New geopolitical dimensions of information warfare
Russia's rightful place in the cybernetic and informational-psychological segments of the information confrontation can be ensured by a combination of measures to protect national cyberspace from hostile influences, going beyond the defense procedures and carrying out actions of a proactive and prohibitive nature outside the national segment of cyberspace – in the interests of countering the emerging threat or suppressing an impending attack.
This topic was in the focus of the XVII International Forum "Partnership of the state, business and Civil Society in ensuring international information security". It discussed topical issues of developing cooperation on the use of the global ICT environment (a concept that unites the telecommunications and foreign information environment) and the formation of an international information security system in the new geopolitical realities. The event was held on September 18-21, 2023 on the basis of the Diplomatic Academy of the Ministry of Foreign Affairs of the Russian Federation. The forum, which is traditionally organized by the Russian National Association for International Information Security (NAMIB), was attended by more than 200 scientists and specialists from 15 countries, representatives of the Security Council of the Russian Federation, the Ministry of Foreign Affairs and the Ministry of Justice of the Russian Federation, the United Nations, the International Telecommunication Union, the Conference on Interaction and Confidence-Building Measures in Asia (CICA), Interpol.
The participants noted significant changes in the global world order and the formation of a multipolar world by strengthening the sovereignty of developing countries, enhancing the role of the global South, expanding the membership of BRICS and SCO, multilateral cooperation in the field of international information security, cybersecurity and data security, international rules and standards for cross-border data transmission.
The focus was on the development of public-private partnership and its role in ensuring the digital sovereignty of subjects of international law, the formation of an international legal regime regulating the use of ICT. New aspects of the problem of preserving spiritual and moral values, the issues of falsification of individual facts and history as a whole, the formation of post-truth using artificial intelligence technologies, the tasks of countering and improving the culture of society were raised.
Special attention was paid to the basic component of the international information security system – the fight against computer crime in the ICT environment. In this context, the latest trends of criminal activity in the global information space are considered.
The innovation of the forum was the topic related to ensuring the information security of the younger generation. The recently approved Concept of Children's Information Security has become the focus of attention of experts representing various fields of humanities, as well as network business, law enforcement agencies, lawyers and legislators. An interesting discussion is expected. The main emphasis will be placed on the prevention of antisocial behavior and crime in the online environment, reducing the involvement of adolescents in extremist and terrorist activities, improving the culture of safety and responsible attitude to new communication technologies.
The forum participants considered new aspects related to the use of computer attacks by the collective West as an element of a hybrid war against undesirable states. These issues were reflected in the reports of Vitaly Grigoriev "Topical issues of deploying a training system in the field of information warfare in a hybrid war against Russia" and Alexander Bartosh "Comparative analysis of the approaches of leading states to the use of cybernetic means in information warfare in a hybrid war".
In general, the rich program of the forum reflects the processes inherent in world politics of the formation of a new, increasingly multidimensional architecture of international relations, which is characterized by a high level of instability and instability. Along with sophisticated military-political technologies of hybrid warfare, the military technosphere is actively developing, which largely determines the direction of transformation of wars and armed conflicts, gives additional impulses to the introduction of new forms and methods of interstate confrontation.
In the context of the development of the world hybrid war (MGW) The increasing confrontation in the global information space, caused by the desire of the countries of the collective West to use information and communication technologies to achieve their geopolitical goals, including by manipulating public consciousness and falsifying history, has an increasing influence on the nature of the international situation.
In this context, the actions of the enemy to disrupt the stability of the functioning of the critical information infrastructure of the Russian Federation using cybernetic weapons pose a serious danger.
HYBRID WARFARE
There are two segments in the information confrontation: information technology (or, for short, cyberkinetic) and information psychological. The objects of cyberkinetic influence are elements of the global technosphere (including computerized means of armed struggle).
In the document of the Joint Chiefs of Staff (JCS) The United States "National Military Strategy for Conducting Operations in Cyberspace" refers to cyberspace as "the sphere in which electronic means and the electromagnetic spectrum are used to store and transform data, as well as their exchange through computer networks and related infrastructures."
Confrontation in cyberspace is considered as an operational and strategic category that characterizes the process of rivalry between the conflicting parties, in which each conducts operations, events or actions related to software, mathematical and other types of impact on the objects of the enemy's combat control and communications system, its weapons and military equipment in relation to the other.
