in just a few hours, but experts told CBS News that such an attack in on U.S. power grids could take days to repair because our grids, which are automated and far more advanced, are more complicated to fix.
At any rate, the motive behind the hacks is tied to its two-year war against Kyiv in eastern Ukraine, where Moscow supports anti-government rebels. Nearly 10,000 people have died since the conflict began.
Just this week, French presidential frontrunner Emmanuel Macron’s party chief, Richard Ferrand, claimed Russia is running a cyberattack against the candidate, according to France 24. The attacks, Ferrand said, are mainly targeting its databases and email boxes. Marine Le Pen, the far-right candidate competing with Macron for the presidency in May, is a Kremlin darling whose National Front party has received millions in loans from Russian banks to fund party activities.
It is widely believed that the Kremlin has a vested interest in Le Pen because she wants France to leave the European Union and seeks for France to become more isolationist. This would favor Putin, who is very suspicious of the EU, NATO and other international bodies that he feels threaten Russia’s security and economic interests.
Germany and the Netherlands have also charged Russia with attempting to influence its political affairs by launching cyber attacks against left-wing candidates so that nationalist ones that favor the Kremlin have a better shot at winning.
What does all of this mean, exactly?
Russia is a exercising a multi-prong attack that doesn’t require a single missile or bullet to be fired. With cyberattacks against a sovereign nation, Moscow doesn’t have to worry about a military reaction because NATO doesn’t have clearly established protocols on how to retaliate against hacking. This is all new territory for everyone involved, including the United States.
That said, Trump is clearly losing the optics warfare game against Putin right now. If Russia can look like it placed a compromised national security advisor in the White House, what is stopping the Kremlin from trying it in Europe, where most of its leadership looks to Washington for protection against a much bigger Russia?