Patrick Walsh
Originally published at blog.ironcorelabs.com.

Why Russia is Provoking the West

Russia has been in the news a lot lately. The U.S. Government officially accused the Kremlin of hacking the Democratic National Committee (DNC) and other political officials. They are widely believed to be behind a series of hacks that include the DNC, the Clinton campaign, Colin Powell, Washington think tanks, voter registration databases in up to 20 states, data dumps with planted files and now the fake claims of hacking the Clinton Foundation. Also, they are suspected for the hack of the World Anti-Doping Agency (WADA) that exposed the medical records of some Western Olympic athletes.

There is a genuine reason for concern about a foreign government manipulating U.S. election results. The security of America’s voting system is weak; security experts have been warning about the problems for over a decade.

That said, the Russian efforts so far have been juvenile in their approach and sophistication. The net result has been an increase in fear and uncertainty regarding election results and a general taunting of the U.S., but there is no evidence yet of any manipulations beyond the leak of damaging documents.

Hacking attempts so far are more about taunting the U.S. than serious cyber warfare.

Hacking attempts so far are more about taunting the U.S. than serious cyber warfare.

The hacks themselves have been elementary. The Russians have done a poor job of covering their tracks; they’re practically boasting about it. The DNC and Clinton hacks used spear phishing where targeted emails were used to get employees to install malicious software on their systems. Phishing is a con-game that gives attackers a foothold inside the firewall and a starting point for launching attacks on internal systems. These are serious attacks, but the method is mundane.

The FBI says the hackers who attacked numerous state voter registration databases used off the shelf and widely available SQL injection tools. These attacks should set off every intrusion detection system ever created and should fail against web applications that have undergone basic security testing and hardening. Unfortunately, the attacks were successful for at least some of these state databases. Meanwhile, only around half of states have accepted free help from DHS in securing their systems.

The Russian efforts so far have been juvenile in their approach and sophistication.

So the Russians appear to be using their least sophisticated tools and people on these attacks, and they’re open and blatant about their actions. What does that tell us about their end game? Why risk provoking a cyber response from the U.S.? To answer this, we need to first step back and look at the bigger picture.

Recent Events in U.S.-Russian Relations

The hacks on our election are a small sideshow compared to the bigger events over the past 14 years, which include three proxy wars, various broken treaties by both sides, and a major Russian financial crisis that continues to this day.

Post-9/11 Missile Defense Shield Moves and Response

  • 2001, December — U.S. withdraws from the 1972 Anti-Ballistic Missile Treaty and pushes forward with a Europe-based missile defense shield, against strenuous Russian objections.
  • 2007, March — U.S. announces plans for anti-ballistic missile defense installation in Poland with radar in the Czech Republic. The U.S. says this is to protect against missiles from Iran and North Korea, but the placement in Eastern Bloc countries incenses Russia. In response, Russia builds and tests new ICBMs and threatens to target Poland and the Czech Republic with them.
  • 2007, October — Putin visits Iran and promises to aid them with their nuclear power program. Shortly after, Putin compares the U.S. missile defense plans as akin to Russia putting missiles in Cuba.

Georgia sits at the Southern border of Russia and parts of its Western border along the Black Sea. Turkey is on its Southern border. Georgia sits at the Southern border of Russia and parts of its Western border along the Black Sea. Turkey is on its Southern border.

The Georgian Invasion

  • 2008, August — Russia invades Georgia via land, sea, and air, to “enforce peace” between Georgia and regional separatists inside Georgia with ties to Russia. Georgia asks for help from the U.S. who respond with both military and humanitarian aid. The military aid comes in the form of transporting Georgian soldiers from Iraq to the war zone.
  • 2008, AugustRussian hackers attack Georgia’s Internet infrastructure and government websites. This is believed to be the first conventional war in history where cyber warfare is involved. There is also an active information war waged by Russia.
  • 2008, September — A cease-fire is negotiated and Russian forces withdraw. Mostly.
  • 2008 — Putin’s approval ratings skyrocket to 88% following the war.
  • 2011, November — The Georgian areas of Abkhazia and South Ossetia still have Russian troops. Georgia considers these areas to be Russian-occupied territories, and the EU Parliament passes a resolution agreeing with that status.

Crimea is part of Ukraine, formerly part of the Soviet Union, it is in the South East sticks into the Black Sea. Ukraine borders Russia, Romania, and Poland. Crimea is part of Ukraine, formerly part of the Soviet Union, it is in the South East sticks into the Black Sea. Ukraine borders Russia, Romania, and Poland.

