Vladimir Putin has, for much of his life, been a practitioner of the martial art of judo. Rather than attack an opponent, the trick in judo is to leverage your strength to throw them off-balance. This allows a weaker opponent to defeat a stronger adversary.
In April 2014, Putin told an audience in St Petersburg that the internet was a "CIA project". His claim reflected a deeply-held belief among Russia's elite that the internet was a threat to their grip on power – a tool of subversion created to spread western values. But today, it is not Russia that is on the defensive but the west which is reeling on the mat, its own digital strength turned against it. Russia has learnt to effectively marshal technology – in domestic control, in espionage, in sabotage and in a new type of warfare. The internet may not really be a CIA project, but some of its champions in Silicon Valley did believe that it would change the world. And Russia's mastery raises a difficult question for them: what if everything you have been told about how the internet was going to be a harbinger of liberation is wrong?
Read more: 'Cyber doesn't respect borders': GCHQ's security chief on the dangers facing the UK
Russia's new-found mastery was born out of fear. Putin joined the KGB in the mid-70s as a counter-intelligence officer, tasked with preserving the Communist Party's hold on power. The free flow of information was seen as a threat. Under Soviet rule, there was no independent press, and enormous effort was put into suppressing dissident literature which challenged the legitimacy of the regime - to the extent of controlling photocopiers. That began to change in the mid-80s and accelerated after the collapse of communism. The moment the internet arrived, a new world seemed to open up. Russia's online media environment became among the liveliest of anywhere, full of influential bloggers and activists, a haven for liberals and intellectuals.
When Putin became President in 1999, he promised to bring order. His initial focus was bringing mainstream media and TV channels under tighter state control. The internet was largely left alone for more than a decade. The turning point came in 2011. That year was a high point for those believing the internet would spread freedom around the world. The short-lived Arab Spring blossomed in the Middle East. Popular uprisings swept away authoritarian regimes in Tunisia and Egypt. They were said to be "Twitter and Facebook revolutions". Silicon Valley and its friends argued new tools were allowing ordinary people to communicate and organise to challenge power.
When protests began in Moscow in December 2011 over what were seen as flawed elections, the Kremlin was spooked. Facebook was a key organising tool. Part of the Putin mindset is a conspiratorial view of the world in which a guiding hand is seen behind events such as protests. Putin already thought the west and the CIA had used technological tools to spur the overthrow of Moscow-friendly governments in neighbouring countries; now the fear was that this was happening in Russia itself. The internet had to be brought to heel. The Kremlin exerted control in a number of ways. Back in the cold war, only a few hundred phones could be tapped at any time. But Russia had by now built its own powerful capability called SORM. Its scope has been repeatedly increased to give it more power to collect data and carry out surveillance. Later incarnations require ISPs to keep all traffic data for longer periods so the state could demand access. Predictive-monitoring technology has also been deployed to scour social media for the first signs of protests and Russia has invested in biometrics and voice recognition to find those causing trouble. Since 2012, there have been moves towards greater filtering of internet sites. Blacklists of websites, originally framed as required to protect people from child pornography, have also been expanded.
Troll farms targeted not just bloggers - a thorn in the Kremlin's side - but journalists in other countries who were perceived as critical of Russia. What became known as the "Bloggers Law" was passed in 2014, requiring those with more than 3,000 readers a day to be registered and treated like a media outlet. This keeps media firms off balance, unsure when they might be prosecuted.
In June 2013, Edward Snowden landed at Moscow's Sheremetyevo International Airport. The former NSA contractor was on the run from US intelligence and was granted asylum by Putin.
There is no evidence that Snowden wanted to go to Moscow or was ever a Russian agent, but Putin would turn America's strength against it. Snowden exposed the vast power of the NSA and GCHQ to tap global communications and the apparent complicity of US firms who handed over user data as part of programmes such as PRISM due to secret legal orders. Snowden may be personally opposed to the surveillance state but his actions had unintended consequences. Other countries looked at what the US had constructed and decided that they wanted a piece of the action. For Russian officials, Snowden's disclosures were ammunition to claims that the internet was actually a western surveillance machine. The answer was to assert domestic control and localise - or nationalise - data.
