In 2022, Europe was overrun by war for the first time since World War II due to Russia’s invasion of Ukraine. Though Russia’s onslaught has featured all the trappings of conventional warfare, like heavy artillery, ballistic missiles, and the mobilization of troops, it has also revolutionized the role of the cyber realm in armed conflict.
Hybrid warfare employs traditional and unconventional methods, including cyber warfare, to subdue and subvert power, complicating the familiar zero-sum structure of military conflict. Russia’s invasion of Ukraine has showcased its mastery of the concept, skillfully utilizing cyberattacks and disinformation campaigns with typical military strategies.
Russia’s extensive cyber presence and commitment to the dissemination of disinformation is present in all corners of the world, especially as it focuses on shoring up support in Latin America, Africa, and Southeast Asia. Still, the most significant cyber threats from Russia about the war in Ukraine remain its cyberattacks on European institutions and its aggressive campaign of disinformation in the Baltic region.
Cyberattacks and the EU
To combat the onslaught of Russian cyberattacks and disinformation campaigns on the European continent, the EU has recently taken significant measures to bolster its security measures against malicious cyber actors.
According to a report from the European Commission, cybercrime–specifically ransomware–accounts for nearly ten terabytes of stolen data each month, which costs almost 5.5 trillion euros yearly and has only increased since 2020.
The Commission further identified distributed denial of service attacks, malware, social engineering threats, data and internet threats, misinformation and disinformation, and supply chain threats as its major concerns for cybersecurity.
The European Commission indicated that in 2022, up to 60 percent of impacted organizations may have paid ransom demands, and upwards of 15 percent of Ukraine’s internet infrastructure was damaged in some form or another by Russia or hackers affiliated with Russia. In response to this jarring data, the EU has quickly adopted new policies and created new agencies to deal with the new cybersecurity demands.
As of June 2023, the EU has adopted a certification framework that involves standardized rules, security requirements, technologies, and evaluation, and it has created a new cybersecurity agency, the European Union Agency for Network and Information Security (ENISA), to effectively stay ahead of increasing cyber threats.
The adoption of these increased security measures could not have come sooner, considering that in 2023 alone, the Center for Strategic and International Studies (CSIS) has identified upwards of 30 major cyberattacks on the US and European continent independently.
Hallmarks of Russian Disinformation
In addition to the destructive malware and ransomware that characterize Russia’s malicious cyberattacks, according to the Cybersecurity and Infrastructure Security Agency, Russia also employs a sophisticated approach to spreading disinformation worldwide. This approach relies on various mediums to spread overlapping stories, which allows for plausible deniability for the Russian state and a media multiplier effect– increasing the reach of the disinformation being distributed across platforms.
During the time leading up to and after the Russian invasion of Ukraine, sources with ties to Russia were disseminating wild propaganda across social media, news outlets, and other channels. These false narratives are particularly damaging in the Baltic region, which historically has close ties to Russia and Russian-based media outlets.
In addition, the U.S. Department of State has identified five pillars of the Russian disinformation and propaganda ecosystem that can be used to help identify and classify the various methods of dissemination:
- Official government communications:
- Includes official statements by the Kremlin or Ministry, government officials, and state social media channels;
- State-funded global messaging:
- Includes state-funded media- both foreign and domestic facing, foreign-based but state-funded media, and international Russian cultural institutions;
- Cultivation of proxy sources:
- Includes Russia-aligned foreign news outlets with global influence (can be language specific), both conscious and unconscious propagation of Russian narratives, and the amplification of said narratives by foreign states;
- Weaponization of social media:
- Includes entry into domestic discussions, campaigns to destabilize foreign institutions, and amplification of civil unrest; and
- Cyber-enabled disinformation:
- Includes hacking, site capture, website cloning, forgery, and interruption of objective media sources.
When these pillars work in conjunction with one another, it allows Russia to send out nuanced and subtle propaganda in addition to the less elegant hacking that can prove challenging to recognize for states, corporations, and individuals alike.
Implications for US Businesses
Companies operating in the region must update cybersecurity policies and procedures to protect the firm’s assets and avoid the Russian threat.
According to the European Council, nearly 82 percent of data breaches involved a human element. This means that training for your firm’s team is necessary to ensure team members can recognize cyber threats and misinformation.
Importantly, Russian disinformation campaigns and cyberattacks can and do take place in the United States as well. This means that domestic cybersecurity policies and procedures should also be considered in the context of the Russian cybersecurity threat.
To learn more about risk management and how Infortal can help you identify, assess, and mitigate risks, reach out today.