Inside Cyber Warfare

Chapter 23

[44] Department of Defense Strategy for Operating in Cybers.p.a.ce, July 2011.

[45] Basarab Nicolescu, "The Manifesto of Transdisciplinarity," SUNY Press 2002.

[46] Even though Pauli's lifetime preceded the Internet age, he wrote extensively about a unifying connecting principle that bridged mind and matter. Nicolescu references Pauli's work, and calls that connecting principle cyber-s.p.a.ce-time.

[47] "Indeterminacy," The Information Philospher, http://www.informationphilosopher.com/freedom/indeterminacy.html.

[48] http://www.biroco.com/yijing/stick.htm.

[49] "Indeterminacy," The Information Philospher, http://www.informationphilosopher.com/freedom/indeterminacy.html.

[50] Ian Stewart, Does G.o.d Play Dice? The Mathematics of Chaos (Wiley), p. 141.

[51] Basarab Nicolescu, "Methodological Foundation of Transcultural and Transreligious Studies," www.esoteric.msu.edu/VolumeIII/HTML/Nicolescu.html.

[52] US DHS-National Cybersecurity and Communications Integration Center Bulletin, "Anonymous and a.s.sociated Hacker Groups Continue To Be Successful Using Rudimentary Exploits To Attack Public And Private Organizations," A-0010-NCCIC-160020110719.

Social Networks: The Geopolitical Strategy of Russian Investment in Social Media

There is a troika of powerful individuals fueling the growth of the Russian Internet, as well as Russian investments in cybers.p.a.ce, while serving the interests of the Kremlin. These men are Gleb Pavlovsky (founder, Foundation for Effective Politics), Vladislav Surkov (Deputy Chief of Staff of the President of the Russian Federation), and Yuri Milner (CEO, DST Global, Inc.). Their genesis of power and influence began in the mid-90s when the Russian Internet was still in its infancy. Today, with Twitter, Facebook, and YouTube live broadcasting the regime changes sweeping across Northern Africa and the Middle East, Internet-savvy politicians and businessmen are the new power brokers in the Kremlin.

Gleb Pavolvsky The 1990s were the formative years of the Russian Internet (RuNET), led in part by Gleb Pavlovsky and his Foundation for Effective Politics. Pavlovsky saw the value of a Russian Internet early on and was instrumental in creating the first Russian online news magazine, Russkiy Zhurnal, and helping organize and fund the creation of Lenta.ru, Gazeta.ru, and other sites. He served on four presidential election campaign staffs in 1996, 2000, 2004, and 2008. Pavlovlsky's publis.h.i.+ng house, Yevropa, published Khroniki Informatsionnoy Voynyby (Information Warfare Chronicles) by Maksim Zharov and Timofey Shevyakov, which doc.u.mented the online attacks between Russian and Georgian hackers during the five-day war in August 2008.[53] The book opens with the following paragraph: Net wars have always been an internal peculiarity of the Internet-and were of no interest to anyone in real life. The five-day war showed that the Net is a front just like the traditional media, and a front that is much faster to respond and much larger in scale. August 2008 was the starting point of the virtual reality of conflicts and the moment of recognition of the need to wage war in the information field too.

As of April 27, 2011, Pavlovsky and the Foundation for Effective Politics have fallen out of favor with the Kremlin for political reasons having to do with the upcoming 2012 presidential election. According to RIA Novasti, Vladislav Surkov personally terminated EPF's contract.[54]

Vladislav Surkov Vladislav Surkov, known as the "Grey Cardinal" and the "Dark Prince of the Kremlin," worked for Mikhail Khodorkovsky at Bank Menatep (19911996).[55] Surkov became Deputy Chief of Staff of the President of the Russian Federation in 1999-the same year that Boris Yeltsin resigned and Vladimir Putin became acting President (until the 2000 elections made it official). Surkov is considered the Chief Ideologue of the Kremlin and is an ardent proponent of online activism in support of the interests of the Russian Federation and the United Russia party. After Kyrgyzstan's Tulip Revolution (2005), Surkov founded a youth organization called Nas.h.i.+ ("Us") whose purpose was to support then-President Putin and the United Russia party against counteropposition groups both physically and in cybers.p.a.ce. Nas.h.i.+ is funded in part by the Federal Agency for Youth Affairs, which is headed by cofounder Vasily Yakemenko.[56]

