Home » Cyber » Cyber Security Center » Russia’s Cyber Forces

Russia’s Cyber Forces

by Ward Carroll on May 27, 2008

russian-flag.jpg

Russia is well known for its military mentality. Remember the cold war? It has taken nearly a decade for the world to realize the true threat of cyber war. Today, the world is dependent on computers and networks much more than we were eight years ago when we experienced the NATO-Serbia cyber war. Russia opened the eyes of the world to the looming threat of cyber warfare after the Estonia incident. Just last week Russia’s State Sponsored cyber forces opened up a new front in cyber war.

Reports indicate that Russian Cyber Forces unleashed a large scale cyber attack on Radio Free Europe. In addition, there is some evidence of the use of BotNets in politically motivated distributed denial-of-service (DDoS) attacks. With all this demonstrated ability, should we be concerned? What are Russia’s true cyber warfare ambitions? Russia’s Cyber Warfare Doctrine is designed to be a force multiplier along with more traditionary military actions including WMD attacks. A force multiplier is a military term that describes a weapon or tactic that, when added to and employed along with other combat forces, significantly increases the combat potential of that force.

Like all offensive cyber strategies it includes the capability to disruption the information infrastructure of their enemies. This doctrine includes strategies that would disrupt financial markets, military and civilian communications capabilities as well as other parts of the enemy’s critical infrastructure prior to the initiation of traditional military operations. They also address weaken the economy of their adversary to further decrease their ability to respond to the combined threat. Offensive cyber weapons receive great attention in the Russian Cyber Warfare Doctrine. This coupled with advanced R&D puts them on the leader board in cyber warfare.

Cyber attacks and cyber weapons are strategic arms and in effect are real offensive weapons. Cyber-attacks can harm or even paralyze a country and therefore have equivalent implications as that of physical military attacks. Most cyber attacks leave behind forensic evidence that can be used to assess the capabilities of the attacker. With all the attacks attributed to Russia, there has to be significant intelligence out there about techniques, cyber weapons, and strategies that have been used in these cyber assaults. An interesting point is that NATO’s Defensive Treaty drawn up in 1949 does not deal with cyber weapons as the Internet did not yet exist and there were very few computers at the time.

Once again, warfare capabilities have outpaced our legal and political systems. Former Russian President Vladimir Putin has blasted the US for its militaristic approach to foreign policy, saying its actions were “nourishing an arms race.” Need some more evidence? In 1998, Russia’s defense budget was less than $3 billion. Since that time, the Russian defense budget has been soaring, funded by substantial increases in their petroleum income, the budget jumped 23 percent in 2007 to $32.4 billion.

An interesting point to keep in mind is that Moscow does the arms business with over 70 countries, including China, Iran, and Venezuela, and in 2006 exported $6 billion worth of arms. Russian intelligence services have a history of employing hackers against the United States. In 1985 the KGB hired Markus Hess, an East German hacker, to attack U.S. defense agencies in the infamous case of the Cuckoo’s Egg.

The following is an estimate of Russia’s cyber capabilities.

Russia’s 5th-Dimension Cyber Army:

Military Budget: $40 Billion USD

Global Rating in Cyber Capabilities: Tied at Number 4

Cyber Warfare Budget: $127 Million USD Offensive Cyber Capabilities: 4.1 (1 = Low, 3 = Moderate and 5 = Significant)

Cyber Weapons Arsenal in Order of Threat:

  • Large, advanced BotNet for DDoS and espionage
  • Electromagnetic pulse weapons (non-nuclear)
  • Compromised counterfeit computer software
  • Advanced dynamic exploitation capabilities
  • Wireless data communications jammers
  • Cyber Logic Bombs Computer viruses and worms
  • Cyber data collection exploits Computer and networks reconnaissance tools
  • Embedded Trojan time bombs (suspected)

Cyber Weapons Capabilities Rating: Advanced

Cyber force Size: 7,300 +

Reserves and Militia: None

Broadband Connections: 23.8 Million +

Close ties with Russian Business Network (RBN), who is thought to own and operate the second largest BotNet in the world. Intelligence suggests there are organized groups of hackers tied to the Federal Security Bureau (FSB).

The FSB is the internal counter intelligence agency of the Russian Federation and successor to the Soviet KGB. Russia is often overlooked as a significant player in the global software industry. Russia produces 200,000 scientific and technology graduates each year. This is as many as India, which has five times the population. This is hard to believe since their software industry can be traced back to the 1950s.

A study by the World Bank stated that more than one million people are involved in software research and development. Russia has the potential to become one of the largest IT markets in Europe. The Russian hacker attack on Estonia in 2007 rang the alarm bell. Nations around the world can no longer ignore the advanced threat that Russia’s cyber warfare capabilities have today and the ones they aspire to have in the near future.

From this information, one can only conclude that Russia has advanced capabilities and the intent and technological capabilities necessary to carry out a cyber attack anywhere in the world at any time.