One of the main forms of confrontation is the operation. For example, the US Armed Forces distinguish between operations in cyberspace (Cyberspace Operation) and cyber operations (Cyber Operation). Each of them is a set of coordinated and interrelated in terms of goals, objectives, place, time, objects and content of simultaneous or sequential measures carried out according to a single plan and plan to influence enemy objects in cyberspace. The essential difference lies in the means by which this impact turns out to be: cybernetic (computers with their network, hardware and software resources) or non–cybernetic (means of information, psychological and electronic warfare, electronic intelligence, operational camouflage and disinformation, and in the future - directed energy weapons).
The information confrontation (IP) is proposed to be understood as a struggle in the information sphere, which involves a complex destructive impact on the information, information systems and information infrastructure of the opposing side, while simultaneously protecting its own objects of the information sphere from such an impact. The ultimate goal of the IP is to gain and maintain information superiority over the opposing side.
Today, information and psychological warfare as a form of information warfare has become an independent type of foreign policy and an important tool of the civil war, which arose at a certain stage of maturity of information warfare due to scientific and technological progress and information integration of the world community. The purpose of the information war (IW) is to undermine the political, economic and social foundations of the opposing states, their territorial fragmentation, ensuring favorable material and environmental living conditions of their population at the expense of other states.
IP in a hybrid war expands the concept of the "gray zone" as a theater of military–political strategic space, within which the international system, balancing on the brink of war and peace, is reformatted under the rules of the new world order, and the main efforts of the parties in the confrontation in the military information sphere focus on achieving unilateral advantages in the collection, processing and use of information on battlefield (in operation, battle).
In general, IW as an important part of the strategy of hybrid confrontation in the gray zone should be considered as a set of measures taken to achieve information superiority over the enemy by influencing its information systems, processes, computer networks, public and individual consciousness and subconsciousness of the population and personnel of the Armed Forces, while protecting its information environment.
The peculiarity of the modern stage of the revolution in military affairs (RVD) is the development and introduction of high–precision weapons in conventional and nuclear equipment into the troops, as well as the emergence of a new type of interstate confrontation – GW. The most important component of the current phase of the RVD has been the rapid progress of a variety of non-lethal weapons that are used in various non-military actions of States in the information sphere.
The development of qualitative changes in military affairs leads to the transformation of deterrence doctrines, taking into account the growth of cyber threats, the emergence of artificial intelligence (AI) technologies and its use in military and non-military operations, the expansion of the use of ICT for military and political purposes. There are technological threats associated with digitalization and the strengthening of the digital technology factor in the organization and manipulation of protest movements, neural networks and network-centric technologies are developing.
The creation of structures in the Russian Federation, the United States, China and some other states responsible for actions in cyberspace reflects the reaction to the emergence of a new, fifth theater of military operations – cybernetic. The development and practical use of offensive and defensive strategies of cyber–confrontation in the military sphere in these states are respectively engaged in the Cyber Forces of the Ministry of Defense of the Russian Federation, the Cyber Command - the Unified Combat Command of the US Armed Forces and the Bureau of Network Systems of the Strategic Support Forces (SSP) of the PLA.
The Pentagon and the CIA use the undocumented capabilities of the software products of American companies to collect classified information in the computer networks of foreign countries. Photos from the website www.cybercom.mil
PENTAGON STRATEGY
The new Pentagon cyber strategy, the unclassified part of which appeared in the public domain on September 12 (DOD_Cyber_Strategy_Summary.PDF), implements the priorities of the National Security Strategy for 2022, the National Defense Strategy for 2022 and the National Cybersecurity Strategy for 2023. It replaces the 2018 cyber strategy of the US Department of Defense and is designed to "set a new strategic direction" for the Pentagon. It is argued that cyber military capabilities are most effective when used in conjunction with other instruments of national power, creating a deterrent that exceeds the sum of its components.
The document claims that Russia remains an acute threat to the United States in cyberspace and allegedly targets the critical infrastructure of the United States, as well as the infrastructure of allies and partners. Russia continues to improve its capabilities in the field of espionage, influence and attacks. Other challenges and threats in the cybersphere are China, Iran, the DPRK, extremist and transnational criminal organizations.
Special attention is paid to the selection and motivation of personnel to work in the cybersphere. It is planned to actively identify cybersecurity talents with experience in the military-industrial sector, in the commercial sector of information technology, in academia, in the intelligence community and in the military sphere. Incentive programs for such specialists should be provided with sufficient resources and aimed at the specific desired skills of candidates. Such programs should facilitate the recruitment, motivation and retention of staff. Candidates will be selected from national business structures, while brain drain from other countries will be encouraged.