On May 21, 2009, Russian President Dmitry Medvedev signed an edict creating a presidential commission for the modernization and technological development of the Russian economy. Medvedev is chairman, and Vladislav Surkov is one of two deputy chairmen (Sergey Sobyanin, Chief of Government Staff and Deputy Prime Minister is the other). Yuri Milner is the only nongovernmental employee who serves on this commission, which makes his inclusion highly significant.

Yuri Milner After graduating from the Wharton School of Business, Yuri Milner worked in Was.h.i.+ngton, DC for the World Bank until spring 1995 when he was recruited by Mikhail Khodorkovsky to run his investment brokerage company, Alliance-Menatep.[57] In February 1997 Milner became Deputy Chairman and Head of Investment Management for Bank Menatep.[58] During the next two years Milner was involved in evaluating investment opportunities for the bank-particularly, Internet properties. While at Menatep, he formed New Trinity Investments. When the bank lost its license in 1999 for financial misconduct (Khodorkovsky is currently serving time in a Russian prison), Milner branched out on his own and in 2000 launched an Internet services company called NetBridge, most likely funded through New Trinity.[59] In February 2001 NetBridge merged with another Internet company (Port.ru) and became Mail.ru, which-10 years later under Milner's leaders.h.i.+p-earned almost US$1 billion in its IPO on the London Stock Exchange.

Mail.ru was originally the press service for a large Russian conglomerate called Neftyanoi Concern, which is a major holding company with investments in the financial (Neftyanoi Bank), energy, real estate, food, and Internet sectors. In 2003 Milner went from CEO/Chairman of Mail.ru to Director General and Chairman of the Board for Neftyanoi Concern. In 2005 Neftyanoi Bank was charged with money laundering, and its CEO, Igor Lins.h.i.+ts, eventually fled the country. Milner wasn't charged with any wrongdoing, but this period of his life was not disclosed in the Goldman Sachs prospectus for the Mail.ru Group IPO, nor was it mentioned on his bio at the former Digital Sky Technologies website.

2005: A Turning Point

The year 2005 was a pivotal one for the Russian government. Longtime evangelists Pavlovsky and Surkov had a concrete event (the Tulip Revolution) that would substantiate the need for the Kremlin's investment in Internet technologies. In a June 2005 interview with The St. Petersburg Times, Surkov said there would be no Orange Revolution in Russia: "There will be no uprisings here," said Surkov, who oversees the Kremlin's relations with political parties, parliament, and youth organizations. "We realize, of course, that these events have made an impression on many local politicians in Russia-and on various foreign nongovernmental organizations that would like to see the scenario repeated in Russia."

It was also in 2005 that Yuri Milner left Neftyanoi Concern and founded Digital Sky Technologies (DST) with cofounder Gregory Fingar of New Century Investments. From 2005 forward, the Russian Internet was not only just a place to do business, it had also become a new war-fighting platform from which attacks could be launched against both external and internal opponents with complete anonymity. In addition, it provided a self-funding open source intelligence operation for the Russian Security Services, thanks to the enormous popularity of social networks worldwide-the very networks that Milner and DST were busy investing in. As investments ramped up, so did the Kremlin's use of cybers.p.a.ce as an attack platform. Kyrgyzstan (2005), Estonia (2007), Georgia (2008), and possibly Kyrgyzstan again (2009) represent four well-known examples of Internet-based attacks against external opponents.

However, the Russian Internet was also being used to control internal dissent. In March 2009 Vladislav Surkov organized a conference of Russia's top bloggers to announce a new Internet strategy for influence operations:[60]

"The aim of the conference is to work out a strategy for information campaigns on the Internet. It is formulated like this: To every challenge there should be a response, or better still, two responses simultaneously," a source who is familiar with the process of preparations for the meeting explained. "If the opposition launches an Internet publication, the Kremlin should respond by launching two projects. If a user turns up on LiveJournal talking about protests in Vladivostok, 10 Kremlin spin doctors should access his blog and try to persuade the audience that everything that was written is lies."