Kevin Coleman

Share |

{ 13 comments… read them below or add one }

Ted May 27, 2008 at 11:07 am

Are you going to review the U.S. standing as well? I would be interested in where we stand!

Reply

Kevin May 27, 2008 at 1:37 pm

“b”
There are over 1 million pieces of malware. How can you even post such a statement!
Consider this, if you wait for hard facts or “Intel” that means it has already happened. Strategic advantage is created by educated guesses, generated by a process of asking “what if.” Take for example current computer virus protection. Today virus detection relies on the identification of signatures in the code of the virus itself. Therefore, you have to have experienced the virus, before you create the ability to defend against it. You comment” Reports indicate” and “there is some evidence” do not make a “demonstrated capability” are indicative of that mindset.
Do we really want to wait till we experience a cyber attack that disrupts the U.S. the same way Estonia was disrupted or worse before we start to plan our defenses? I think not!

Reply

Spyguy May 27, 2008 at 2:13 pm

HEY b want to try to defend you comment now. Kevin bings up one hell of a good point!

Reply

b May 27, 2008 at 2:36 pm

Do we really want to wait till we experience a cyber attack that disrupts the U.S. the same way Estonia was disrupted or worse before we start to plan our defenses? I think not!
No, certainly not. Let’s take care of those Martians. I heard you are an expert of fighting Martians. All power and budgets to you.

More seriously:
There are some Russian crime groups that do use bot nets.
There some Chinese, German, U.S. based mafia and other crime groups who use the same tools. There are ways to defend against these and any IT manager worth his paygrade knows how to do this.
There is, unlike what you state, no evidence that these bot nets are state founded.
But you build your “threat” on the Russian alleged budget, without ANY source.
Now what is the U.S. budget on cyber attacks?
As you seem to know the Russian one you will certainly know the U.S. one. How about a comparison. May Russia just defends?
Why do you want my taxdollars to be wasted against this threat? Oh, that’s your job?
Fine, but not with me.

Reply

SpyGuy May 27, 2008 at 2:43 pm

B your cooment are out of place. Keep in on and intellectual level or don’t bother! Kevin don’t waist yrou time with “b” his comments are ot constructiveat ALL.
Forget about “b” remember never argue with a fool – bystanders can’t tell who is who.

Reply

Michelle May 27, 2008 at 7:00 pm

I have a question for b – Kevin’s work was referenced by STRATCOM in a Congressional hearing last week. What have you done and who in that elite group have referenced you?
See Washington Post Article
http://www.washingtonpost.com/wp-dyn/content/article/2008/05/20/AR2008052001372_2.html

Reply

pedestrian May 28, 2008 at 12:11 am

I was familiar about the ugly spam bussiness in Russia, and on the otherhand has great software such as the Kaspersky Anti Virus, but never had a clear vision about the Russian cyber warfare team. Interesting report.

Reply

helovesgold May 28, 2008 at 7:31 am

what better test bed is there than your client target base ? barrageing radio free europe with software is a test. once there was a story about our x bunkie bin laden wanting to bomb radio free europe instead or before 9/11. a cyber stealth attack might be more survivorable than a gassed up jet smashed into Duetsche Bank H.Q. A West Point motto is ” Do not take counsel in your own fears. ” Momma said ” brains are better than brawn. ” ” Be prepared. ” DeVry Institute ? ” Gawd bless Milky Way ! ”

Reply

Seen the elephant May 28, 2008 at 8:28 am

I spent the last six years of my military carrer in Information Operations. Been to DISA, 1st IO Command, and overseas. Seen the firewall logs of Federal and State organizations, military and government, where it is amazing from where we are being probed and attacked. H*ll, I have been around long enough to remember the first BRAIN virus (picked it up from one of my trips to Korea in the 80′s). The threat to EVERYONE’S networks is real. We are not spending enough to protect ourselves. By the way, the Army’s version of Information Operations makes more sense then the other services, including the new Air Force command. There is more to information warfare than digits and electrons….

Reply

Kevin May 28, 2008 at 1:41 pm

Ok — you had to bring up the old “Brain” virus. Now you have gone and done it – you made me feel old. I had totally forgotten about that one.

Reply

paul May 30, 2008 at 4:16 pm

It’s all about IRC/disruption and acute knowledge
of political pull-sources etc…They won’t stop unless a certain figure speaks out….But that figure is usually the one in command and control
status etc…Key word:’Acute.’

Reply

Charlie May 6, 2009 at 5:15 pm

Russia should not be over looked,and if you seriously think that China is becoming a serious threat,you have no idea who we are!!!! USA

Reply

cyberian September 11, 2011 at 11:33 am

public relations. russia needs no extra military expenditures. ru cybernetwrx is a students’ business, sry. call cyberia anywhere in the web.

Reply

Leave a Comment

Previous post:

Next post: