Russia

Four Foreign Forces: A CTI Analysis of APTs Targeting the U.S.

Abstract:

This paper analyzes the cyber threat landscape posed by advanced persistent threats (APTs) attributed to China, Iran, North Korea, and Russia. It focuses on active groups and their cyber activities targeting the United States. Utilizing cyber threat intelligence data from authoritative sources such as Cybersecurity and Infrastructure Security Agency (CISA), Office of the Director of National Intelligence (ODNI), Mandiant, and MITRE, this study identifies twelve key APT groups attributed to the four adversarial nations and creates a quick profile for each nation and group. It explores the common techniques and sub-techniques employed by each nation and then across all four nations. Examination of these nations, groups, and techniques then informs a list of six actionable mitigations that will enhance cybersecurity defenses targeting these adversarial groups in an efficient manner: User Training, Restrict Web-Based Content, Privileged Account Management, Network Intrusion Prevention, Execution Prevention, and Antivirus/Antimalware.

Terminal Veracity: How Russian Propaganda Uses Telegram to Manufacture ‘Objectivity’ on the Battlefield

Abstract:

This article investigates over 130,000 Telegram messages, 15,000 Telegram forwards, and 750 news articles from Russian-affiliated media to assess the information supply chain between Russian media and Telegram channels covering the war in Ukraine. Using machine-learning techniques, this research provides a framework for conducting argument and network analysis for disambiguating narratives, channels, and users, and mapping dissemination pathways of influence operations. The findings indicate that a central feature of Russian war reporting is actually the prevalence of neutral, non-argumentative language. Moreover, dissemination patterns between media sites and Telegram channels reveal a well-cited information laundering network with a distinct supply chain of covert, semi-covert, and overt channel types active at seed, copy, and amplification levels of operation.

Foreign Influence in the 2022 U.S. Midterm Elections—A Case Study in Foreign Interference and Election Meddling

Abstract:

This article investigates how both Russia and the People’s Republic of China (PRC) seek to influence the shape of electoral debates in a target country. While previous research has examined presidential election years, this research captures efforts to shape American attitudes when the chief foreign policy maker is not under consideration. It examines evidence of coordination between foreign influencers using data from the 2022 U.S. midterm elections on Twitter using computational methods to support two theoretical conclusions. First, it finds some evidence of either coordination or convergence between Russian and PRC influence objectives. Second, it relates these influence efforts to distinct pressure points in political systems.

The Geopolitics of Disinformation in a Continued Cold War: A Study of Russia’s Cyber Information Operations Strategy (2022-2023)

Abstract:

This study seeks to explore patterns in Russia’s disinformation operations strategy during the war in Ukraine and discuss them in the context of its geopolitical interests across the world. The data for this research spans from the beginning of the invasion in February 2022 to July 2023 and is collected from the EUvsDisinfo database in the form of articles where disinformation was discovered (N=1906).

‘No-one Likes a Cry-Baby’: The Effectiveness of Victimization Narratives in External Information Operations

Abstract:

This study investigates the extent to which victimization narratives in state information campaigns are an effective way to influence targeted external audiences. It focuses on two prolific users of information operations in opposition to the West, namely Russia and the People’s Republic of China. In order to test whether the use of a victimization narrative increases the effectiveness of messaging in disinformation campaigns, the authors conducted dual experimental simulations on two samples of proxy target audiences. The experiment did not reveal any clear advantages in the use of a victimization narrative; rather there were indications (some of them statistically significant), that a victimization narrative could backfire.

A No Limits Partnership on Propaganda?

Abstract:

The Russian Federation and the People’s Republic of China signed a formal agreement to cooperate on the creation and dissemination of a jointly constructed propaganda narrative for a global audience. There is some anecdotal evidence and some very basic research to suggest this cooperation might be happening. However, this study aims to use scientific research methods from the Agenda Setting Theory to prove or disprove this alleged propaganda cooperation. The author assessed a N = 600 sample of articles from English language versions of Russian Sputnik and the Chinese Global Times and People’s Daily. The evidence indicates a low level of propaganda cooperation. Russia and China appear to be pursuing their own strategic goals with propaganda. This finding has important implications for information warriors’ and strategic communication professionals’ task and counterpropaganda.

Destabilizing a Regime to Support a Military Campaign, and Vice Versa

Abstract:

This essay aims to identify vulnerabilities and exploitation means necessary to use destabilization to support a military, and ultimately political, objective in a potential conflict between China and the governments supporting a liberal rules-based order. Japanese efforts during the Russo-Japanese War of 1904-1905 showed destabilizing a regime as a credible way to support military objectives during a conflict and provided some key insights by which destabilization efforts function. Based on the historical case and contemporary analysis of China, this essay makes recommendations to decision makers in a conflict on how to best execute and support destabilization efforts.

