Keir Giles | Conflict Studies Research Centre (original) (raw)

Cyber Defense Publications by Keir Giles

— Russia’s use of cyber and information warfare against Ukraine has confirmed some previous asses... more — Russia’s use of cyber and information warfare against Ukraine has confirmed some previous assessments of Russian doctrine and capabilities and invalidated others. In both cases, observation of operations in the war to date provides valuable insights for other states and coalitions seeking to defend themselves effectively against Russia in the future.
— Russia’s operations in Ukraine have provided a clear practical demonstration of the holistic and integrated nature of Russia’s approach to using information for effect in wartime conditions. This implies that potential future victims of Russian aggression should recognize the crucial interdependencies this approach exploits – not only between cyber and information activities but also between these and the physical environment and cognitive domain – and adjust defensive strategies accordingly.
— In particular, information and assets not normally thought to be targets for combat operations must be protected. Private personal information captured before and during military operations has been used by Russia with lethal consequences for its subjects.
— Ukraine’s successful resistance to Russian cyber campaigns has been substantially enabled by support from international partners but also, critically, from private industry. The involvement of private industry in hostilities raises issues of accountability and legal status, as well as the question of financial and other support for the organizations offering their services. These issues should be addressed as a matter of urgency so that policies are in place before they are next required.
— The participation of private citizens in information activities as part of the defence of Ukraine potentially undermines the notional protection they are afforded as civilians rather than combatants. While there is no expectation that Russia will observe international humanitarian law, this has the potential to complicate eventual prosecutions for breaches of it.
— This research paper offers policy recommendations for enhancing the resilience of Western states to cyber and information operations by Russia. These recommendations, by their nature, will also be relevant for protection against any other state or non-state threat actor seeking to exploit
similar vulnerabilities.

Hybrid CoE Working Paper 26, 2023

State-backed parody and mockery of the enemy in conflict are nothing new. What is new is the way ... more State-backed parody and mockery of the enemy in conflict are nothing new. What is new is the way social media has democratised access and audience. This has both opened the playing field to self-motivated private individuals and facilitated their joining forces in informal collectives for greater effect. The result has been to impose costs on adversaries – if only by making
it harder for them to achieve their aims.

In particular, humour-based responses to Russian actions in the information space and in the physical domain have been found to deliver multiple clear benefits for the defending side, even if the direct impact on Russia itself is hard to measure. This has led to recognising the value of adopting similar methodologies on a more formal basis. Success in this endeavour is difficult to measure objectively. Nevertheless, authoritative studies conclude that ridicule has been shown to work with general audiences.

This Hybrid CoE Working Paper considers instances of humour put to effective use to counter disinformation and propaganda in online spaces, using Russia’s war on Ukraine as a primary case study, and Twitter (now X) as the main medium under consideration. It is a practical review seeking to identify examples of best practice from both government and civil society.

2022 14th International Conference on Cyber Conflict, 2022

The internet of things (IoT), autonomous driving, or Industry 4.0 – regardless of the application... more The internet of things (IoT), autonomous driving, or Industry 4.0 – regardless of the application scenario envisioned, next-decade technologies reliant on connectivity will be based on 5G infrastructure and become increasingly dependent on virtualizations to provide adequate and adaptable network services. Virtualized network functions (VNFs) are used to provide services through software that replaces dedicated network devices. This shift from physical devices to software functions allows easier response and adaptation to environmental conditions (e.g. changes in network traffic or infrastructure). As such, they build the core of modern networks and are crucial to achieving the low latency and high speed of 5G networks. However, this makes VNFs of particular interest to cyber criminals, hacktivists, and state-sponsored hackers.
In October 2019, the EU Commission identified state-sponsored attackers as the major threat to the security of 5G networks. The EU’s risk assessment identified core security requirements that are different for 5G networks. Due to the reliance on software, types of devices, and services connected and the heavily interconnected nature of 5G networks, there are more entry points for attackers. Nokia’s head of product management security has said that 5G networks have 200 times more attack vectors than their 4G predecessors. Network services such as VIMs (virtualized infrastructure managers) have already been identified as crucial assets that are expected to be heavily attacked.
This article investigates how selected NATO and Western allies have addressed these issues of 5G network security over the past two years, while the pandemic has further highlighted societal dependency on network infrastructure. In particular, it will consider software supply chain security and the approach to foreign vendor integration. It investigates to what extent allies share views and practices on 5G security, which is necessary to ensure a united, secure network across borders. It will also consider the implications of adversary activities directed against identified weaknesses and offer essential principles for how to cope with the emerging threats.

2021 13th International Conference on Cyber Conflict, 2021

In a number of States, the critical importance of the environment for preservation of human life has been recognised by extending legal personhood – and thus, legal rights – to environmental entities. Countries such as Colombia, Ecuador, New Zealand, and India have granted legal rights to various rivers, lakes, parks, and nature in general. This paper explores the future possibility and cases where States may consider granting legal rights to other non-sentient but critically important entities. Looking into a future where human life becomes increasingly dependent upon highly interdependent systems in cyberspace, is there a possibility that these systems are granted personhood?

Remote work and its cybersecurity implications could lead to an entirely new recognition of the importance of cyberspace dependencies and, consequently, a new legal treatment. Against the backdrop of extended debate on the legal regulation of cyberspace, including the law of armed conflict, this would raise even more complex legal considerations, especially in the light of cross-border dependencies and systems that affect multiple jurisdictions.

By way of cyber biomimicry, this paper adopts a blue-sky conceptual approach to studying policy considerations and potential implications if highly interdependent cyber systems in the distant future are granted the same protections as elements of the environment.

2021 13th International Conference on Cyber Conflict, 2021

And yet, it is precisely this connectivity within and between NATO states that some adversaries are preparing to attack in time of conflict, including through physical or kinetic means. Russia in particular has long invested in probing vulnerabilities of civilian internet and telecommunications infrastructure, and this programme was urgently ramped up to unprecedented levels of intensity after the seizure of Crimea in 2014 demonstrated the power of total information dominance achieved through targeting critical information assets.

Besides Russia, China and a number of other states are also rapidly developing counter- space capabilities that would pose a direct threat to critical civilian communications services. This has obvious implications for crisis management even before overt state-on-state conflict. Vulnerabilities have been sought in all domains: maritime (subsea cables), space (communications satellites), land (fibre optic nodes), and online (targeting specific media sources for neutralisation). The VPNFilter malware exposed in mid-2018, in addition to its cybercrime or cyber-espionage capabilities, demonstrated the ambition to render large numbers of ordinary users in NATO countries simply unable to communicate.

Recognising and responding to this emerging disruptive threat and its potential human, societal, and state impact is critical to the defence of NATO states – still more so in the case of disruption to normal life by events such as the pandemic. The threat to cyber-physical systems not ordinarily considered a military target must be recognised, and their defence and security prioritised. This paper outlines the threat and recommends a range of mitigation strategies and measures.

2020 12th International Conference on Cyber Con ict 20/20 Vision: The Next Decade, 2020

Malign influence campaigns leveraging cyber capabilities have caused significant political disrup... more Malign influence campaigns leveraging cyber capabilities have caused significant political disruption in the United States and elsewhere; but the next generation of campaigns could be considerably more damaging as a result of the widespread use of machine learning. Current methods for successfully waging these campaigns depend on labour-intensive human interaction with targets. The introduction of machine learning, and potentially artificial intelligence (AI), will vastly enhance capabilities for automating the reaching of mass audiences with tailored and plausible content. Consequently, they will render malicious actors even more powerful. Tools for making use of machine learning in information operations are developing at an extraordinarily rapid pace, and are becoming rapidly more available and affordable for a much wider variety of users. Until early 2018 it was assumed that the utilisation of AI methods by cyber criminals was not to be expected soon, because those methods rely on vast datasets, correspondingly vast computational power, or both, and demanded highly specialised skills and knowledge. However, in 2019 these assumptions proved invalid, as datasets and computing power were democratised and freely available tools obviated the need for special skills. It is reasonable to assume that this process will continue, transforming the landscape of deception, disinformation and influence online. This article assesses the state of AI-enhanced cyber and information operations in late 2019 and investigates whether this may represent the beginnings of substantial and dangerous trends over the next decade.

Asia Policy, 2020

Russia's exercise of cyberpower forms an integral part of the far broader concept known as inform... more Russia's exercise of cyberpower forms an integral part of the far broader concept known as information warfare. The key principle of the Russian approach to information warfare, including cyber activities, is that information is the most important object of operations, independent of the channel through which it is transmitted. The aim is to control-or weaponize-information in whatever form it takes. Thus, "cyber" in particular is just a technical representation of information. In short, in Russia's comprehensive approach to the information domain, cyber is not a stand-alone discipline. This principle underpins all Russian efforts to extract, exfiltrate, manipulate, distort, or insert information. Alongside cyber activities, the channels available for doing this are as diverse as using fake or real news media to plant disinformation, trolling campaigns, issuing official government statements, giving speeches at rallies or demonstrations, posting defamatory online videos, and sending direct text messages. Russian information activities are not limited to cyberspace. Rather than using the term "cyberspace," Russian officials refer to "information space," which includes both computer and human information processing. This essay starts with an explanation of the terminological, doctrinal, and practical distinguishing features of Russian cyber activities as part of information warfare. It goes on to look at a number of Russia's agencies and capabilities involved in the prosecution of cyber activities, both offensive and defensive. In conclusion, the essay emphasizes the main implication of this distinctive approach: the need for nations to prepare a broad range of defenses against Russia's holistic approach to offensive cyber, information warfare, and other forms of hostile online activity.