The White House administration in August put forward an initiative involving the use of Artificial Intelligence Cyber Challenge AI technologies in the cybersphere. It is planned to hold a two-year competition under the auspices of the Defense Advanced Technologies Agency DARPA. The competition is attended by well-known American IT companies Anthropic, Google, Microsoft and OpenAI. The emphasis is supposed to be on the development of technologies for "penetration and impact" on the Internet and other sectors that are associated with it and may be vulnerable.
The Pentagon's General Directorate of Digital Technologies and Artificial Intelligence (CDAO) has created the Lima Task Force to study generative AI for military applications. Lima will evaluate, synchronize and use the capabilities of generating AI in all structures of the Ministry of Defense, ensuring that CDAO remains at the forefront of advanced technologies, ensuring national security.
The US Department of Defense is already actively using AI – both in the military-industrial sector (for example, to improve the capabilities of UAVs as intelligence and reconnaissance tools) and as an information warfare weapon.
These and many other US initiatives in relation to the confrontation in the cybersphere represent a further development within the framework of the strategies of the GW of the concept of "cheap war" (War on the Cheap), which is based on the premise that "one million dollars and 20 people, conducting computer attacks, can ensure success comparable to the actions of thousands of troops". It is believed that with relatively small forces and means, with minimal financial costs, it is possible to disable the enemy's military and state information infrastructure so that it will take years to restore it. The Pentagon's new cyber strategy is aimed at solving such problems.
The above - mentioned and some other US strategic planning documents are characterized by the use of the following important factors:
1. Emphasis on a long-term strategy for the development of the cybersphere and readiness to conduct a tough geostrategic confrontation in the global cyberspace.
2. Within the framework of the global security strategy, a "hybrid approach" is provided for the prevention, response and deterrence of malicious cyberactivity. It provides for the use of all available tools, including diplomatic, informational, military (both kinetic and cybernetic), financial, intelligence mechanisms, public diplomacy, and law enforcement actions.
3. Development of an internal risk management system in federal-level supply chains, which includes, among other things, the definition of clear powers to exclude (in some cases) from the supply and procurement process those suppliers of products and services for civilian and military consumers who are considered risky.
4. Updating legislation on electronic surveillance and computer crimes to expand the capabilities of law enforcement agencies to legally collect evidence of criminal activity and conduct operational investigative and judicial procedural actions.
Conclusions follow from what has been said:
1. The US strategic planning documents provide the American authorities with opportunities for unsubstantiated accusations about the involvement of a country in an incident in cyberspace, which creates conditions for the escalation of international tension up to the use of force.
2. The US strategic planning documents do not indicate plans to create international legal mechanisms that could independently, objectively and with due competence conduct a legitimate investigation and make a judicial decision regarding malicious acts in the ICT environment.
3. The alleged initiators of malicious subversive actions in the cyber environment have been unilaterally determined by Washington and are not subject to doubt: These are Russia, China, Iran, North Korea and international terrorism. It is against them that the main efforts of the United States and its allies are directed, including through the use of a network of NATO Centers of Excellence within the framework of GW strategies.
4. The United States does not raise the issue of mutually beneficial official contacts on the subject of information and cybersecurity. As a result, the split between the Russian, Chinese and American vision of the future of the ICT environment is only growing, which can lead to serious mutual accusations of subversive cyber activity, up to open confrontation, and fragmentation of the ICT environment and the Internet.
ON THE PROTECTION OF CHINA'S INTERESTS
China is actively developing national strategic planning documents in the field of cybersecurity. In 2017, the "Cybersecurity Law" was adopted, aimed at protecting the national "cybersecurity" of the PRC.
The basic provisions of the document include:
– ensuring the security of critical areas (public communication and information services, illegal use and leakage of data in which may pose a serious threat to national security);
– the unconditional obligation of server and service providers to inform users and relevant competent authorities in a timely manner about any known security vulnerabilities and take the necessary measures to eliminate them;
– mandatory requirements for strict protection of personal data, a complete ban on storing personal data outside China;
– increased requirements for professional training and reliability of employees of information infrastructure facilities.
The leadership of the People's Republic of China pays considerable attention to the issues of ensuring the internal security of the state and carries out activities aimed at improving the "Unified Intelligence and Information Space" (ERIP) in the interests of controlling foreign citizens and local residents in the country. The main functions of the ERIP in the national security system of the People's Republic of China are countering the activities of foreign intelligence services in China, protecting strategically important facilities, preventing crimes, as well as monitoring public security.
The system includes several automated security subsystems:
– automated video monitoring;
– tracking via smart devices;
– social lending.
These subsystems automatically process various types of information about individuals and send it for systematization into a single database – the Public Security Police Cloud information storage.