DST and the Kremlin

In May 2009, Yuri Milner was simultaneously promoted to a presidential commission (May 15) and closed his first $200 million investment in Facebook (May 26).[61] Six months later, as he continued to make investments in US social media companies, he was appointed to an almost year-long project by the Ministry of Communication and Information to a.n.a.lyze the scale and distribution of illegal content on RuNET.[62] Oddly, when this information

Milner's reaction to the post, which Forbes removed immediately upon receiving the complaint (Forbes also had not conducted any fact-checking first), demonstrates how carefully he manages publicity around his background-particularly anything that would reveal his close relations.h.i.+p with the Kremlin. Even DST's website has changed from a multipage site that listed all of its Internet properties to a single page (www.dst-global.com) with nothing but the name DST and an email address.

In 2010 DST made a series of investments in US social networking companies including Zynga, Groupon, and ICQ; however, Facebook remained its primary interest. After DST's initial $200M investment, it launched a tender offer of $100M for Facebook employees' stock. Then, in January 2011, it co-led a $500M round with Goldman Sachs to become one of Facebook's largest inst.i.tutional investors, owning approximately 10% of the company [22]. DST and its partners stand to profit greatly from Facebook's inevitable IPO, which is predicted to occur in 2012 or 2013 [17]. In the meantime, on November 5, 2010, DST changed its name to Mail.ru Group and raised almost US$1 billion in an IPO on the London Stock Exchange.[64] They spun off a new investment company called DST Global "to continue to focus on Internet investments."[65]

A few months later, the Russian government announced that Mail.ru Group's CEO Dmitry Gris.h.i.+n would serve as a member of the League of Internet Safety, newly formed under the auspices of the Ministry of Communications and led by its Minister Igor Shchyogolev. The league's primary purpose is to fight against child p.o.r.nography and, eventually, other "negative" content by recruiting thousands of volunteers to act as informal Internet police. The likelihood that such a system will be used to restrict freedom of expression-which is currently found on RuNET- has not gone unnoticed by Russian journalists and bloggers, who fear it will lead to the same kind of censors.h.i.+p that occurs in China.[66]

The Facebook Revolution

If the Tulip Revolution of 2005 caused Vladislav Surkov to take steps to make sure that the Orange Revolution would not come to Russia, imagine the impact that the social media-fueled revolutions in Egypt, Tunisia, and Lebanon are having on the Kremlin. Russian President Dmitry Medvedev succinctly expressed his view on that topic at a session of the National Counter-Terrorism Committee in Vladikavkaz, North Ossetia on February 22, 2011: "They prepared such a scenario for us previously. And now they will try to put it into practice. But, in any case, this scenario will not succeed."

President Medvedev did not specifically identify the "they" during the discussion; however, Russian press quickly tied the "they" to Russian unease over the West's role in the color revolutions in Georgia, Ukraine, and Kyrgyzstan in the 2000s. The Russian press-The Moscow Times being the most prominent-pointed to increased discussion on Russian regime change taking place on LiveJournal, Facebook, and Twitter. The Moscow Times noted that all three are believed to have served as mobilizing tools for protesters in North Africa, especially in Egypt.

Deputy Prime Minister Igor Sechin endorsed The Moscow Times' views by naming Google as a force behind the regime change in Egypt. Speaking to The Wall Street Journal, Minister Sechin said: "One should examine closer the events in Egypt, to look into what high-profile Google managers had been doing in Egypt, what kind of manipulations with the people's energy had taken place there."

The most expansive view, however, is that espoused by Militia Major-General Vladimir Ovchinsky (former Chief of the Russian Interpol Bureau, and current adviser to the Russian Federation Const.i.tutional Court Chairman) in a March 3, 2011 interview with Moscow Komsomolskaya Pravda Online. According to General Ovchinsky, the cyber aspects of recent events were orchestrated by the heads of major Western technology companies to support the Obama Administration's political objectives. General Ovchinsky insinuates that a "secret" White House luncheon with the heads of Facebook, Apple, Google, Twitter, Yahoo!, Netflix, and Oracle held after Mubarak's resignation celebrated recent American success. According to General Ovchinsky, the US President was expanding on Internet techniques developed during his 2008 campaign: "Barack is striking while the iron is hot and is hastening, with the a.s.sistance of modern technology, to extend his Tunisian-Egyptian victory to other countries of the region and further across the world."