2019 11th International Conference on Cyber Conflict, 2019

The unprecedented transparency shown by the Netherlands intelligence services in exposing Russian... more The unprecedented transparency shown by the Netherlands intelligence services in exposing Russian GRU officers in October 2018 is indicative of a number of new trends in state handling of cyber conflict. US public indictments of foreign state intelligence officials, and the UK's deliberate provision of information allowing the global media to "dox" GRU officers implicated in the Salisbury poison attack in early 2018, set a precedent for revealing information that previously would have been confidential. This is a major departure from previous practice where the details of state-sponsored cyber attacks would only be discovered through lengthy investigative journalism (as with Stuxnet) or through the efforts of cybersecurity corporations (as with Red October). This paper uses case studies to illustrate the nature of this departure and consider its impact, including potentially substantial implications for state handling of cyber conflict. The paper examines these implications, including:

• The effect of transparency on perception of conflict. Greater public knowledge of attacks will lead to greater public acceptance that countermeasures should be taken. This may extend to public preparedness to accept that a state of declared or undeclared war exists with a cyber aggressor.

• The resulting effect on legality. This adds a new element to the long-running debates on the legality of cyber attacks or counterattacks , by affecting the point at which a state of conflict is politically and socially, even if not legally, judged to exist.

• The further resulting effect on permissions and authorities to conduct cyber attacks, in the form of adjustment to the glaring imbalance between the means and methods available to aggressors (especially those who believe themselves already to be in conflict) and defenders. Greater openness has already intensified public and political questioning of the restraint shown by NATO and EU nations in responding to Russian actions; this trend will continue.

• Consequences for deterrence, both specifically within cyber conflict and also more broadly deterring hostile actions.

In sum, the paper brings together the direct and immediate policy implications, for a range of nations and for NATO, of the new apparent policy of transparency.

Real or potential connections between infrastructure of different security levels, from relativel... more Real or potential connections between infrastructure of different security levels, from relatively unprotected individual users up to interfaces with critical national infrastructure, have made cyberspace a highly contested and congested domain. But operating conditions within this domain strongly favour malicious actors over legitimate operators seeking to provide security and protect systems and information. Technical capabilities to establish dominance and cause damage in this domain are widely distributed, but legal and ethical constraints prevent legitimate actors from using them to their full potential.

Within this context, net neutrality presents a limiting factor on the capability of legitimate actors to respond to harmful activity in cyberspace whose common aim is to install and uphold a technical imbalance. Under the principle of net neutrality, each data packet must be transmitted with equal priority, irrespective of its source, destination, content or purpose. This is disadvantageous to cyber defence. Comparisons to jungle or arctic warfare, where operating conditions are neutral and degrade the performance of each combatant side equally, are invalid, as malicious operators are capable of technically manipulating data traffic to their favour. While both malicious and legitimate actors may have comparable capabilities, legitimate actors are bound to legal and political restrictions, making them immobile in several cyber warfare scenarios. Transferring the principles of net neutrality to real life scenarios corresponds to depriving military,
police and emergency operators from any privilege that allows them to respond to an incident – in effect, depriving them of their blue lights and emergency powers even in severe incidents targeting critical infrastructure that may threaten civilian lives.

This paper investigates the potential opportunities and challenges of an adjustment to the principle of net neutrality to facilitate defensive action by legitimate actors; how this adjustment could contribute to regaining control in congested cyber domains in the case of national or international cyber incidents; and the risks associated. The different ways of dealing with net neutrality in cyber defence situations in the EU, UK and Russia are compared. Particular focus is put on the rganisations and capabilities needed to establish technical sovereignty in multidomain networks, including consideration of the acceptability of outsourcing the task of upholding cyber sovereignty to external institutions.

Ubiquitous and unconscious use of connected devices demand a fundamental shift in core assumption... more Ubiquitous and unconscious use of connected devices demand a fundamental shift in core assumptions about data security. Users cannot be expected to take responsibility for securing their devices and data when processes and data transfer are designed to take place without their active involvement or even awareness. Technological developments already in widespread use mean that privacy, encryption and national cyber security must all urgently be rethought.

Despite the history of offensive cyber activity being much longer than is commonly thought, cybe... more Despite the history of offensive cyber activity being much longer than is commonly thought, cyber defense is still considered a new discipline. It is only relatively recently that states have established formal structures to provide for cyber defense, and cyber security more broadly. In this context, each nation has developed its own mix of public, private, and military organizations active in the field.

The relationships between these organizations are based on the nation’s unique circumstances, determining the overall shape of relations between the state and business, the approach to e-government, civilian control of the military, threat perception, and much more.

The United States is no exception and has developed its own approach to organizing cyber defense based on factors specific to it. But the wide range of organizational approaches to reaching a "best fit" template for successful cyber defense raises the possibility that other nations may have developed approaches that could be usefully adopted in a U.S. context.

This Paper introduces four different foreign approaches to cyber defense, each very different from the U.S. model. In surveying the cyber defense organizations of Germany, Sweden, Norway, and Estonia, the Paper aims not only to provide baseline information on overseas structures and planning in order to facilitate U.S. cooperation with international partners, but also to provide policymakers with an overview of effective alternative approaches that may be applicable in a U.S. context.

8th International Conference on Cyber Conflict

The risks of military unmanned aerial vehicles (UAVs) being subjected to electronic attack are we... more The risks of military unmanned aerial vehicles (UAVs) being subjected to electronic attack are well recognised, especially following high-profile incidents such as the interception of unencrypted video feeds from UAVs in Iraq and Israel, or the diversion and downing of a UAV in Iran. Protection of military UAV assets rightly focuses on defence against sophisticated cyber penetration or electronic attack, including data link intercepts and navigational spoofing. Offensive activity to counter adversary drone operations presumes a requirement for high-end electronic attack systems. However, combat operations in eastern Ukraine in 2014-16 have introduced an entirely new dimension to UAV and counter-UAV operations. In addition to drones with military-grade standards of electronic defence and encryption, a large number of civilian or amateur UAVs are in operation in the conflict. This presents both opportunities and challenges to future operations combating hybrid threats. Actual operations in eastern Ukraine, in combination with studies of potential criminal or terrorist use of UAV technologies, provide indicators for a range of aspects of UAV use in future conflict. However, apart from the direct link to military usage, UAVs are rapidly approaching ubiquity with a wide range of applications reaching from entertainment purposes to border patrol, surveillance, and research, which imposes an indirect security and safety threat. Issues associated with the unguarded use of drones by the general public range from potentially highly dangerous situations such as failing to avoid controlled airspace, to privacy violations. Specific questions include attribution of UAV activities to the individuals actually directing the drone; technical countermeasures against hacking, interception or electronic attack; and options for controlling and directing adversary UAVs. Lack of attribution and security measures protecting civilian UAVs against electronic attack, hacking or hijacking, with the consequent likelihood of unauthorised use or interception, greatly increases the complication of each of these concerns.

Russia and the World by Keir Giles

Politico, 2023

Canada's Hunka scandal is a demonstration of how when history is complicated, it can be a gift to... more Canada's Hunka scandal is a demonstration of how when history is complicated, it can be a gift to propagandists who exploit the appeal of simplicity.

How Russia went to war

Based on information from open sources and from interviews conducted on a non-attributable basis,... more Based on information from open sources and from interviews conducted on a non-attributable basis, this report studies Russia’s political, informational, military, and economic preparations for attacking and subduing Ukraine. It further examines Russia’s preparations vis-à-vis the West, its attempts to manipulate and weaken Ukraine before the full-scale invasion, as well as Chinese-Russian relations.

— Russia has achieved substantial success in constraining Western support for Ukraine through use... more — Russia has achieved substantial success in constraining Western support for Ukraine through use of threatening language around the possible use of nuclear weapons. Western leaders have explicitly justified reluctance to provide essential military assistance to Ukraine by reference to Russian narratives of uncontrollable escalation.
— Purveyors of Russian nuclear rhetoric, including President Vladimir Putin, toned down their threatening language significantly in the last few months of 2022 and into 2023. Nevertheless, Moscow’s prior long-running campaign of nuclear intimidation continues to deliver results in terms of deterring Western responses to Russian aggression, and shielding Russia from the consequences of its actions in Ukraine.
— This represents a striking success for Russian information campaigns.
That success results from consistent failure among Western audiences and decision-makers to consider how unrealistic Russia’s threats are, or measure them against its real – and unchanged – nuclear posture. It is essential
for responses to Russia’s intimidatory rhetoric to be guided by a realistic assessment of its basis in reality, rather than by fear-induced paralysis.
— Actual use of nuclear weapons by Russia remains not impossible but
highly unlikely. A decision to launch a strike would have to overcome a range of systemic and practical obstacles. Regardless of Western responses, the global consequences of breaking the nuclear taboo would be severe for Russia.
— Nevertheless, Western nuclear powers have given Moscow grounds
for confidence that there would not be retaliation in kind. US and allied messaging to Russia does not currently convey sufficient determination to respond adequately to nuclear use, and so should be urgently revised to achieve appropriate deterrent effect.

Ares & Athena, 2022

Throughout its history, Russia has repeatedly faced the challenge of armies returning from campai... more Throughout its history, Russia has repeatedly faced the challenge of armies returning from campaigns abroad posing a potential threat to its leadership and political system.

The conflict in Ukraine risks presenting Russia with the same internal political threat. Not only do Russia’s forces appear to have suffered remarkably high and in many cases unnecessary casualties, but they have also been startled by the propaganda with which they had been indoctrinated suddenly colliding with a reality that turned out to be entirely different.

This article considers the possibility of eventual political change in Russia resulting from defeat in Ukraine, and the resulting shock to Russia's leadership as well as to its military.

— For the past 30 years, NATO, the EU and the West in general have consistently struggled to find... more — For the past 30 years, NATO, the EU and the West in general have consistently struggled to find means of dissuading Russia from taking actions that they find undesirable or unacceptable. The absence of major multinational conflict in Europe argues a success of deterrence, primarily by NATO; but the prevalence of overt or covert hostile actions by Russia, whether military or in other domains, there and across the globe shows that this success is only partial.

— The question of how to deter Russia from future actions that threaten other states, their governments, economies or people recurs repeatedly in policy discussions. A core challenge to finding an answer lies in Russia’s consistently acting beyond the boundaries of what its Western counterparts consider to be normal and rational state behaviour.

— Two further asymmetries exacerbate this challenge: the differing assessments by Russia and many Western countries of both the current and the desired state of relations between them; and a gulf in attitudes to using hostile measures, whether military or non-military, to achieve state or leadership objectives. Moscow, perceiving itself already to be in a state of conflict with the West, is not subject to the self-imposed constraints of its targets, which believe they are still in a state of peace with Russia. Similarly, Russia has repeatedly achieved its objectives by exploiting the fact that Western states have prioritized ending conflict over achieving a satisfactory outcome in it.

— The precise methods by which Russia might successfully be dissuaded or deterred are as varied as the situations in which they would have to be applied. But a number of key principles for successful deterrence can be deduced from consistent Russian state behaviours and attitudes, which remain relatively constant determinants throughout all these situations. Lessons can also be drawn from past examples where these behaviours and attitudes have been understood and leveraged to achieve a successful outcome – or ignored, resulting in failure.

— This paper considers all of these factors to offer a range of recommendations for appropriate action and messaging to influence Russia away from destructive activities.

Myths and misconceptions in the debate on Russia, 2021

Aspirations for better relations with Russia must recognize that the leadership’s values and inte... more Aspirations for better relations with Russia must recognize that the leadership’s values and interests are not reconcilable with those of the West.

THE RUSSIA CONFERENCE PAPERS 2021, 2021

Russia follows strategies that some Western analysts like to think are self-defeating but which i... more Russia follows strategies that some Western analysts like to think are self-defeating but which in fact achieve acceptable results according to Moscow’s own calculus. The objectives and methods of Russian state and non-state actors can at times be hard to understand for Western observers. Russian actions can at times seem incompatible with rational state policy. Often, the rationality gap arises because Russia is operating within an entirely different framework of statecraft and assumptions about international relations from Western liberal democracies. This paper considers a number of case studies to identify common themes and draw conclusions about the nature of success or failure for Russia, how that may differ from European or North American perceptions, and most importantly how this contributes to Russian actions continuing to surprise the West.

The relationship between Russia and the West is once again deep in crisis. Why? In Moscow Rules, ... more The relationship between Russia and the West is once again deep in crisis. Why? In Moscow Rules, Keir Giles argues that Western leaders have for too long expected Russia to see the world as they do. But the world looks very different from Moscow. Seen through Western eyes, Russia appears unpredictable and irrational. Yet Russian leaders from the czars to Vladimir Putin have followed a consistent internal logic when dealing with their own country and the world outside.

Giles suggests that accepting that Russia will never think and act as a Western nation is essential for managing the challenge from Moscow. He argues that recognizing how Moscow's leaders understand the world around them--not just Putin but his predecessors and eventual successors--will help their Western counterparts find a way of living with Russia without lurching from crisis to crisis.

Hybrid CoE Working Paper 26, 2023

2022 14th International Conference on Cyber Conflict, 2022

2021 13th International Conference on Cyber Conflict, 2021

2020 12th International Conference on Cyber Con ict 20/20 Vision: The Next Decade, 2020

Asia Policy, 2020

2019 11th International Conference on Cyber Conflict, 2019

• Consequences for deterrence, both specifically within cyber conflict and also more broadly deterring hostile actions.

In sum, the paper brings together the direct and immediate policy implications, for a range of nations and for NATO, of the new apparent policy of transparency.

8th International Conference on Cyber Conflict

Politico, 2023

How Russia went to war

Ares & Athena, 2022

This article considers the possibility of eventual political change in Russia resulting from defeat in Ukraine, and the resulting shock to Russia's leadership as well as to its military.

— This paper considers all of these factors to offer a range of recommendations for appropriate action and messaging to influence Russia away from destructive activities.

Myths and misconceptions in the debate on Russia, 2021

THE RUSSIA CONFERENCE PAPERS 2021, 2021

Russia’s annexation of Crimea and intervention in Eastern Ukraine in 2014 alarmed not only Wester... more Russia’s annexation of Crimea and intervention in Eastern Ukraine in 2014 alarmed not only Western-leaning states in Central Europe and the Baltic but also Moscow’s traditional allies. These events signalled that Moscow is now willing and capable of using direct military force against perceived strategic threats in its self-proclaimed region of vested interests. With the exception of Ukraine and the Baltic States, this Letort Paper examines how Russia’s front-line states have adjusted their foreign policy posture since 2014. Belarus, Moldova, the states of Central Asia and the South Caucasus calculate the benefits and risks in their relationship with Moscow and either make concessions or strengthen their defenses accordingly to avoid triggering a Russian reaction. This Letort Paper provides a range of policy recommendations intended to maximize the opportunities of a new alignment with the West for these states while minimizing the risk of Russia, using again, those capabilities it has demonstrated in Ukraine and Syria.

This paper analyzes the drivers of assertive military action by Russia, as exemplified by interve... more This paper analyzes the drivers of assertive military action by Russia, as exemplified by interventions in Ukraine and Syria. It identifies key turning points in Russia’s perception of external threat, and the roots of Russian responses to this threat making use of a capacity for military, political, and diplomatic leverage that has been greatly enhanced in the current decade. Color revolutions, the Arab Spring, and Western intervention in Libya are all highlighted as key influencers leading to a Russian assessment that the developments in Ukraine and Syria presented direct security challenges to Russia, which needed to be addressed through direct action. The paper concludes with a range of policy recommendations intended to mitigate the risk of confrontation with Russia through an imperfect understanding of Russian security perspectives.

An apparent lack of interest by Russia in Sub-Saharan Africa over recent years masks persistent k... more An apparent lack of interest by Russia in Sub-Saharan Africa over recent years masks persistent key strategic drivers for Moscow to reestablish lost influence in the region. A preoccupation with more immediate foreign policy concerns has temporarily interrupted a process of Russia’s reclaiming relationships, well-developed in the Soviet period, to secure access to mineral and energy resources that are crucial both to Russia’s economic and industrial interests and to its existing and new markets for military arms contracts.

Russian policy priorities in Africa provide both challenges and opportunities for the U.S. in fields such as nuclear non-proliferation, as well as energy security for the United States and its European allies. These priorities indicate that Russian development of key resources in southern Africa should be observed closely. Russian trade with the region is significantly underdeveloped, with the exception of the arms trade, which Russia can be expected to defend vigorously if its markets are challenged, including by the prospect of regime change or international sanctions.

At the same time, Russia and the United States have a shared interest in restricting the freedom of movement of terrorist organizations in ungoverned or lightly governed spaces in Africa, which opens potential for cooperation between U.S. Africa Command (AFRICOM) initiatives and Russian presence in the region.

Overall, Russian diplomatic and economic activity in southern Africa should receive continuing attention from U.S. policymakers due to its direct relevance to a number of U.S. strategic concerns.

In the last week of July 2011, Russian commentators noted with alarm the extent of popular suppor... more In the last week of July 2011, Russian commentators noted with alarm the extent of popular support in Russia for the Norwegian mass murderer Anders Behring Breivik. Breivik had referred specifically in his “manifesto” to Prime Minister Vladimir Putin and the Nashi movement as inspirations, and the motivations expressed there struck a chord with a range of dissatisfied elements of Russian society, all of which share strong nationalist and anti-migrant sentiment. Shortly afterwards, Russia’s Interior Minister Rashid Nurgaliyev called for additional measures against nationalist extremism, and research into its appeal for young people in Russia.

Nationalism in the broad sense is a current concern for the Russian authorities, with an increasing incidence of outbreaks of serious inter-ethnic violence. But it is far from the only potential challenge to social stability or cause for mass disorder. Local economic and ecological issues, unemployment and industrial relations have also sparked organised protest in recent years after a period of relative quiescence in Russian society.

The years 2008-2011 have seen a greater inclination among the Russian public to organise for the purpose of social protest, and greater willingness to express direct and public criticism of the leadership including Prime Minister Putin. The response by the
Russian authorities has been mixed, sending contradictory signals. Meanwhile, organised political parties remain weak vehicles for opposition, with shallow roots in Russian society - but the emergence of spontaneous citizens’ groups, facilitated by the internet, may be beginning to fill this gap.

This short study maps some emerging trends in the self-organisation of Russian civil opposition, and some key societal factors around which dissent may coalesce.

* The belief that the North Pole region could contain large quantities of oil and gas is one of t... more * The belief that the North Pole region could contain large quantities of oil and gas is one of the major forces driving Russian policy. The North Pole expedition of July-August 2007 laid the ground for submitting a claim to the UN Commission on the Limits of the Continental Shelf that the Lomonosov Ridge belongs to Russia.

* Russia’s claims will be challenged by Canada, the USA and Denmark. The Arctic region is likely to become a region of geopolitical competition later in the 21st century as the ice cap melts.

* There is a widespread view in Russia that its claim to Arctic territory is not speculative, but rightful compensation for territorial losses in Europe.

