Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

2018: Active Measures and Hybrid Warfare Possibilities

with 2 comments

With 2018 just hours away I thought I would add to the cacophony of posts on what you might see in the year to come, but in my case this is the black swan edition of NATSEC for the new year. There will be in my opinion no way that the Russian’s up the ante on active measures and hybrid warfare on the United States in the next year especially since there will be elections for Congress. Elections that will likely lessen Russia’s grip on the country if the Democrats can actually be a majority and control the possible investigations that are ongoing today.

Of course even if there weren’t an election coming the Russians and possibly others would still continue to stoke the active measure fires because it serves their ultimate purpose of making the US inert politically on the world stage. The whole point of these actions is to divide us and to lessen our ability to counter Russia in their global machinations. Overall, it is likely to be a wild ride next year and this primer may help you comprehend what might actually be happening.

Definitions

Active Measures Definition: (Russian: активные мероприятия) is a Soviet term for the actions of political warfare conducted by the Soviet and Russian security services (Cheka, OGPU, NKVD, KGB, FSB) to influence the course of world events, in addition to collecting intelligence and producing “politically correct” assessment of it.

Information Warfare Definition: Information warfare (IW) is a concept involving the battlespace use and management of information and communication technology in pursuit of a competitive advantage over an opponent.

Propaganda: Information, especially of a biased or misleading nature, used to promote or publicize a particular political cause or point of view.

Kompromat: kompromat. Literal meaning. compromising materials. In Russian politics, Kompromat, literally “compromising material”, is damaging information about a politician or other public figure used to create negative publicity, for blackmail, or for ensuring loyalty.

Hybrid Warfare Definition: Hybrid warfare is a military strategy that blends conventional warfare, irregular warfare and cyberwarfare. … There are a variety of terms used to refer to the hybrid war concept: hybrid war, hybrid warfare, hybrid threat, or hybrid adversary (as well as non-linear war, non-traditional war or special war).

The Players:

I want you all to consider that it will not only be Russia playing “Patriot Games” *wink wink* with us all in 2018, but also the other players who likely will be part of the larger picture here. Russia is a given, but as we have seen of late, the GOP seems to be playing much of the same cards that the Russians have against us in the last couple years. The GOP has taken their playbook and augmented it with Trump’s particular brand of crazy as well. Ultimately we have gone through the looking glass because the Russian’s active measures worked. We are now in a “post truth” and “alternative facts” universe which has caused many unable to parse out the reality of things to just either shut down or buy into their narratives whole hog.

  • Russia: will continue to attack reality and cause more fissures within our people and our government.
  • GOP: Will adapt the Russian and Trumpian playbook as well. They have done plenty of dirty tricks in the past, but now, they are armed with a tactical info nuke.
  • Third Parties: China, Iran, others, all will have their reasons to continue and extend the fissures and use them to their advantage.

There are many players who may want to get in on this game to serve their own purposes. Remember this as you try to sort all of it out as it happens.

Attacks

So I am going to throw out some scenarios or attack models here for you to consider. Some or all of these may happen in 2018. Maybe none will happen… Who am I trying to kid here! In any case, consider these as possible attacks and you may even see variations on these themes.

Sub Operations: HYBRID WAR

As we have seen a recent uptick in this activity already, and I am not sure of our SOSUS capabilities anymore, we have to consider that attacks may come from these little sub visits. Now, if you are up on your sub history, the Jimmy Carter (SSN-23) was one of the subs that tapped RU comms. As we have tapped post SORM traffic, the Russians are likely doing the same with the fiber that is on the bottom of the ocean as well. These kinds of listening operations are pretty standard, but consider now that the Russians have stepped this up might signal more possible scenarios. By shaping traffic, cutting traffic, or injecting things into it, the Russians could have quite the little advantage.

  • Subs intercepting (tapping) traffic
  • Subs ability to leave a dead mans switch or active kinetic measures to cut cable
  • Subs tapping allowing to add data to streams and or advance hacks

Hacks and Disinformation Operations: INFOWAR

The hack on the DNC servers was a pretty standard affair using phishing mails and then exploitation of the systems therein once they got a foothold. What data was exfiltrated though, and how it was parsed out and weaponized was the old new trick the US could not foresee evidently. The Russians have been carrying out this kind of warfare for years on Estonia and Ukraine as well as other countries that they feel the need to destabilize. We saw a fair amount of this in our election cycle in 2016 and you should expect more in 2018. In fact I would hazard to say that the operations are already in progress and data is being collected even as I type this.