Thus, the actions of the Chinese government in the cybersphere are aimed at strengthening state control over the activities of Chinese and foreign companies on the Internet. At the same time, digitalization and control over the cybersphere are used by special and law enforcement agencies to prevent cyber espionage and cyber-sabotage by malicious cyber penetration of the enemy into the objects of state and military administration, for covert control of the activities of the enemy's special services and criminal elements, as well as to control various aspects of the life of the population by forming a strict hierarchy in various segments of the population depending on the reliability rating, which contributes to improving the level of national and public security.
confrontation
Cyberwarfare of Russia. A set of defensive tasks: carrying out operations in the information space, ensuring information security at military and critical state facilities (preventing computer intrusions, violations of the integrity, security and security of information in infrastructures, networks, information systems).
Offensive tasks: the implementation of computer intrusions into the information networks and systems of the enemy, disruption of the functioning of its information infrastructures, disabling them, etc.
Cyber Command is a unified combat command of the US Armed Forces. Main tasks: centralized conduct of cyberwar operations, management and protection of US military computer networks. The strategy is based on the following principles: the attitude to cyberspace as a territory; the use of active protection; the support of the Ministry of Internal Security in protecting critical infrastructure networks; the practice of collective defense together with allies; reducing the benefits of hostile use of the Internet.
The Bureau of Network Systems of the SSP of the PLA. Main tasks: development of forces and means related to ensuring cybersecurity, conducting electronic intelligence and cyber intelligence, conducting combat operations in cyberspace, electronic warfare, in coordination with operations in space. The Bureau conducts "integrated electronic network warfare" by means of a complex multicomponent impact on control systems, communications, intelligence, targeting, on enemy computer networks using cyber weapons and electronic warfare means coordinated with their fire defeat.
IMPACT FACTORS
Betting on the expansion of cyber impacts in the military, politicians and the military are guided by the following factors:
– the increasing role of cyber operations in hybrid warfare is associated with the high destructive power of cyber weapons as a means of non-forceful influence on the enemy;
– the secrecy of the use of cyber weapons, the high speed of delivery of the damaging factor to the target, the difficulty of determining the source of the cyber attack;
– high degree of vulnerability of national information infrastructures, primarily critical;
– high efficiency of cyber espionage in global economic, political and military confrontation;
– an important role is assigned to cyber intelligence, which is organized and conducted to solve two groups of tasks: 1) obtaining intelligence information from computer systems or networks and processing them using hardware and software (computer intelligence);
2) collection and systematization of data on potential sources of cyber threats and the threats themselves (cyber threat intelligence).
Cyber intelligence should be ready to carry out a set of coordinated measures for unauthorized penetration into the networks and computers of foreign state and non-governmental organizations, as well as individuals of interest. Collecting information about cyber threats involves the use of completely new sources, technologies and techniques, which requires constant improvement of technical, software and personnel components.
CONCLUSIONS FOR RUSSIA
Taking into account the increasing importance of cyber-confrontation for Russia, the priority tasks are to develop and implement measures involving a combination of measures to protect national cyberspace from hostile influences, going beyond defense procedures and carrying out actions of a proactive and prohibitive nature outside the national segment of cyberspace, in the interests of countering the emerging threat or suppressing an impending attack.
Today, the Internet as a dynamic, mobile and ubiquitous medium forms the connective tissue for two-thirds of the world's population. It is also under attack by those who seek to undermine secure and open cyberspace and threaten Russia's security. In these conditions, it is important to achieve sustainable advantages in cyberspace in order to contain, escalate/de-escalate the situation and remain at least at the level of our opponents and competitors, preventing their predominance in the cybersphere.
The most important role is played by the selection and training of personnel capable of acting competently in the conditions of the GW, promptly extracting and analyzing data of all types of intelligence, providing reliable information-analytical and prognostic reports to the governing authorities.
Building up the capabilities of cyber operations within the framework of the ongoing war against our country is designed to show the enemy that the use of cybernetic means of influencing vulnerable objects of state, industrial and military infrastructure will inevitably lead to the gravest consequences comparable to the results of nuclear strikes.
The educational component requires increased attention in the training of personnel capable of acting in conditions of fierce cyber confrontation. Solving this task will require joint efforts on an interdepartmental basis, involving specialists from the Ministry of Defense, the Ministry of Foreign Affairs, the Russian Academy of Sciences, the Academy of Military Sciences, and the Russian Authors' Society.
Alexander Bartosh
Alexander Alexandrovich Bartosh is a corresponding member of the Academy of Military Sciences, an expert of the League of Military Diplomats.