* Any foreign interest in the area, government, commercial or environmental, is seen as hostile intent.

* Armed action by NATO to contest Russia’s Arctic claims is discussed as a serious possibility.

* Reports of the death of the Russian North are greatly exaggerated, as they take no account of commercial rebirth based on the oil industry.

* Russia has a well-developed commercial and transport infrastructure to take advantage of opportunities offered by the retreating icecap, in contrast to other littoral states.

* Naval re-armament and increased military activity mean the same applies to capacity for military action.

— Emigration and partial mobilisation have had an immediate negative impact on the Russian econom... more — Emigration and partial mobilisation have had an immediate negative impact on the Russian economy, and in the long term this is likely to grow worse.
— Emigration and casualties in Ukraine combine with pre-existing demographic trends to also present a challenge to Russia’s plans to enlarge its military.
— However, the precise extent of all these challenges is unlikely to be discernible from open sources due to coverage gaps and unreliable official statistics from Russia.
— The impact of current Russian decisions may be highly damaging for Russia itself, up to and including the potential for open unrest in the longer term.
— But accurate assessment of the probable impact requires both multi- disciplinary specialist study and access to sources of information that are not currently in the public domain.

The Russian Military in Contemporary Perspective, 2019

The Russian military as a challenge continues to be not a static, but a rapidly developing phenom... more The Russian military as a challenge continues to be not a static, but a rapidly developing phenomenon. This applies not only in terms of re-equipping and rearming, and a continuing program of reorganization but also in internalizing and applying lessons learned from the conflicts in Syria and Ukraine. These lessons have been learned at all levels―not just the tactical and operational, but also the strategic. This chapter gives an overview and introduction to the valuable knowledge that Russia has gained, and is assimilating, from each of these levels in recent conflicts―and the lessons and implications for the United States and the West.

Journal of Future Conflict, 2019

Russia’s use of non-state military organisations to provide outsourced expeditionary military for... more Russia’s use of non-state military organisations to provide outsourced expeditionary military forces is currently the focus of intense interest. Internationally, this is because of concern over the potential for abuse of this new element of state power by Russia and the rapid growth in the number of theatres where it has been employed. Since the use of Russian PMCs was reported first in Crimea and east Ukraine, and later more prominently in Syria, the span of their presence has widened considerably, from Libya and a range of African nations to Venezuela. Russia's extensive use of non-state actors to perform a wide range of functions including information warfare, intelligence collection, logistics, subversion, destabilisation and now combat appears set to continue and increase as Russia probes for weaknesses and opportunities and expands the boundaries of permissible action.

Beyond Bursting Bubbles – Understanding the Full Spectrum of the Russian A2/AD Threat and Identifying Strategies for Counteraction, 2020

It is normal for discussions about anti-access/area denial, A2/AD, to focus on the threat of miss... more It is normal for discussions about anti-access/area denial, A2/AD, to focus on the threat of missiles, their ranges and capabilities, and how to counter them. But this is only part of the challenge posed to military mobility by states like Russia; and in fact, launching missiles is the least likely means of preventing movement that Russia could employ. Russia has a wide range of other means of preventing movement into or within an area of potential or current conflict. Whether referred to by any of their current names - political warfare, or sub-threshold operations, grey zone or hybrid - any of the methods that Russia could employ that do not involve open and undeniable hostilities will be encountered well before the first missile is fired. Russia will use these measures first because they are less costly, less risky, and certainly less escalatory than any of the more high-profile methods normally considered under the heading of A2/AD. This chapter therefore considers the range of measures that Russia could employ against plans for national and operational military movement, reception, staging, onward movement, and integration that do not involve missiles, mines, or other munitions.

NIDS International Symposium, January 30, 2019 "A New Strategic Environment and Roles of Ground Forces", 2018

"Hybrid warfare" lacks a commonly agreed definition among Russia's adversaries, and the potential... more "Hybrid warfare" lacks a commonly agreed definition among Russia's adversaries, and the potential for confusion is even greater when including Russia's own understanding of the phrase. So when considering Russia and "hybrid", the first task is to define or discard the term. While widespread use of hybrid terminology has been linked in foreign writing to Russian doctrine, critics point out that it does not adequately or appropriately reflect Russian thinking about the nature of conflict, and hence the full range of options available to Russian planners. Occasional doctrinal references to asymmetric tactics and non-military means for reaching strategic goals do not mean that Russia has a preconceived hybrid-war doctrine or that this would account for the totality of Russian strategic planning. In fact, Russian strategists use the concept of "hybrid war" to describe alleged Western efforts to destabilise adversaries such as Russia itself.

Overall, current development of Russian conventional military organisation, equipment and doctrine is influenced by practical lessons from operations in Syria where these capabilities are employed, developed and tested, rather than by foreign notions of "hybrid warfare".

Examining assessments of lessons learned from Russia's operations in Syria demonstrates clearly how exaggerating the centrality of hybrid warfare in Russian strategy is a distraction from continued Russian emphasis on preparing its regular forces for high-end, high-intensity conflict. Nevertheless Russia also effectively leverages interaction between conventional military forces and other implements of power.

BAKS Working Paper, 2019

"Hybrid warfare" is not a Russian term. But Russia's use of levers of state power short of open w... more "Hybrid warfare" is not a Russian term. But Russia's use of levers of state power short of open warfare provides a useful case study for clarifying and harmonising Western understanding of "hybrid threats", and considering the best responses to them.

Parameters, 2019

This article discusses the myths surrounding Russia's A2/AD capabilities and the risks associated... more This article discusses the myths surrounding Russia's A2/AD capabilities and the risks associated with the current counter A2/AD efforts among NATO countries. It offers recommendations for investing in a stronger defense of the Baltic states and Eastern Europe.

Military Service in Russia - No New Model Army

* Pay and conditions for Russian servicemen, especially those on contract service, have seen subs... more * Pay and conditions for Russian servicemen, especially those on contract service, have seen substantial recent improvements.

* Continuing high-profile reporting of rights abuses and violence masks initiatives taken to improve rights and welfare.

* The move to one-year conscript service will disrupt the system of dedovshchina; but it is unlikely to uproot this kind of bullying altogether as it is not a purely military phenomenon in Russia.

* The Russian Armed Forces are not adapting fast enough to the challenges of recruiting professional servicemen.

* Western views of the Russian Armed Forces traditionally hold that Russian military pay is disas... more * Western views of the Russian Armed Forces traditionally hold that Russian military pay is disastrously inadequate.

* But headline figures for Russian military pay scales bear little relation to what servicemen actually earn.

* This is because pay for all servicemen is made up of two parallel basic components, plus a large number of allowances, extras, and increments.

* It is therefore almost always misleading to generalise about Russian military pay.

In 2008, Russia halved the term of conscription into the armed forces from two years to one, whil... more In 2008, Russia halved the term of conscription into the armed forces from two years to one, while attempting to retain the overall size of the forces.

This 2006 CSRC paper noted that this plan implied doubling the number of conscripts drafted each year, but that demographic change in Russia meant there would not be enough healthy 18-year-olds to do this. A number of grounds for deferral of conscription were to be abolished, but this would still not provide anything like enough conscripts. Recruitment and retention on contract service appeared insufficient to fill the gap. Furthermore, the timing of the change-over to one-year conscription threatened major disruption and upheaval in the armed forces.

Russia’s 2010 Military Doctrine highlighted NATO as a military danger to the Russian Federation. ... more Russia’s 2010 Military Doctrine highlighted NATO as a military danger to the Russian Federation. NATO was listed explicitly in first place among these dangers - specifically the “striving to ascribe global functions to the force capability of NATO, implemented in breach of international law, and bringing the military infrastructure of NATO member countries closer to the borders of the Russian Federation, including by means of enlarging the bloc”.

Significantly for our interpretation of Russian statements, NATO is listed as a military danger not as a military threat. The distinction in Russian doctrinal lexicon is important – a “danger” is a situation with the potential “under certain conditions” to develop into an immediate military threat, rather than a threat per se. Clear definitions for both military threat and military danger are included in the Doctrine, as well as the distinction between military conflict and armed conflict. Previously to be found in other doctrinal statements, these definitions are essential for a precise understanding of the threat picture as expressed by official Russia.

Other military dangers include deployment of foreign forces on territory adjacent to Russia and its allies, not only on land but also at sea; the creation of strategic missile defence forces; and the development of strategic non-nuclear precision weapons systems.

Development of the Collective Security Treaty Organisation (CSTO) is a fundamental task in deterring and preventing armed conflict, alongside cooperation with other international organisations including, interestingly, NATO. Russia will also contribute forces to the CSTO’s rapid reaction group and for deployment as CSTO peacekeepers. Furthermore, the CSTO’s collective defence provision, similar to but more binding than NATO’s Article 5, is now explicitly included in Russian doctrine.

Despite widespread reporting that the new Doctrine would display increased readiness for first use of nuclear weapons, this provision is if anything subtly rolled back from the 2000 version of the Military Doctrine – instead of first use “in situations critical to the national security of the Russian Federation”, the criterion is now “when the very existence of the State is under threat”. The related provision promising no use of nuclear weapons against non-nuclear states acting alone has been dropped. But Russia’s precise stance on nuclear use is detailed in a classified addendum to the Doctrine, so remains unclear.

The provision for use of Russian forces overseas “to defend the interests of the Russian Federation and its citizens, and to protect international peace and security” is included. Operations overseas to remove threats or suppress aggression can also be undertaken at the instigation of the UN “or other bodies”.