  • Hacks on news systems
    • Insert fake stories to cause chaos and to delegitimize the org
    • Cause chaos and uncertainty (broadcast primarily but also news sites like CNN’s page)
  • Hacks on EAM systems (Emergency Action Message) There have been recent hacks on these systems by hackers but imagine a nation wide alert set by Russia?
    • Cause panic
    • Cause DoS on telco and other systems
    • Spur over action by government and populace
    • BGP re-routes
      • Ability to disrupt news
      • Ability to disrupt C&C
      • Ability to insert data into C&C
  • Leaks
    • More governmental leaks
    • Personal leaks (kompromat)
    • Leaks of doctored documents (Disinformation Operations)
  • Trolls armies
    • Twitter
    • Facebook
    • News sites
    • Comments sections
      • As we saw on the Net Neutrality comment site, these attacks can be leveraged against any public comment topic. So imagine it being used on the White House site (that is if the Trump admin hadn’t basically killed that function already)
    • Radio commenters
    • AM/SW radio broadcasts

HUMINT/Asset Recruitment

Ah yes, one of my favorite categories… As an old school guy who was around before the computer was so ubiquitous, this form of espionage was the thing. Of course the NSA had signals intel, radio, bugging, etc, but good old human assets can do quite a bit and should still be a thing. Today I would say that in tandem with the active measures attacks that we have seen and will see in 2018, you can count on more human assets being activated. These can be trolls that are real people who take on personae online as well as players within the system who have been recruited or turned.

  • Asset recruitment of GOP players
  • Asset recruitment of proxy group individuals
  • Kompromat use

Kinetic Attacks by Proxy Operations

Kinetic attacks are not as likely but given that things are getting out of hand, and may get even more out of control, I thought it prudent to add this. What I mean by kinetic attacks by proxies is simply that the actors could incite groups and individuals to violent action. We saw in 2017 the Nazi (alt-right) movement’s rise and in that, we saw violence perpetrated as well as at least one death by a Nazi running down a protester. This type of activity is standard operations really in the history of espionage and active measures both by Russia and by the US. If you doubt the US has done such things you should look up our interventions in South America in the past.

  • Insert proxy actors to actualize physical attacks
  • Use groups like KKK and others to initiate more kinetic actions like bombings and confrontations
    • Cause over reaction on populace part
    • Cause over reaction by local and federal governments
      • Over reactions like martial law or other types of crack downs
      • Likely to cause further surveillance tactics and programs

Digital Attacks That Lead To Kinetic Results

And the attack du jour of late, the cyber attacks that cause kinetic effects! Honestly there is no evidence of there being a possible wide scale attack being carried out successfully on the US grid, but, there is always a chance. Of course smaller scale attacks in regions could be possible and carried out to great effect. The effect I speak of would be to perhaps hinder voting, but more so to sow chaos and uncertainty in the population. If you strike the right balance, you could even tailor an attack to lead people to a certain political actor as they run a narrative that gives assurance of reciprocity etc.

I know, now it’s sounding all Manchurian Candidate huh? Well, look at Trump and what happened and then think about it again. He has been pretty much using the Russians playbook that he was given by Putin so it’s not so inconceivable.

  • Power: Power goes down
  • Water: Water stops flowing or becomes tainted
  • Telco: Cells go down
  • Media: No news in an emergency with any of the other situations people will freak
  • Internet Infrastructure (as mentioned above in attacks on cables) No communications, freaking populace

Well, those are some of the scenarios I can foresee. I am sure there will be plenty of others that I could not even imagine today. Suffice to say that we will be under attack again with more vigor specifically by the Russians and the GOP in hopes that they will keep their seats. All of us just need to strap in for the Krazy Ivan to come. Just remember to be judicious in your consuming of media and always think before you freak.

Happy New Year!

K.

 

Written by Krypt3ia

2017/12/29 at 22:19

Posted in .gov, 2018, Infowar

2 Responses

Subscribe to comments with RSS.

  1. I think it’s a huge mistake to assume RU is only using the GOP and/or to assume everyone in the GOP (leadership and elsewhere) are either agents of influence or dupes. Some know quite well what’s going on and are working from the inside to lessen the damage.
    Furthermore, while I’m aware that many Democrats are just as patriotic as we are, some, like some in the GOP, are not. The same goes for third party and independents.
    Great write up otherwise.

    Marla Hughes

    2018/01/01 at 18:28

  2. Actually I said others would also be doing so. So it is not only RU but they will be the main player because they have the playbook and the infrastructure. As to GOP, I look at what they have been doing and extend out they will quisling it out.

    Krypt3ia

    2018/01/02 at 13:50


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: