Did the Russians influence some of the biggest decisions of a generation? The report has now been finally published.
It seemed to raise more questions than offer answers. So, just what is the threat posed by Russia, & how does it impact senior cyber-security people running business in the UK?
What did it actually say?
“Russia is a highly capable cyber actor with a proven capability to carry out operations which can deliver a range of impacts across any sector” – the report’s headline.
It outlined how the GRU (Russian Security Services) have been behind many phishing attempts against Government depts., including the Foreign & Commonwealth Office, & the Defence Science & Technology Laboratory during the early stages of the investigation into the Salisbury attacks.
The document, which was published by the House of Commons Intelligence & Security Committee, also confirmed the involvement of organised crime in official state activities, – an ‘open secret’ among academics & law enforcement agencies specialising in this.
“A quite considerable balance of intelligence now shows the links between serious & organised crime groups & Russian state activity.
“We’ve seen more evidence of serious & organised crime being connected at high levels of Russian state & Russian intelligence”, in what is said to be a “symbiotic relationship”.
The report concludes that Russia’s cyber capability, when combined with its willingness to deploy it in a malicious capacity, is a “matter of grave concern”, & poses an immediate & urgent threat to our national security.
It argues the security threat posed appears “fundamentally nihilistic” the belief that – all knowledge & all life is meaningless.
This really means there is no grand Russian plan to bring down the UK government, rather than through disinformation & misdirection they are content to muddy things, & introducing disharmony rather than organising anything else.
- Use of state-owned traditional media
- ‘Bots’ & ‘trolls’: open source studies have identified significant activity on social media
- ‘Hack & leak’: the US has publicly said that Russia conducted ‘hack & leak’ operations regarding its presidential election in 2016, & it has been widely alleged that Russia was responsible for a similar attack on the French presidential election in 2017
- ‘Real life’ political interference: it has been widely reported that Kremlin-linked entities have made ‘soft loans’ to the then Front National in France, at least in part as a reward for the party having supported Russia’s annexation of Crimea & the GRU sponsored a failed coup in Montenegro in October 2016
An important point in the report, & one of the most amazing given its impact on the UK’s economic & social state, is the failure to investigate the extent of any Russia influence on the Brexit referendum.
Instead the report concluded “the impact of any such attempt would be difficult, if not impossible to assess,” & so they did not attempt to.
As is usual with reports that deal with sensitive capabilities, there is a delicate game of ‘international poker’ being played, the UK government is fully aware that the Russian GRU will examine whatever it publishes in this non-redacted version of the report, & as such specific security-cleared individuals have seen a further classified annex.
If all information on the matter was placed in the public domain then this would give Russia the strategic advantage because they know everything that we know about them. Conversely, if too little is released it risks accusations of both incompetence & opaqueness.
Loss of Control
That no attempt to categorise Brexit interference was made suggests the acceptance of a loss of control within the cyber world, a bad trend because it is the source of so much of our information, & one short of advising utmost caution when researching internet sources for corporate purposes, that there is very little that can be done.
Here is a country with the means & motive to spread disinformation & a proven track record in doing so, alongside an admission from the government it isn’t monitoring the extent of this manipulation.
From the viewpoint of a CISO, this is a challenge that is unlikely to disappear, & it thus needs extra vigilance & mitigation.
The risk extends beyond govt. to business because all staff are liable to manipulation & exploitation. So, education is essential: 3 things are advised:
1) explain to employees the risk on social media & on other platforms;
2) encourage staff to corroborate information gained from social media through a separate source;
3) thoroughly check the background of any account you use for corroboration or information – giveaways are often number of followers & language inconsistencies.