Preparation for mobilisation receives substantial attention, with several sections retained verbatim from the 2000 Doctrine and others new or re-drafted. These provisions concern both the economy and the military, with no regard to the substantial reorganisation of the military during 2009 towards permanent readiness and away from a mobilisation army.

Information warfare (a concept which largely overlaps with what we might term cyber operations) is largely ignored in the Doctrine, except as a military danger and for the stipulation that the means to prosecute it must be developed. Meanwhile, the largely outdated Information Security Doctrine of 2000 remains in force.

Edited by Eini Laaksonen

Russia’s Baltic Fleet, and troops based in Kaliningrad Region, have been absorbed into an entirel... more Russia’s Baltic Fleet, and troops based in Kaliningrad Region, have been absorbed into an entirely new military command structure as part of the ongoing overhaul of the Russian Armed Forces. With effect from 1st September 2010, the Baltic and Northern Fleets, Kaliningrad, and the Moscow and Leningrad Military Districts have been amalgamated into a new Western Military District, with headquarters in St Petersburg.

It is now just over two years since Russia embarked on the most radical programme of military reform it had seen since the end of the Soviet Union, and in many respects since long before that. The armed conflict between Russia and Georgia in August 2008 provided the impetus for the long-overdue creation of a distinct form for the Russian military, as opposed to a continuing existence as a pale remnant of the Soviet Armed Forces. The process of transformation now under way has affected the military, and individual servicemen, at all levels from the General Staff to newly-enlisted conscripts, and the emerging form of the new Russian forces fully justifies their claim to a “new look”.

The process of transformation of the Russian military, under way since 2008, is intended to turn ... more The process of transformation of the Russian military, under way since 2008, is intended to turn the Armed Forces of the Russian Federation from the atrophied remnant of the Soviet Armed Forces into a usable military tool for the 21st century. This includes radical reform of command and control systems at all levels up to the supreme command.

Previous conclusions on the nature of post-Soviet Russian military command and control systems may therefore no longer be valid. This is significant for Russia's overseas partners who wish to understand the nature of a potential Russian reaction to any challenge which can be interpreted as a military threat.

In particular, understanding of the division of responsibilities between the Ministry of Defence and the General Staff needs to be updated following the dramatic contraction of both bodies and redistribution of their functions.

The emergence of the Security Council of the Russian Federation as an additional body exerting control over the military also needs to be considered, when examining how decisions affecting the Armed Forces are made at the highest level.

Lower down the chain of command, the creation of the new Joint Strategic Commands also bears directly on the nature of decision-making on employment of forces, in ways which appear still debatable even within Russia but which are of critical importance for close neighbours of Russia.

The example of the early stages of armed conflict in Georgia in August 2008 could suggest that the Joint Strategic Commands are in part intended to ensure closer control over small units, in order to reduce the potential for independent and uncontrolled activity.

This paper seeks to introduce the new landscape of military decision-making in Russia, in order to raise key questions over the nature of the new command and control systems which are critical for a full understanding of how, when and in what manner Russia's Armed Forces may be used in the future.

Russia’s seizure of Crimea, and ongoing operations in eastern Ukraine, have refocused attention o... more Russia’s seizure of Crimea, and ongoing operations in eastern Ukraine, have refocused attention on the Russian military as a potential cause for concern in Europe. This Letort Paper, by an influential Russian general and military academic, lays out specifically Russian views on the essential nature of strong conventional land forces, and how they may be used. With an expert commentary providing essential context and interpretation, the paper presents a valuable insight into Russian military thinking, at a potentially critical juncture for European security.
The author, Major General Aleksandr Rogovoy, is a professor at the Russian General Staff Academy with a substantial record of academic and operational experience, including developing Russian doctrine on the use of the Armed Forces beyond Russia’s borders. The commentary has been provided by British expert Keir Giles, who gives the context and background for General Rogovoy’s paper, and highlights key areas of importance to a Western readership.
Moscow continues to place primary importance on conventional military force, with the direct intention of growing capability in order to challenge U.S. power. While the United States and other Western militaries are considering their future form after two decades of focus on counterinsurgency, for Russia the picture is different; strong emphasis on the enduring and central role of numerous conventional land forces remains unchallenged. This paper should assist U.S. and Western planners and decisionmakers by providing direct insight into resurgent Russia’s military thinking.

While this monograph was being researched and written, Russian actions in Crimea and eastern Ukra... more While this monograph was being researched
and written, Russian actions in Crimea and eastern
Ukraine brought U.S.-Russian relations to a new
low in the post-Cold War era. Normal relations and
conversations between the United States and Russia
were apparently on hold during an unprecedented,
and apparently intractable, crisis of European security.
But the longer view of relations between the two former
superpowers shows precedents that suggest relations
stand a strong chance of early recovery, despite
Russia’s hard line and unpalatable actions. With or
without this recovery, some persistent challenges to
the relationship will remain; the state of relations will
affect how these challenges are presented, rather than
the underlying contradictions themselves.
One of these challenges is ballistic missile defense
(BMD), and its implications for nuclear deterrence.
For the past 7 years, plans for BMD capability in
Europe have been a consistent sticking point in
relations between the United States and Russia. In
brief, Russia’s strenuous opposition to these plans is
based on claims, not all of them disingenuous, that
this capability is intended to compromise Russia’s
nuclear deterrent capability. Yet all discussion of
the subject highlights the U.S. current and proposed
deployments and entirely ignores Russia’s own
missile interception systems, which are claimed to
have comparable capability. While Moscow continues
to strengthen its armed forces and seeks to reduce the
capability gap with the United States, the perception
of vulnerability leads Russia to invest heavily in
strategic weapons and aerospace defense, including
both defense against nuclear missiles and precision
guided munitions. Russia protests that U.S. SM-3
missiles pose a potential threat to strategic stability,
and has made belligerent threats of direct military
action to prevent their deployment. But no mention
at all is made of the strategic implications of Russia’s
own S-400 and S-500 systems, despite the fact that,
if the performance and capabilities claimed for them
by Russian sources are accurate, they pose at least as
great a threat to deterrence as do SM-3s.
This monograph therefore aims to describe
Russia’s claims for its missile defense systems and,
where possible, to assess the likelihood that these
claims are true. This will form a basis for considering
whether discussion of Russian capabilities should be
an integral part of future conversations with Russia on
the deployment of U.S. and allied BMD assets.
An assessment of this kind requires an essential
caveat. Research for this monograph has been
conducted from open sources in Russian and English,
and unclassified discussion with knowledgeable
individuals on both sides of the debate. As such, it
has obvious limitations, especially in a field where the
fine detail of capabilities and deployments is highly
classified. In addition, the proliferation of designations
used by Russia for systems still in development,
and the confused and contradictory reporting of
them in open source media, adds a further layer of
obfuscation. In the words of one assessment—tellingly
entitled, “Experts Baffled by Profusion of Russian
Missile Projects”—the resulting linguistic labyrinth
has been further confused, perhaps deliberately, by a
proliferation of new names in Russian reports.
The descriptions in this monograph of specific
Russian projects are therefore a synthesis of public
declarations by Russia as carried in open sources,
Executive Summary
Strategic Studies Institute and U.S. Army War College Press
rather than an authoritative and verified systems
handbook. Nonetheless, they have value since
responses to Russian claims for their missile
defense systems must necessarily rely on public
pronouncements.

In March-April 2014, Russia mounted military operations in Crimea and Eastern Ukraine using groun... more In March-April 2014, Russia mounted military
operations in Crimea and Eastern Ukraine using
ground forces which were entirely different from
the Russian military which had been seen in action
in Georgia in August 2008. This paper, completed
6 months earlier in September 2013, describes the
process of Russia achieving this new force which is
more flexible, adaptable, and scalable for achieving
Russian foreign policy aims than the old post-Soviet
Russian armed forces that were used in Georgia.
The depth and scale of change that the Russian
military has undergone during the last 6 years of
transformation is impossible to overstate. During
most of this time, service personnel in Russia were
expressing disorientation and discontent at the
relentless pace of upheaval. But from late-2011
onwards, this transformation entered a qualitatively
new and stable phase. While there has been change
at the most senior levels of leadership, the dominant
characteristic of the transformation process now
is continuity. Those expecting radical changes of
direction with the appointment of new Minister of
Defence Sergey Shoygu were disappointed, and
the eventual shape of the Russian military at the
end of the transformation process is now finally
becoming clear.
This monograph reviews the overall direction and
intention of Russia’s military transformation, with
particular reference to the specific range of threats—
real and hypothetical—against which it is intended
to ensure. Stated aspirations for transformation will
be measured against known challenges facing the
defense establishment and Russia as a whole, with the
conclusion that several specific goals are unlikely to
be met.
Fundamental organizational changes that finally
broke the Russian armed forces away from the Soviet
model in 2008-09 are now irreversible. It has been
clear for some time that Russia no longer sees its
military as a counter to a massive land incursion by
a conventional enemy. While the idea of vulnerability
to U.S. and North Atlantic Treaty Organization hostile
intentions remains strong, this vulnerability finally is
no longer seen in Cold War-era conventional military
terms: instead, it is missile defense and precision
strike capabilities that have come to the fore, even
while lingering suspicions over a limited Libya-style
intervention still provide a driving force for military
modernization.
Russia’s current officially stated threat assessment
overstates the likelihood of armed attack from the
United States and its allies. If any potential major
adversary is mentioned in Russian discourse, it
is almost inevitably one in the West. As always,
the potential for a military threat from China is
the exceptional case which, if discussed at all, is
approached in exceedingly delicate terms.
There is a persistent argument voiced by senior
military commentators wielding prodigious authority
in Russia that foreign powers are planning to seize
Russia’s natural resources, including by means of a
paralyzing first strike by precision munitions against
which Russia’s air and space defenses will be entirely
insufficient. This provides the backdrop for repeated
statements by Vladimir Putin emphasizing defense
against this eventuality. As a result, spending priorities
and the transformation process overall are skewed and
fail to address more realistic security threats to Russia.
Spending on offensive strategic weapons has also
been increased as a direct result of this perspective.
Executive Summary
Strategic Studies Institute and U.S. Army War College Press
2
One area needing special consideration is Russian
activity in developing and introducing new types of
strategic weapons, while maintaining strengths in
non-strategic nuclear weapons.
Meanwhile, the real and immediate security
threat facing Russia is an entirely different one from
an entirely different direction—Russia’s southern
periphery, where incursions, insurgency, weapons
proliferation, and terrorism are all expected to increase
in intensity following the U.S. and allied drawdown
in Afghanistan and as a result of continued instability
in the Middle East.
Russia has embarked on an expensive program
of rearmament, running in parallel with its
transformation schedule. The overambitious nature
of the procurement plans was noted immediately
on their announcement, and is now becoming clear.
Both the capabilities of the defense industry and the
level of funding allocated pose threats to realizing
rearmament goals.
But many of Russia’s remaining problems in
implementing its transformation aims are not with
money or equipment, but with people. Demographic
change in Russia now means that service personnel are
at a premium, and, for the first time in Russia’s history,
conscripts are a valuable asset rather than a disposable
commodity. The examples of noncommissioned
officer training and junior officer assignments show
that Russia still awaits the fundamental cultural shift
in how it treats its service people that is essential for
dealing with human capital as a finite resource.
Deep and persistent challenges, including those of
manning, funding, and procurement, mean that many
ambitions for the Russian military will not be achieved
in the short- to medium-term. But the uses of Russia’s
armed forces which were observed in Ukraine in 2014
bears out the authors’ earlier conclusion that posttransformation,
the Russian military now provides
a more flexible foreign policy tool which should be
expected to be used more frequently in the future.