Cyber Warfare and War in Ukraine

Abstract:

Today cyberspace is a one military domain. The new cyber capacities of armed forces create new possibilities to achieve the goals of war. These new and advanced cyber capabilities are a part of the new non-kinetic environment where cyber operations are used in combination with information warfare (IW) and electronic warfare (EW). These non-kinetic operations are used with lethal weapons systems to produce an operational advantage. This article is a preliminary review of cyber operations in the Ukraine conflict. The article reviews the balance between defense and offense in cyberspace, the utility of offensive cyber operations, and the requirements for effective cyber defence.

The Impact of Russian Cyber Attackers within the Ukraine Situation

Abstract:

On 24 February 2022, Russia invaded Ukraine. The Russo-Ukrainian War is the largest war in Europe since World War II. The aim of the paper is to look at how politically motivated hacking by Russia has been used as part of the Ukraine situation with a focus on the different attack types since the Russian invasion of Ukraine in 2022. The paper will focus on the different groups acting on behalf of Russia, their actions, and techniques. The paper will discuss what their actions mean for the future of cyber conflicts.

Using Junk News to Build an Agenda for Violence: Russian Propaganda Targeting American Right-Wing Extremists

Abstract:

This article examines a known Russian propaganda website, News Room for American and European Based Citizens (NAEBC), run by the Internet Research Agency (IRA), that delivers propaganda through junk news. Using agenda-building theory, it seeks to determine if it can uncover the propagandists’ goals and motivations in order to examine its implications for information warfare. It finds that the IRA is using its extensive resources to agitate right-wing political extremists into violence. This calls into question whether the provocation of a civil war within the United States is a strategic information warfare goal of the Russian government. 

Employing Junk News to Drive a Propaganda Narrative

Abstract:

This study examines the testable question of whether junk news in the service of propaganda can form coherent narrative structure that can be analyzed and countered. The analysis was conducted using a known junk news site, USA Really, which is sponsored by the Russian Government, and which targets American citizens. Leveraging the Narrative Paradigm theory and ethnographic content analysis are the methods of research; an analysis of (N =150) were qualitatively analyzed. An unexpected finding that USA Really was constructing a conspiracy narrative targeting far right-wing extremists emerged. The study also identified a new type of narrative, not accounted for in narrative paradigm theory, that was meant to cause dissension rather than to serve as a guide for proper conduct.

Military Deception and Strategic Culture: The Soviet Union and Russian Federation

Abstract:

Strategic culture shapes political-military organizational activity through a process of socialization, yet little is known about strategic culture’s impact on information operations. This paper explores the influence of Russian-Soviet strategic culture on military deception operations during World War II, the Soviet Afghan War, and the conflict in Ukraine. It finds that the hierarchical characteristic of Russian-Soviet strategic culture contributes to the centralization of deception operations. This work shows that, in the context of foreign policy toward Russia, not only does one need to consider technological innovations for traditional military use, but also advances below the threshold of declared war.

Propaganda or Not: Examining the Claims of Extensive Russian Information Operations within the United States

Abstract:

This paper scientifically examines the claims of an extensive Russian propaganda targeting the population of the United States made by an organization called Prop or Not. Using the Agenda Setting Theory, it examined the intermedia agenda setting effects between the Russian State Media outlet Sputnik and four weblogs listed by Prop or Not. The results of the study found a strong positive correlation between Sputnik and Zero Hedge, New Cold War, Global Research, and the Daily Sheeple in terms of very favorable coverage of Russia and its allies. A positive but weaker correlation was found between these media sources and their coverage of the United States and its allies.

Testing the Importance of Information Control: How Does Russia React When Pressured in the Information Environment?

Abstract:

Applying big data and sentiment analysis to TASS reporting and 15 years of Russian Foreign Ministry documents, this paper tests the importance Moscow places on information control. By comparing the Russian government’s responses to four categories of foreign policy tools— diplomatic, information, military, and economic (the DIME construct)—this research finds that Russia reacts far more negatively to information tools than to military, diplomatic, or economic tools. 

Projected Territoriality: A Case Study of the Infrastructure of Russian Digital Borders

Abstract:

This  article  attempts  to  demonstrate  how  territoriality  can  be  projected  into cyberspace with respect to the infrastructure of a country. It is a case study of the delineation, protection, and control processes of Russia’s so-called digital borders. By combining analysis of border studies, information technology studies, and Russian studies, this article provides an interdisciplinary overview of the infrastructure of the Russian segment of the Internet and examines the principles and practises behind the Russian implementation of the concept of a national  segment  of  the Internet as an infrastructural element of delineating digital borders and achieving a functional digital sovereignty.

Should ‘RuNet 2020’ Be Taken Seriously? Contradictory Views about Cyber Security Between Russia and the West

Abstract:

Russia aims to create an independent state information system that ensures the network’s overall stability by controlling the Internet routing architecture inside Russia. A tightly regulated and secure ‘information space’ will not only ensure stronger defence against external attacks, but also increase offensive capabilities.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com