According to the annual report "International security and Estonia"of 2021, Russia continues to be the main threat to Western democracies, including in cyberspace.
The report of theEstonian Foreign Intelligence Service it has now reached its sixth edition and can be considered, in my opinion, an excellent document both in terms of information content and of influence.
Without ever forgetting that each state, in publishing intelligence information, mainly pursues its own aims (not always declared), let's try to see together what information we are given on Russian influence operations in cyberspace.
In the first place, it seems that Russia has been carrying out and carrying out influenza operations for years, in particular using as a vector of infection emails prepared with the aim of infecting the devices of selected people, a technique known as spear phishing. We often think of the spear phishing as a technique that targets the top management of companies, and in part it is so, but there are other categories, less vulnerable because they are more experienced, but often more profitable, for example network and system administrators. Being able to deceive the latter allows you to obtain useful technical information to compromise the entire corporate network.
Also according to the report, a technique used by the Russian services is to compromise the sites frequently used by the targeted targets through spyware. This type of attack is called watering hole.
What has been said so far does not have to do directly with "influence operation" but more generally with the collection of information useful for subsequent operations.
Influence operations, however, are becoming increasingly important, thanks to the adaptation of classic techniques, including the so-called "active measures" conducted (in the past) by the KGB and today transformed into "hack-and-leak operations". These are operations of influence that consist of stealing sensitive information through hacking operations and redistributing it and making it public at certain times to create problems aimed at affecting people or governments. One such operation occurred in 2019 when documents regarding the possible privatization of the UK national health system and discussions on the matter with the US were stolen and distributed on social media to create discontent and influence the electorate.
In the document it is not explicitly written that this operation was carried out by Russia, but merely reporting it as an example closely links it to the context (in this case, therefore, we could speak of an operation of influence within the report).
Another sector in which, according to the report, Russia would act is that of Fake News and in particular of Deep fake. The use of increasingly advanced digital technologies makes it possible to tamper with or produce videos, audios or messages that are in all likelihood and it is practically impossible to verify the truthfulness beyond any reasonable doubt. Furthermore, it must be borne in mind that often the operations of influence do not rely on the capacity of rational judgment of people but rather, they touch their irrational sensitivity, causing reactions that are not always controllable.
Ultimately, Russian influence operations in the world will continue thanks to the exploitation of technological capabilities and the cyber domain, also because they are inexpensive and very effective.
The report International security and Estonia 2021 of course it does not stop there and reports a lot of interesting information about Russia, China and the perception that Estonia has of the risks that surround it or, perhaps, on the perception of the risks that Estonia wants to show the world that it has.
Of course, everything must be contextualized. I remember that Estonia is one of the countries where the level of digitization is highest, thanks also to investments by NATO and the European community. This means, consequently, that it is also more prone to the consequent cyber risks ...
Have a good study!
To learn more: Estonian Foreign Intelligence Service (valisluureamet.ee)