In response, according to a March 2, 2011 St. Petersburg Times article,[67] the Federal Security Service (FSB) and Ministry of Internal Affairs (MVD) are proposing Criminal Code amendments making the owners of online social networks responsible for content posted on their sites. The article states that the amendments would force sites to record internal pa.s.sport data for each registration, facilitating identification of individuals using the site. The article points out that both the FSB and MVD maintain components that operate on the Internet (MVD Directorate K and FSB Information Security Center) to identify "extremist" elements. The article also points out that the recently pa.s.sed Police Law contains vague language authorizing police to order any organization to change or stop operations that contribute to criminal activity in any way.

Social networking services aren't constrained by national borders. Facebook has almost 600 million members, with a majority residing outside of the United States. DST already owns or controls most of Russia's social networks and, with its partners Tencent and Naspers, they dominate social media worldwide. This provides a unique platform for the Russian government to conduct influence operations, intelligence collection, and information warfare. This is due to the unique political environment that exists inside the Russian Federation, where relations.h.i.+ps are built upon usefulness and end when that usefulness ends (e.g., Pavlovsky's recent contract termination by Surkov). A timeline of DST's recent high-profile investments shows a corresponding government affiliation shortly before or after each one: May 26, 2009 DST invests US$200M in Facebook. Just days earlier it was announced that Yuri Milner was serving on the Presidential Commission; in November of the same year, Milner led a Ministry of Communications survey of illegal content on RuNET.

April 2010 DST buys ICQ from AOL and receives a US$300M investment from Tencent. In August 2010 Milner served on the Government Commission on High Technology, chaired by Putin.

November 2010 Mail.ru Group's IPO raises US$1B on the London Stock Exchange. In February 2011 Mail.ru Group CEO Gris.h.i.+n sits on the board of the new League of Internet Safety.

Today, Yuri Milner and DST Global are seeing unparalleled success in Silicon Valley. Every new startup that graduates from the technology incubator Y Combinator receives $150,000 from DST. Traditional VCs have had to revise their term sheets because of DST's generous deals. A new investment vehicle (DST-Global 2) has been set up for Western investors to take advantage of DST's successful business model. However, none of the investment prospecti or company biographies that this author has found contain any information about Milner's activities on behalf of the Russian government, nor his time at Neftyanoi or Menatep, nor how he managed to avoid being investigated when the other princ.i.p.als at both firms were found guilty. Investors and business partners of DST Global and DST Global 2 should be fully informed of the relations.h.i.+p among the company, its officers, and the Russian government, because the Kremlin is certainly interested in them.

[53] "WWW. It's Not Just a Virtual Country," The New Times Online, February 16, 2009, [54] "Kremlin tears up contract with Pavlovsky think tank," RIA Novosti, April 27, 2011, http://en.rian.ru/russia/20110427/163737335.html.

[55] Richard Sakwa, "Surkov: dark prince of the Kremlin," RIA Novosti, April 8, 2011, http://en.rian.ru/valdai_op/20110408/163429757.html.

[56] "Spin Doctor of All Russia. Vladislav Surkov-The Man with a Thousand Faces," RIA Novosti, March 7, 2011.

[57] Parmy Olson, "The Billionaire Who Friended the Web," Forbes.com, March 9, 2011, http://www.forbes.com/forbes/2011/0328/billionaires-11-profile-yuri-milner-billionaire-friended-web.html.

[58] "Personnel changes in the Manatees," Kommersant, February 11, 1997, 8.

[59] New Trinity Investments is probably the vehicle for Milner's first investment in NetBridge in 2000 since New Trinity Investment's listed phone number also tracks to NetBridge.

[60] "Kremlin Ideologist Surkov Reportedly To Meet Bloggers To Plan Internet Strategy," The New Times Online, February 16, 2009.

[61] Joseph Menn and Charles Clover, "Man in the news: Yuri Milner," FinancialTimes.com, May 29, 2009, http://www.ft.com/intl/cms/s/0/f81bb0be-4c7d-11de-a6c5-00144feabdc0.html#axzz1Z7AyOAEo.

[62] "Yuri Milner Will Clean Up The Internet," InFox.ru, September 12, 2009.

[63] Email from Daniel Tench to Lewis Dvorkin re: Jeffrey Carr's Forbes article, "Facebook Investor Leads New Russian Internet Police," February 11, 2011.

[64] John Bonar, "Russia's Mail.ru IPO a resounding success on London Exchange," BSR, November 8, 2010, http://www.bsr-russia.com/en/mergers-acquisitions-a-ipos/item/1109-russias-mailru-ipo-a-resounding-success-on-london-exchange.html.

[65] "Digital Sky Technologies ('DST') Changes Name to Mail.ru Group," Business Wire, September 16, 2010, http://www.reuters.com/article/2010/09/16/idUS43356+16-Sep-2010+BW20100916.

[66] Kevin O'Flynn, "Russia Launches Initiative To Police Internet," Radio Free Europe/Radio Liberty, February 8, 2011, http://www.rferl.org/content/russia_laimches_initiative_to_police_internet/2301671.html.

[67] "Kremlin's Plan to Prevent a Facebook Revolution," The St. Petersburg Times, March 2, 2011.

Globalization: How Huawei Bypa.s.sed US Monitoring by Partnering with Symantec

Although the Committee on Foreign Investment in the United States (CFIUS) blocked Huawei's effort to acquire 3Leaf,[68] and AT&T[69] was officially discouraged from purchasing equipment from Huawei by the National Security Agency, NSA, Huawei successfully formed a joint venture with Symantec in 2007 called Huawei Symantec Technologies Co. Ltd. (HS). Huawei is the majority partner at 51% owners.h.i.+p. HS headquarters are in Chengdu, China. According to the Huawei Symantec website (http://www.huaweisymantec.com): Huawei Symantec Technologies Co. Ltd. (Huawei Symantec) is a leading provider of network security and storage appliance solutions to enterprise customers worldwide. Our solutions are developed to keep pace with evolving risks and demanding availability requirements facing enterprises. As a joint venture, Huawei Symantec combines Huawei's expertise in telecom network infrastructure and Symantec's leaders.h.i.+p in security and storage software to provide world-cla.s.s solutions that address the ever-changing needs in network security and storage for enterprises.

A 2008 "Corporate Briefing"[70] describes the history, capabilities, and business goals of HS, one of which is to "build China's first laboratory of attack and defense for networks and applications" (slide 12). This essentially means that Symantec, a major US information security company, is a.s.sisting China's cyber security research in computer network attack and defense; research that has high potential for abuse by state and nonstate actors in the PRC.

In early 2010 HS formed two new joint ventures with US companies SYNNEX (http://www.synnex.com/) and Force10 Networks (http://www.force10networks.com/): SYNNEX (NYSE:SNX): "As part of this agreement, SYNNEX will distribute Huawei Symantec's storage and security products to its resellers throughout North America."[71]

Force10 Networks: "Huawei Symantec is pleased to establish this strategic partners.h.i.+p with Force10 Networks, and expects the relations.h.i.+p to further drive strong results for our existing North American customer base as well as tap into new business opportunities."[72]

Both SYNNEX and Force10 Networks currently sell to the US government. Force10 Networks' website says it sells its products to "...defense, intelligence and civilian agencies to advance the bandwidth needs and reliability demands of government IT infrastructure while ensuring the economics and performance of mission critical networks." Since Huawei's growth strategy includes financial support from Chinese banks, enabling Huawei to offer very low-cost bids on key contracts, and since many governments (including India and the United States) have legal provisions requiring them to go with the lowest bidder, these partners.h.i.+ps provide an apparently winning strategy. SYNNEX and Force10 Networks secure government sales thanks to Huawei Symantec's low manufacturing costs-and HS's name never appears on the contract.