This monograph considers how a classical challenge that commanders face in war—namely, making cri... more This monograph considers how a classical challenge that commanders face in war—namely, making critical decisions on the basis of limited and often unreliable information—has been exacerbated in the era of big data. Data overload complicates the intelligence community’s efforts to identify and exclude disinformation, misinformation, and deception, and thus hampers its ability to deliver reliable intelligence to inform decision-makers in a timely manner. The military commander remains responsible for making a final decision, yet the great wealth of data now avail- able through the intelligence cycle amplifies the risk of decision paralysis. With this in mind, technological solutions tend to be considered the most appropriate response for managing data overload and disinformation. While these remain relevant, they alone may be insufficient to equip the military commander with the necessary insight to guide decisions through the uncertainty of the big data environment. Rather, the military commander must cultivate a range of new behaviours in order to avoid decision paralysis and fulfill the distinct leadership roles a commander must play at the various stages of the intelligence process.

Appraisals of Russian military performance during the armed conflict with Georgia in August 2008 ... more Appraisals of Russian military performance during the armed conflict with Georgia in August 2008 noted, among other deficiencies, poor performance in Information Warfare (IW). This led to calls in informed commentary for the creation of dedicated “Information Troops” within the Russian armed forces, whose duties would include what we would define as cyber operations. This stemmed from a perception in parts of the Russian Armed Forces that the "information war" against Georgia had been lost.

No such entity has appeared in the Russian order of battle, but the public discussion and military comment is informative. Prospects for the appearance of “Information Troops” have been discounted both officially by the FSB and privately by Russian
military officers. Arguments put forward against a unit of this kind include the unsuitability of servicemen for advanced cyber operations, and the ready availability and deniability of talented civilian volunteers. But at the same time Russia’s EW troops are seeing their role and profile evolve in a manner which suggests they may be acquiring at least some IW capability.

The Russian approach to IW differs from our own, and there are specific perceived internet vulnerabilities which further affect the Russian approach to cyber operations, and prompt Russian pushes for treaty arrangements governing cyberspace.

This paper draws on unclassified open-source media and interviews with serving Russian military officers to consider the Russian military view of cyber operations as a subset of information war, and the prospects for creation of “information troops” (whether given this name or not) in the context of ongoing Russian military transformation. Informal links with volunteer and co-opted cyber forces are also considered.

Russian views on the nature, potential and use of cyberspace differ signiﬁcantly from the Western... more Russian views on the nature, potential and use of cyberspace differ signiﬁcantly from the Western consensus. In particular Russia has deep concerns on the principle of uncontrolled
exchange of information in cyberspace, and over the presumption that national borders are of limited relevance there. Circulation of information which poses a perceived threat to society or the state, and sovereignty of the “national internet”, are key security concerns in Russia.

This divergence undermines attempts to reach agreement on common principles or rules of behaviour for cyberspace with Russia, despite repeated Russian attempts to present norms of this kind to which other states are invited to subscribe.

This paper examines aspects of the two most recently released public statements of Russian policy on cyberspace: the “Draft Convention on International Information Security“ (released
24 September 2011) and the Russian military cyber proto-doctrine “Conceptual Views on the Activity of the Russian Federation Armed Forces in Information Space” (released 22 December 2011) in order to describe the Russian public stance on cyberspace. Conclusions are drawn from the “Conceptual Views” on how the Russian Armed Forces see their role in cyberspace. The documents are referenced to the Information Security Doctrine of the Russian Federation (2000) as the underpinning policy document prescribing Russia’s approach to information security overall, including its cyber elements.

The Russian authorities considered that protests over the State Duma election results in December 2011 arose at least in part because of a cyber/information warfare campaign against Russia. The informational and political response of the Russian authorities to this is taken as a case study to measure the practical impact of the Russian views outlined above. In addition, the dynamics of the London International Conference on Cyberspace are referenced in order to illustrate failure to achieve dialogue over the difference of these views from the Western consensus.

Russian Analytical Digest, Aug 6, 2013

Intensive use of social media by an expanding population of Russian internet users gives rise to ... more Intensive use of social media by an expanding population of Russian internet users gives rise to acute concern among the Russian security structures. This follows examples of facilitation of regime change by means of social media during the Arab Spring. At the same time, both the political impact of online activism, and the extent of measures taken by the authorities to mitigate it, have been exaggerated. Opinions on the nature and role of cyber security, and even on what to call it, vary widely within the Russian leadership, giving rise to confused policy. The release of a promised Cyber Security Strategy may bring some clarity.

Proceedings of the 2013 5th International Conference on Cyber Conflict, Jun 9, 2013

During 2012, both the US and UK signalled increased willingness to engage with Russia and China o... more During 2012, both the US and UK signalled increased willingness to engage with Russia and China on cyber security issues. But this engagement will be extremely difficult to achieve in the absence of commonly agreed definitions, and even concepts, for what constitutes cyber security.

Russian and Chinese doctrine and writing emphasise a very different set of security challenges to those which normally concern the US and UK. There is the additional complication of direct translations of specific terms from Russian and Chinese which resemble English-language terms, and therefore give the misleading impression of mutual understanding, while in fact referring to completely different concepts.

A number of states including Russia and China, which do not subscribe to the Euroatlantic consensus on the nature and future of cyberspace, have already achieved a commonality in their views and language; while this language sometimes has no equivalent in English and is therefore imperfectly understood.

This paper examines these distinctions, comparing and contrasting terms and concepts in English, Russian and Chinese. This will illustrate the dangers involved in attempting to reach a consensus - or at the very least confidence and security building measures - with states with widely differing views on cyber security without first establishing a baseline of common definitions. Examples will show how previous attempts at doing so have been counter-productive and set back mutual understanding.

"The United States and its allies are in general agreement on the legal status of conflict in cyb... more "The United States and its allies are in general agreement on the legal status of conflict in cyberspace. Although key principles remain unresolved, such as what precisely constitutes an armed attack or use of force in cyberspace, overall there is a broad legal consensus among Euro-Atlantic nations that existing international law and international commitments are sufficient to regulate cyber conflict.

This principle is described in multiple authoritative legal commentaries. But these can imply misleadingly that this consensus is global and unchallenged. In fact, China, Russia, and a number of like-minded nations have an entirely different concept of the applicability of international law to cyberspace as a whole, including to the nature of conflict within it. These nations could therefore potentially operate in cyberspace according to entirely different understandings of what is permissible under international humanitarian law, the law of armed conflict, and other legal baskets governing conduct during hostilities.

U.S. policymakers cannot afford to underestimate the extent to which Russian concepts and approaches differ from what they may take for granted. This includes the specific question of when, or whether, hostile action in cyberspace constitutes an act or state of war. Recent Russian academic and military commentary stresses the blurring of the distinction between war and peace, and asks to what extent this distinction still exists. This suggestion of a shifting boundary between war and peace is directly relevant to consideration of at what point Russia considers itself to be at war and therefore subject to specific legal constraints on actions in cyberspace.

Conversely, actions that are considered innocent and friendly by the United States and European nations are parsed as hostile actions by Russia, leading to Russian attempts to outlaw “interference in another state’s information space.” The Russian notion of what constitutes a cyber weapon—or in Russian terminology, an information weapon—is radically different from our assumptions.

Initiatives put forward by Russia for international cooperation on legal initiatives governing cyber activity have received a mixed response from other states. But they need to be taken into account because of the alternative consensus on cyber security opposing the views of the United States and its close allies, which is growing as a result of an effective Russian program of ticking up support for Moscow’s proposals from other countries around the world.