The Invasion of Ukraine

  • 2012, January — Putin’s approval rating is at 65%.
  • 2013, Autumn — Ukraine negotiates a free-trade agreement with the EU. Russia threatens Ukraine with financial catastrophe and the collapse of the state if they sign it. A Putin adviser, Sergey Glazyev, says, “Ukrainian authorities make a huge mistake if they think that the Russian reaction will become neutral in a few years from now.” He continues to say that if the trade agreement is signed, Russia will void the treaty defining the countries’ borders.
  • 2013, November — The pro-Russian Ukrainian president, Viktor Yanukovych, declines to sign the agreement.
  • 2014, February — President Yanukovych is ousted by protesters who take control of Kiev. He flees to Russia, and then Parliament votes him out of power. At this point, the Western half of the country wants stronger ties with Europe, and the Eastern half wants to retain and enhance ties with Russia.
  • 2014, February — Days after the ouster, armed men in Eastern Ukraine take control of the Crimean Peninsula. What are later confirmed to be Russian soldiers and weapons flow over the border in support of the local separatist groups.
  • 2014, March — These Russian and pro-Russian soldiers take over the Crimean parliament and force parliament to draft a referendum on secession. The referendum ostensibly passes (with no oversight), and Russia declares Crimea to be part of Russia, a status disputed by the International community and Ukraine.
  • 2014, March — The U.S. pledges $1 billion in aid to Ukraine.
  • 2014, November — NATO says that Russia deployed nuclear-capable weapons to Crimea.
  • 2014, March through present — Three successive rounds of international economic sanctions against Russia, specific Russian individuals, officials and businesses are enacted and are subsequently renewed and extended. These measures lead to a collapse of the ruble and a financial crisis in Russia. Russia responds in kind with sanctions against participating countries.
  • 2014, Autumn— Putin’s approval rating hits an all time high of 89%.

Western economic sanctions against Russia starting in 2014 have had an effect. Sources: [TradingEconomics.com](http://www.tradingeconomics.com/russia/gdp-growth-annual) and [XE.com](http://www.xe.com/currencycharts/?from=USD&to=RUB&view=5Y) Western economic sanctions against Russia starting in 2014 have had an effect. Sources: TradingEconomics.com and XE.com

Russian Military Hijinks

Russian SU-24 Jet buzzing the USS Donald Cook in April, 2016. U.S. Navy photo [released](http://www.navy.mil/list_all.asp?id=94170).

Russian SU-24 Jet buzzing the USS Donald Cook in April, 2016. U.S. Navy photo released.

  • 2012 — Russian fighter jets buzz Alaska.
  • 2012 — A Russian submarine patrols inside the Gulf of Mexico undetected.
  • 2013 — Russian fighter jets circle the US territory of Guam.
  • 2014 — Malaysia Airlines Flight 17 is shot down over Eastern Ukraine by Russian anti-aircraft weaponry.
  • 2016 — Russian fighter jets do a barrel roll within 25 feet of a U.S. Air Force reconnaissance plane over the Baltic Sea;
  • 2016, April — Russian jets buzz a U.S. Navy destroyer, and later a Russian attack helicopter does the same.
  • 2016, September — Russian Blackjack bombers buzz Norway, Ireland, France and Spain.

These events serve no real purpose and seem to be the military equivalent of schoolyard taunts.

Syria neighbors Turkey and Iraq and has a stretch of its border along the Mediterranean Sea. Syria neighbors Turkey and Iraq and has a stretch of its border along the Mediterranean Sea.

