Searching for Russian Cyber Doctrine
How an off-hand comment by Russian defense analysts about the Western views of cyber conflict was interpreted, 17 years later, as Russia's own doctrine. And what to do about it.
UPDATE (February 27): Tom Uren and The Grugq discussed this post, Russian cyber doctrine or the lack thereof in the new episode of the podcast, give it a listen.
The last two episodes of Between Two Nerds discuss Russian cyber doctrine. Each of them starts with Tom Uren reading out the same passage from this doctrine (discovered by The Grugq):
[The] main objectives will be to disorganize (disrupt) the functioning of key enemy military, industrial and administrative facilities and systems, as well as to bring information-psychological pressure to bear on the adversary’s military-political leadership, troops and population, something to be achieved primarily through the use of state-of-the-art information technologies and assets.
In both episodes the quote is used as a starting point for looking at authoritarian states’ fascination with cyber and information supremacy and for examining how Russia applied this doctrine during the war in Ukraine.
The discussions that ensue are interesting and worth listening to — with one caveat. The said quote has nothing to do with Russian cyber doctrine. In fact, there is no publicly available Russian cyber doctrine in the first place.
So what is it then?
The quote is apparently borrowed from Offensive Cyber Operations: Understanding Intangible Warfare (2021) by Daniel Moore. It is presented in Chapter 1 when discussing the cyber capabilities as part of military goals. On the one hand, Moore accurately states that “[a]lthough there is no single cohesive Russian doctrinal document cementing the definition of network warfare, abundant official and unofficial Russian texts separately refer to information as crucial to modern battlefield dominance.” He cites “several Russian military theorists” to illustrate this point.
On the other hand, as will be shown below, Moore omits some important details.
He attributes the quote to a 2009 article in Military Thought, a scientific journal of the Russian Ministry of Defense. Yet, he does not refer directly to this article but rather to a 2010 Swedish Defence Research Agency report on Emerging Cyber Threats and Russian Views on Information Warfare and Information Operations by Roland Heickerö.
Heickerö presents the same quote as “[o]ne proposed definition for information warfare offered by military theorists attached to the General Staff of the [Russian] Armed Forces.” He correctly references the article titled Russian Federation Military Policy in the Area of International Information Security: Regional aspect that was published by a group of authors (Dylevskiy, I.N., Komov, S.A., Rodionov, S.N., Fedorov, A.V.) in 2007, but mistakenly calls the journal Moscow Military Thought (the error that was corrected by Moore).
Still, Heickerö apparently also did not see the original article but rather cited the reference made by Jeffrey Carr on his long-defunct blog IntelFusion in 2009.
Let’s finally look at the actual source of the quote. The article was published in the February 2007 issue of Military Thought (available here). The sentence that was cited by Carr, then Heickerö, then Moore, than Uren appears in middle of the very first paragraph.
While the translation of the quote was accurate it is important to look at what was omitted, i.e. the context: the sentences before and after. Here is the translation of the whole paragraph:
According to NATO experts, in 2007—2010 the most developed countries of the world will be able to wage full-scale wars in the information sphere. Their main tasks will be to disorganize (disrupt) the functioning of key adversary’s military, industrial and administrative facilities and systems, as well as information and psychological influence on its military and political leadership, troops and population, primarily with the use of modern information technologies and means. The United States has already created an extensive system to develop and conduct information operations (Information operations [written in English]) of information-psychological and information-technical nature.
Thus, the authors described what they believed was the Western views of information and cyber conflict. The footnote in the end of the paragraph made a reference to 3 U.S. Department of Defense documents.
Moreover, rather than being a presentation of Russian cyber doctrine, the rest of the article was dedicated (as suggested by the title) to international information security, which in Russian official parlance means diplomatic efforts associated with information security, first and foremost at the United Nations.
The authors are indeed prominent defense and security analysts who have, over the past two decades, published extensively on cyber issues in the military context. But they are far from being only ones in this field, and in fact their focus tended to be not on Russian doctrine but rather on diplomatic and international law aspects of cyber conflict. Igor Dylevsky, the primary author, was the head of the military component of the Russian expert group in the 2004-2005 UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security.
To sum up:
The quote is accurate but stripped of important context; it is a representation of what Russian analysts thought was the Western view of cyber conflict;
It is not an excerpt from Russian cyber doctrine.
But anyways, could the authors’ views reflect Russian thinking on cyber conflict, if not Russian cyber doctrine? Maybe, but this is not the point. What is important is that this quote ended up in Between Two Nerds not because it was the most concise or the most representative summary of Russian thinking but, arguably, by chance. It was picked up by one Western expert and traveled, with some variations, through other works. There are dozens if not hundreds of other articles by Russian defense analysts, some of which might be more relevant but never enjoyed the same fame. In fact, the article in question is only the continuation of the other one published by the same group of authors in Military Thought a year before and titled Russian Federation Military Policy in the Area of International Information Security (without the emphasis on the regional aspect).
This is of course a reminder to interrogate our sources and not to simply pick the plausible quotes. But this recap also serves as a good illustration of how Russian and Western national security communities are engaged in a never-ending, indirect, and distorted conversation. It is totally possible that unnamed NATO experts the Russian authors referred to in their 2007 article were informed by, inter alia, by earlier Russian writing about information security and warfare. Similarly, it is not unlikely that someone in the United States would interpret the mention of alleged cyber doctrine on Between Two Nerds as genuine and that the quote would travel further in some unknown way.
But about Russian cyber doctrine? Well, we should acknowledge that Russia’s policy in this domain is quite opaque and Russia, like many other states, does not have a public version of cyber doctrine.
But it has military doctrine. In fact, in his book, Daniel Moore does not stop at the quote from Russian defense experts and examines the 2014 version of the military doctrine that makes references to information tools, information space, information technologies, and means of information confrontation throughout the text.
Earlier versions of the military doctrine, albeit outdated, are worth examining, too. Mentions of information confrontation go back at least to the 2000 version, while the 2010 version includes a passage somewhat similar to the quote from defense experts (even though it was probably also describing military conflicts launched by someone else). The list of features of modern military conflicts (paragraph 13) contains the following:
proactive conduct of information confrontation measures for achieving political aims without the use of military force, and subsequently for the sake of shaping favorable reaction of the international community to the use of military force.
Another significant document is a 2011 Ministry of Defense concept paper on the activities of Russian Armed Forces in the information space (in Russian and in English). It is a less formal document compared to the military doctrine but is entirely dedicated to the information domain.
Obviously, there is much more to the Russian views on cyber conflict then just these official documents, so one should not be limited by them. But when citing experts, even with official affiliations, it is important that we do not pick quotes only because they are easily available and do not attach to them greater significance.