This paper explores the Russian approach to legal constraints governing actions in cyberspace within the broader framework of the Russian understanding of the nature of international law and commitments, with the aim of informing U.S. military and civilian policymakers of views held by a potential adversary in cyberspace. Using a Russian perspective to examine the legal status of various activities in cyberspace, including what constitutes hostile activity, demonstrates that assumptions commonly held in the United States may need to be adjusted to counter effectively — or engage with—Russian cyber initiatives."

There are two aspects of the Russian approach to ‘information warfare’: first, the outward-facing... more There are two aspects of the Russian approach to ‘information warfare’: first, the outward-facing campaigns of disinformation and propaganda, designed to blunt or divert criticism of Russian actions already carried out and prepare the ground for further steps in the future; and second, the internal efforts to isolate the Russian population from a true picture of events both in the outside world and in their own country.

This paper compares public and political attitudes across a range of countries to systems for mon... more This paper compares public and political attitudes across a range of countries to systems for monitoring and surveillance of internet usage. U.S. and Russian data collection and mining systems are taken as case studies. There are wide variations in societal acceptability of these systems based on the perceived acceptable balance between personal privacy and national security. Disclosures of covert internet monitoring by U.S. and other government agencies since mid-2013 have not led to a widespread public rejection of this capability in the U.S. or Europe, while in Russia, internet users show acceptance of limitations on privacy as normal and necessary. An incipient trend in EU states toward legitimisation of real-time internet monitoring is described.

Introductory chapter to "Cyber War in Perspective: Russian Aggression against Ukraine" provides g... more Introductory chapter to "Cyber War in Perspective:
Russian Aggression against Ukraine" provides geopolitical context for cyber and information warfare in and around the Ukraine conflict in 2014-15. Consistent drivers for Russian behaviours are considered, and Western responses assessed. New Russian capabilities, in particular the interface between cyber and information warfare and kinetic activities, are reviewed.

However, combat operations in eastern Ukraine in 2014-16 have introduced an entirely new dimension to UAV and counter-UAV operations. In addition to drones with military-grade standards of electronic defence and encryption, a large number of civilian or amateur UAVs are in operation in the conflict. This presents both opportunities and challenges to future operations combating hybrid threats. Actual operations in eastern Ukraine, in combination with studies of potential criminal or terrorist use of UAV technologies, provide indicators for a range of aspects of UAV use in future conflict.

But in addition to the direct link to military usage, UAVs are rapidly approaching ubiquity with a wide range of applications reaching from entertainment purposes to border patrol, surveillance, and research, which imposes an indirect security and safety threat. Issues associated with the unguarded use of drones by the general public range from potentially highly dangerous situations such as failing to avoid controlled airspace, to privacy violations.

Specific questions include attribution of UAV activities to the individuals actually directing the drone; technical countermeasures against hacking, interception or electronic attack; and options for controlling and directing adversary UAVs. Lack of attribution and security measures protecting civilian UAVs against electronic attack, hacking or hijacking, with the consequent likelihood of unauthorised use or interception, greatly increases the complication of each of these concerns.

This handbook provides an introductory guide to the Russian concept of information warfare, inclu... more This handbook provides an introductory guide to the Russian concept of information warfare, including elements of cyber warfare. The guide also functions as a source book for further detailed research as required.

The period since the Russian seizure of Crimea in early 2014 has seen a large number of new publications on the topic of Russian cyber and information warfare, of widely varying quality. Most of these works discuss a specific aspect of the challenge, and many were highly time-sensitive and are therefore already outdated. The aim of this handbook is instead to circumvent the need for extensive ab initio research by providing a guide to the Russian approach which is both comprehensive and durable.

The guide takes as its basis material already in the public domain; this material has been collated from a wide range of disparate and sometimes obscure publications in Russian and other languages. Where possible, key concepts and approaches are illustrated and explained by direct quotations from senior members of the Russian defence and security communities. Unless otherwise specified, quotations in the text are from Russian sources, in many cases authoritative papers and essays on the theory and practice of warfare from military journals and conferences. Although not all the sources quoted are ordinarily available to the public, no classified material has been used.

In addition to extensive citations in footnotes, each section concludes with a list of recommended reading for deeper research on specific topics. Russian-language titles here and in the citations have been translated into English. URLs for online access to publications have been provided where they are known and available.

The challenge of Russian information warfare is not a static situation, but a developing process.... more The challenge of Russian information warfare is not a static situation, but a developing process. The Russian approach evolves, develops, adapts, and just like other Russian operational approaches, identifies success and reinforces it, and conversely abandons failed attempts and moves on. The result is that Russia should not be expected to fight the last war when it next decides to use an information warfare component in a new conflict.

In other words, those nations or organisations that think they understand Russian information warfare on the basis of current studies, and are responding by preparing for currently visible threats and capabilities, are out of date and will be surprised once again by what happens next.

This paper therefore examines not only some of the conceptual underpinnings of the Russian approach to information warfare, but also new developments which to date have not been widely covered in open sources, and their potential implications for the next wave of information confrontation with Russia.
[November 2015]

Baltic Rim Economies, 2023

For most of the Baltic Sea region, geopolitics has not "returned" – it never left. Instead, it is... more For most of the Baltic Sea region, geopolitics has not "returned" – it never left. Instead, it is the rest of Europe that is now catching up to a reality that has long been plain to many states around the Baltic. Europe’s security situation today is precisely the one that Poland, Estonia, Latvia and Lithuania had long warned of – and were written off as troublemakers in the EU and NATO for doing so. The invasion of Ukraine and the associated deepening confrontation between Russia and the West have done no more than confront the rest of Europe with the reality that has faced Russia's neighbours all along.

Reflexive control (RC) is the term used to describe the practice of predetermining an adversary’s... more Reflexive control (RC) is the term used to describe the practice of predetermining an adversary’s decision in your favor, by altering key factors in the adversary’s perception of the world. The term is primarily encountered in discussion of Russian techniques of information warfare. In this context, the practice represents a key asymmetric enabler to gain critical advantages, neutralizing the adversary’s strengths by causing him or her to choose courses of action that are damaging to the adversary and further Russian objectives.

The first section of this report (pp. 5-27) examines a number of case studies that may be considered the successful application of principles of reflexive control by Russia. In order to do so, it first introduces theories of reflexive control as described in Russian and other foreign sources. It then breaks down these theories into key operational components, each of which can be observed in the case studies of successful implementation. This section also notes a number of false positives in the form of Russian actions that have been described elsewhere as reflexive control but which should not be considered as such because they do not display its key criteria and characteristics.

Social media has vastly increased the ways RC can be applied, has reduced implementation costs, and offers better deniability of operations. The second section (pp. 28-42) discusses how social media is exploited for RC operations by Russia.

The third section (pp. 43-48) looks at possible countermeasures to RC operations and summarizes a number of key themes and principles to help targets defend against potential future RC attempts.

The report concludes with a section (pp. 48-52) on thoughts on the application of RC-like mechanisms by the CAF.

Because of both history and geography, the Finnish relationship with Russia is unique in Europe. ... more Because of both history and geography, the Finnish relationship with Russia is unique in Europe. At the same time the Finnish perception of Russia as a source of security challenges is acute.

Finland has engaged in a debate over whether it would be desirable to seek membership of NATO in order to mitigate these challenges. A full and frank debate has been difficult because it is constrained by a range of political and societal taboos; nevertheless at the time of writing (November 2009) there were indicators that a move toward NATO was not impossible in the foreseeable future.

But if Finland were to opt for joining NATO, this would register in Russian defence and security thinking as a serious concern. Unlike the Baltic accession in 2004, the response from the newly assertive Russia could potentially be swift and damaging. This would also have implications for Russian relations with the EU, of which Finland has been a member since 1995. Many in Finland saw the EU as a security provider, and there was confusion in the national debate between EU or Nordic security policy cooperation and an actual defensive alliance.

Finland’s NATO argument is a complex and multi-faceted one, made even more so by regional and cultural specifics; but it needs to be understood because its result could be significant for Russia’s relationships with both NATO and the EU.

Relations between Russia and NATO develop according to a familiar and predictable cycle. High hop... more Relations between Russia and NATO develop according to a familiar and predictable cycle. High hopes and ambitious declarations are followed by a plateau of expectations; a period of stagnation follows, as cooperation founders on incompatible strategic priorities; Russia becomes increasingly frustrated and alarmed at NATO behaviour; a crisis emerges, the relationship is set back; and then after a decent interval a “reset” takes place, partnership is declared anew, and the cycle begins again.

The most recent low point involved arguably the most dramatic crisis to date: armed conflict in Georgia in 2008. At the time of writing NATO is maintaining high hopes for renewed partnership following the optimistic Lisbon Summit in November 2010, but Russia is already entering the “frustration and alarm” phase – frustration over inability to influence plans for missile defence in Europe, and alarm at NATO’s readiness to intervene in internal conflict in Libya.

This paper considers the nature of the relationship between Russia and NATO with particular reference to the view from Moscow, and assesses key areas where the two sides have failed to establish meaningful dialogue on significant challenges – in particular, plans for European missile defence, and NATO operations in Libya. Its aim is to assist in comprehension of the Russian view of NATO and its relationship with Russia, with the ultimate hope that the familiar cycle might at some point be broken. NATO can take steps to avoid repeating the cycle of a thaw with Russia followed by a new confrontation; but if there is an opportunity to do so, it may be brief.

With all its flaws, the February 2016 ceasefire is good news for some Syrians in the short term –... more With all its flaws, the February 2016 ceasefire is good news for some Syrians in the short term – but bad news for the West in the long term.