The Syrian Civil War

  • 2003 — The Syrian government opposes the invasion of Iraq. The Bush administration retaliates by financing political dissidents and using other tactics to unseat President Assad.
  • 2011, March — Protests begin in Damascus, an offshoot of the Arab Spring happening across the region featuring demands for democratic reforms.
  • 2011, April — Protests spread across the country. The Syrian Army starts a crackdown on protesters, killing over 1,000 civilians.
  • 2011, July—The armed Syrian uprising starts.
  • 2011, October — Both China and Russia veto proposed U.N. sanctions against Assad’s government for its indiscriminate killing of civilians.
  • 2015, June — Congress cuts 20% off the nearly $1 billion per year in funding of a CIA program to help Syrian rebel groups that has been in place since 2012.
  • 2015, September — Russia sends its air force to Syria to bomb both ISIL and anti-Assad forces. The U.S. responds by increasing the level of weaponry being sent to rebels, resulting in a full-scale proxy-war with Russia.
  • 2016, August — China enters the fray on the side of Assad, pledging “aid and military training” to Syria’s president.
  • 2016, September— Russia and the U.S. negotiate a cease-fire intended to reduce violence and to help the out-of-control humanitarian problem.
  • 2016, September — Russia allegedly bombs an aid convoy, and the cease-fire falters.
  • 2016, October — Russian and Syrian aircraft step up bombing in Aleppo, deploying bunker-buster bombs, cluster bombs, thermobaric bombs and more against civilian targets. The U.S. announces a suspension of peace talks and diplomatic relations with Russia on Syrian issues.
  • 2016, October— In retaliation, Russia ends a uranium research pact and suspends a treaty on “cleaning up weapons-grade plutonium.” Russia also deploys missile and air defense systems in Syria and threatens to use them against the U.S. if the U.S. should get more directly involved.

Every major world power is now involved in the civil war in Syria. Each one’s involvement has less to do with Syria itself and more to do with global power dynamics. Unfortunately, the people in the war zones are in the crossfire and the unconscionable bombing of women and children continues unabated.

These episodes seem to be the military equivalent of schoolyard taunts.

Diplomats Harassed

U.S. diplomats in Russia are reportedly being harassed and possibly drugged by Russian agents. A state Department spokesman said, “the harassment and surveillance of our diplomatic personnel in Moscow by security personnel and traffic police has increased significantly.” Meanwhile, a Russian official says there’s been a “clear increase” in U.S. attempts to recruit Russian diplomats posted abroad.

Whatcha gonna do about it?

“Whatcha gonna do about it?”

A New Cold War?

Headline after headline poses the question of a new cold war, but to those paying attention, there’s nothing cold about today’s relations between Russia and The West. We’ve had three proxy wars in the last ten years in Georgia, Ukraine and Syria, and there’s been a struggle for influence in countries that border Russia from the Eastern Bloc to the Middle East. International economic sanctions lead by the U.S. have dealt major blows to Russia’s economy.

There is a very real struggle happening between the U.S. and Russia today. Yet the cyber front of this struggle has been almost comical.

Motives for Russian Cyber Attacks

Director of National Intelligence James Clapper thinks the Kremlin is retaliating for perceived U.S. interference in elections in Russia. That is certainly plausible. The attack on WADA was clearly in retaliation for the Olympic Russian doping scandal.

But apart from simple taunting, what does Russia hope to achieve by poking at U.S. election systems and by leaking documents intended to damage one party?

The cyber attacks so far have been indirect and exploratory, more like fighter jets buzzing U.S. warships than the launching of weapons. The result so far has been to make a point about the general insecurity of U.S. systems and to embarrass U.S. officials from politicians to those in charge of security.

Russia’s moves are those of a country lashing out as it is boxed into a corner. Its economic power is eroding and that has a direct impact on its ability to fund its military and fight wars. In March, Russia announced it was pulling out of Syria. At the same time, it faced military budget cuts. Putin reversed course in April and kept troops in Syria in reduced numbers. But the underlying point was clear: Russia’s presence in Syria comes at a cost.

Meanwhile, Russia’s sphere of influence is shrinking. Western countries continue to build economic and military ties with various Middle Eastern and Eastern Bloc countries that were traditionally loyal to Russia.

What we’ve seen so far are just shots across the bow. In all likelihood, that’s all they will be: one country posturing to show it remains a force in the world.

But these pranks could easily escalate to more serious attacks if provoked. And almost everything seems like provocation to Russia. The U.S. is highly likely to retaliate with cyber attacks of their own, likely covert, but also likely to sting. Will that cause an escalation? Would that mean more sophisticated and impactful cyber attacks on the U.S.? Or would it mean a further military escalation in Syria? Time will tell, but the present course is one of increasing conflict.

Photo credits:

Stock photos via 123rf.com: boxing gloves by Jens Tandler, voting finger by anwarsikumbang, stuck out tongue by Nagy-Bagoly Ilona.

Maps via wikicommons: Georgia orthographic projection by Chipmunkdavis, Syria orthographic projection by L’Americain, Crimea orthographic projection by The Emirr and Spesh 531.

Photo modifications by IronCore Labs.

More great reads