In May 2011 Huawei Symantec secured its first high-performance storage cl.u.s.ter win: the University of Tennessee's National Center for Computational Engineering.[73] Huawei Symantec defeated US firms NetApp, EMC, and BlueArc, among others, for the UT sale via its channel partner, MPAK Technology out of San Diego. The national security implications of the sale are visible at the SimCenter's website (http://www.utc.edu/Research/SimCenter/): The SimCenter: National Center for Computational Engineering is a center for integrated research and education whose primary goals are to establish next-generation technologies in computational modeling, simulation and design, to educate a new breed of interdisciplinary computational engineer who can solve a broad range of real-world engineering problems, and to provide consequent leaders.h.i.+p and national impact in critical technology areas affecting defense, sustainable energy, environment, and health.

Huawei Symantec is aggressively looking for more channel partners in North America, which began with its first-ever channel summit in Cupertino, California in July 2011.[74] The joint venture has generated more than US$1B in revenue since it was founded in 2008, and it has operations in 42 countries (as of this writing.) Symantec CEO Enrique Salem is apparently happy with his investment of US$150M to launch the joint venture (Huawei put in zero cash) and is looking for options to increase his holdings, up to and including an IPO.[75]

Although there's nothing illegal about either company's actions, there is a clear threat to US security interests when one of the world's leading information security companies (Symantec) has joined forces with a Chinese corporation with strong government ties. The potential security threats are numerous, including, for example, malicious code pa.s.sed to Huawei hardware through updates or vendor support activities, or the coding of a backdoor in HS devices to intercept data at the source before it's encrypted.

[68] John Leyden, "Huawei drops 3Leaf buy," The Register, February 21, 2011, http://www.theregister.co.uk/2011/02/21/huawei_3leaf_deal_dropped/.

[69] George Leopold, "Report: NSA pressures AT&T on Huawei deal," EE Times, October 8, 2010, http://www.eetimes.com/electronics-news/4209450/Report--NSA-pressures-AT-T-on-Huawei-deal.

[70] Corporate Briefing of Huawei Symantec (2008), http://www.slideshare.net/sansernl/corporate-briefing-of-huawei-symantec-2008-presentation.

[71] http://www.huaweisymantec.com/en//About_Us/News_Media/Company_News/2010/201012/622402_2569_0.htm.

[72] http://www.huaweisymantec.com/en//About_Us/News_Media/Company_News/2010/201102/622946_2569_0.htm.

[73] Joseph F. Kovar, "Huawei Symantec Intros SSD Array, Shows Hi-End Storage Roadmap," CRN, July 19, 2011, http://www.crn.com/news/storage/231002111/huawei-symantec-intros-ssd-array-shows-hi-end-storage-roadmap.htm;jsessionid=CAsG5F-ZPtgy0wwMKckZ7Q**.ecappj03?pgno=1.

[74] Larry Walsh, "Huawei Symantec Seeks 'Wingmen,'" ChannelNomics, July 19, 2011, http://channelnomics.com/2011/07/19/huawei-symantec-seeks-%E2%80%98wingmen%E2%80%99/.

[75] Jim Finkle and Nadia Damouni, "Reuters Summit-Update 1-Symantec looking to buy," Reuters, May 17, 2011, http://www.reuters.com/article/2011/05/17/idUSN1718067920110517.

Chapter 15. The Russian Federation: Information Warfare Framework

Russia: The Information Security State

The Russian Federation's cyber posture was one of President Putin's highest priorities after taking office in December 1999. As a result, Russia probably has the most coherent state plan integrating private and government cyber sectors. The plan's uncla.s.sified aspects are elaborated in doc.u.ments available on Russian government websites. The plan's implementation is seen through Russian laws, presidential decrees, and government regulations, contracts, and actions. The plan, however, also has cla.s.sified annexes addressing perceived internal and external cyber threats, as well as the information operations (IO) capabilities needed to address those threats. Implementation can also be tracked, although with somewhat more difficulty.



Theme Customizer


Customize & Preview in Real Time

Menu Color Options

Layout Options

Navigation Color Options
Solid
Gradient

Solid

Gradient