Low-level fly-bys of the USS Donald Cook in the Baltic are part of a dangerous trend of escalatio... more Low-level fly-bys of the USS Donald Cook in the Baltic are part of a dangerous trend of escalation by Russia.

AEI Paper & Studies, Mar 1, 2018

Russian Analytical Digest (RAD), Oct 12, 2015

ISSN:1863-042

As Ukraine continues to fight to liberate its occupied territories and eject Russian invaders, it... more As Ukraine continues to fight to liberate its occupied territories and eject Russian invaders, its Western backers debate the likely endgame for the war and its aftermath. The international response to Russia’s full-scale invasion of Ukraine, while impressive in many ways, remains inadequate to the task and dangerously wobbly. Russia’s wider threat to the rules-based international order is also insufficiently acknowledged. Many proposals have been put forward for how the conflict could, or should, be brought to a close. Some, though well-intentioned, involve concessions that would effectively appease Russia, betray Ukraine and endanger Europe. Persistent calls for a ceasefire or ‘negotiated settlement’ to end the fighting without tackling its underlying cause – Russia’s ambition to eliminate Ukraine as we know it – will do no more than reward the aggressor while punishing the victim. This multi-author report takes nine commonly espoused ideas for quick fixes or objections to bolster...

The idea that nuclear use by Russia is not only possible but probable if it is challenged or thre... more The idea that nuclear use by Russia is not only possible but probable if it is challenged or threatened, let alone defeated or humiliated, has been fostered by Russian propaganda efforts over many years. Among Western audiences and decision-makers, this has led to interpretations of the evidence for and against this probability that are alarmist rather than objective. Fears of escalation to the point at which Russia may resort to nuclear use have constrained the willingness of Western governments to provide war-winning military support to Ukraine, and have shown Russia that nuclear threats – no matter how implausible – work. If Russia is allowed to achieve success in its war against Ukraine through nuclear intimidation, this validates the concept of nuclear coercion not only for Moscow but for other aggressive, assertive or rogue states around the world. In this research paper, Keir Giles argues that Western support for Ukraine should be guided by informed assessments of Russia’s ac...

2022 14th International Conference on Cyber Conflict: Keep Moving! (CyCon)

The internet of things (IoT), autonomous driving, or Industry 4.0 – regardless of the application... more The internet of things (IoT), autonomous driving, or Industry 4.0 – regardless of the application scenario envisioned, next-decade technologies reliant on connectivity will be based on 5G infrastructure and become increasingly dependent on virtualizations to provide adequate and adaptable network services. Virtualized network functions (VNFs) are used to provide services through software that replaces dedicated network devices. This shift from physical devices to software functions allows easier response and adaptation to environmental conditions (e.g. changes in network traffic or infrastructure). As such, they build the core of modern networks and are crucial to achieving the low latency and high speed of 5G networks. However, this makes VNFs of particular interest to cyber criminals, hacktivists, and state-sponsored hackers. In October 2019, the EU Commission identified state-sponsored attackers as the major threat to the security of 5G networks. The EU’s risk assessment identified core security requirements that are different for 5G networks. Due to the reliance on software, types of devices, and services connected and the heavily interconnected nature of 5G networks, there are more entry points for attackers. Nokia’s head of product management security has said that 5G networks have 200 times more attack vectors than their 4G predecessors. Network services such as VIMs (virtualized infrastructure managers) have already been identified as crucial assets that are expected to be heavily attacked. This article investigates how selected NATO and Western allies have addressed these issues of 5G network security over the past two years, while the pandemic has further highlighted societal dependency on network infrastructure. In particular, it will consider software supply chain security and the approach to foreign vendor integration. It investigates to what extent allies share views and practices on 5G security, which is necessary to ensure a united, secure network across borders. It will also consider the implications of adversary activities directed against identified weaknesses and offer essential principles for how to cope with the emerging threats.

Cyberspace and Cybersecurity; Politics and government/International relations; Law and justice

This monograph considers how a classical challenge that commanders face in war—namely, making cri... more This monograph considers how a classical challenge that commanders face in war—namely, making critical decisions on the basis of limited and often unreliable information—has been exacerbated in the era of big data. Data overload complicates the intelligence community’s efforts to identify and exclude disinformation, misinformation, and deception, and thus hampers its ability to deliver reliable intelligence to inform decision-makers in a timely manner. The military commander remains responsible for making a final decision, yet the great wealth of data now available through the intelligence cycle amplifies the risk of decision paralysis. With this in mind, technological solutions tend to be considered the most appropriate response for managing data overload and disinformation. While these remain relevant, they alone may be insufficient to equip the military commander with the necessary insight to guide decisions through the uncertainty of the big data environment. Rather, the militar...

This case study is excerpted from a forthcoming study to be published through Chatham House, prov... more This case study is excerpted from a forthcoming study to be published through Chatham House, provisionally entitled What Deters Russia. As NATO Allies consider or undertake freedom of navigation operations (FONOPs) in areas of heightened political and military sensitivity for Russia, there is awareness that this may lead to an assertive response by Russia. A previous instance of FONOPs leading to a potentially dangerous confrontation is worth considering in detail for the lessons it provides on the multiple and complex factors that can lead to miscalculation in these circumstances.

International Conference on Cyber Conflict, 2012

2021 13th International Conference on Cyber Conflict (CyCon)

In early 2020, the rapid adoption of remote working and communications tools by governments, comp... more In early 2020, the rapid adoption of remote working and communications tools by governments, companies, and individuals around the world increased dependency on cyber infrastructure for the normal functioning of States, businesses, and societies. For some, the urgent need to communicate whilst safeguarding human life took priority over ensuring that these communications tools were secure and resilient. But as these tools become firmly embedded in everyday life worldwide, the question arises whether they should be considered as critical infrastructure, or perhaps even something more important. In a number of States, the critical importance of the environment for preservation of human life has been recognised by extending legal personhood - and thus, legal rights - to environmental entities. Countries such as Colombia, Ecuador, New Zealand, and India have granted legal rights to various rivers, lakes, parks, and nature in general. This paper explores the future possibility and cases where States may consider granting legal rights to other non-sentient but critically important entities. Looking into a future where human life becomes increasingly dependent upon highly interdependent systems in cyberspace, is there a possibility that these systems are granted personhood? Remote work and its cybersecurity implications could lead to an entirely new recognition of the importance of cyberspace dependencies and, consequently, a newlegal treatment. Against the backdrop of extended debate on the legal regulation of cyberspace, including the law of armed conflict, this would raise even more complex legal considerations, especially in the light of cross-border dependencies and systems that affect multiple jurisdictions. By way of cyber biomimicry, this paper adopts a blue-sky conceptual approach to studying policy considerations and potential implications if highly interdependent cyber systems in the distant future are granted the same protections as elements of the environment.

2021 13th International Conference on Cyber Conflict (CyCon)

The response to the pandemic by states, organisations, and individuals in 2020 highlighted critic... more The response to the pandemic by states, organisations, and individuals in 2020 highlighted critical dependency on communications systems underpinned by cyber infrastructure. Without the benefits of connectivity, governments would have faced greater challenges governing, societies would have found it even harder to maintain cohesion, more companies would have ceased to operate altogether, and personal isolation would have been a vastly more difficult experience. And yet, it is precisely this connectivity within and between NATO states that some adversaries are preparing to attack in time of conflict, including through physical or kinetic means. Russia in particular has long invested in probing vulnerabilities of civilian internet and telecommunications infrastructure, and this programme was urgently ramped up to unprecedented levels of intensity after the seizure of Crimea in 2014 demonstrated the power of total information dominance achieved through targeting critical information assets. Besides Russia, China and a number of other states are also rapidly developing counter-space capabilities that would pose a direct threat to critical civilian communications services. This has obvious implications for crisis management even before overt state-on-state conflict. Vulnerabilities have been sought in all domains: maritime (subsea cables), space (communications satellites), land (fibre optic nodes), and online (targeting specific media sources for neutralisation). The VPNFilter malware exposed in mid-2018, in addition to its cybercrime or cyber-espionage capabilities, demonstrated the ambition to render large numbers of ordinary users in NATO countries simply unable to communicate. Recognising and responding to this emerging disruptive threat and its potential human, societal, and state impact is critical to the defence of NATO states-still more so in the case of disruption to normal life by events such as the pandemic. The threat to cyber-physical systems not ordinarily considered a military target must be recognised, and their defence and security prioritised. This paper outlines the threat and recommends a range of mitigation strategies and measures.

2019 11th International Conference on Cyber Conflict (CyCon), 2019

The unprecedented transparency shown by the Netherlands intelligence services in exposing Russian... more The unprecedented transparency shown by the Netherlands intelligence services in exposing Russian GRU officers in October 2018 is indicative of a number of new trends in state handling of cyber conflict. US public indictments of foreign state intelligence officials, and the UK's deliberate provision of information allowing the global media to “dox” GRU officers implicated in the Salisbury poison attack in early 2018, set a precedent for revealing information that previously would have been confidential. This is a major departure from previous practice where the details of state-sponsored cyber attacks would only be discovered through lengthy investigative journalism (as with Stuxnet) or through the efforts of cybersecurity corporations (as with Red October). This paper uses case studies to illustrate the nature of this departure and consider its impact, including potentially substantial implications for state handling of cyber conflict. The paper examines these implications, inc...

As NATO Allies consider or undertake freedom of navigation operations (FONOPs) in areas of heightened political and military sensitivity for Russia, there is awareness that this may lead to an assertive response by Russia. A previous instance of FONOPs leading to a potentially dangerous confrontation is worth considering in detail for the lessons it provides on the multiple and complex factors that can lead to miscalculation in these circumstances.