In November 2013, Russian officials reportedly visited the offices of Microsoft and Google in Moscow to discuss how to protect emails being collected by US intelligence. A new law for localisation of data came into force in September 2015, requiring Russians' personal data to be stored in Russia. This could be portrayed as keeping it out of the hands of the all-powerful NSA while making it accessible to the Russian state. Companies such as Google will not comment on the details but they are thought to have kept certain forms of corporate data in Russia while trying to keep consumer and user data out of the country. One of the most dramatic power-plays came with VKontakte, Russia's own version of Facebook. When its founder, Pavel Durov, refused to hand over personal data of those who had been involved in protests, he was forced to sell his stake in his own company. He left Russia and later founded the security-focused communications platform Telegram (see WIRED 03.15).
Russia's quest to nationalise its internet has gathered pace in recent years, as part of its attempt to create "digital sovereignty". It has conducted simulations to see what would happen if internet connections to the outside world were cut. This is framed defensively: could life continue if the US pulled the plug in the event? But this could also be a useful tool to shut down dissent if internet-organised protests threatened the regime. According to Andrei Soldatov, author of The Red Web, Russia invited China's top cybersecurity officials to Moscow, including the creator of the Great Firewall of China, for consultations. It is thought they were there to advise Russia on how to better control its own "sovereign information space". "That looks scary," Soldatov says.
During the cold war, the KGB devoted extensive energy to what it called "active measures" - operations to influence other countries. This would sometimes be done through propaganda but also through misinformation and forgery, like the claim the AIDS virus had been created in a US military research establishment. The aim was to weaken Moscow's enemies by increasing distrust of the US or undermining faith in NATO. The reality was that in the cold war this kind of work was rarely successful. It was often too hard to spread in a credible way.
Then came Facebook. Social-media networks - which tech companies told us would help democratise information and empower ordinary people to speak their voice - turn out to be rather good at distributing propaganda, misinformation and fake news. The very nature of social media - its speed, its anonymity, its openness, its love of a snappy headline, its rambunctious nature and preference for controversy over substance - all make it ideal for influence operations. Its decentralised nature allows small and often little-known news outlets to push out stories to reach large audiences rapidly. The echo-chamber effect - in which people seek out stories they want to believe - can be subject to manipulation by those who know how to write a headline or use a hashtag. Automated bots can also help increase a story's reach.
News may be fake or it may just be slanted, but together the effect is to make people unsure what to believe. In the US, the suspicion in some quarters is that pro-Trump and anti-Clinton stories were spread as part of a deliberate Kremlin strategy. What had been seen as a strength - an open information space in the west - is suddenly looking like a weakness faced with Putin's digital judo.
Putin's goal is to restore Russia's place as a great power. Keeping the west off balance gives him the space to do that. In 2013, Valery Gerasimov, one of Russia's top generals, explained how information itself could be weaponised. Russia knew it was outgunned in conventional warfare - the trick was to find a new way to fight. So it invented hybrid warfare.
Read more: Monetising misinformation: inside the fake news capital of the world
Victory in hybrid warfare would belong to those who could use non-traditional means to achieve their objectives. Information was itself a weapon that could be deployed to destabilise a country short of traditional force. And when military force was deployed, it could be done in a less overt way, combined with new technology. "Long-distance contactless actions against the enemy are becoming the main means of achieving combat and operational goals," Gerasimov said.
Cyberspace is the natural home for this new form of warfare. It allows just enough remoteness and deniability to make it easier for one country to act against another without moving to full-scale conflict. The first test came in Estonia in 2007, when the Baltic country's institutions were subjected to massive denial-of-service (DOS) attacks during a dispute with Russia. In Georgia the following year, Russia combined cyber and information operations with regular warfare. But since 2014, Russia has mastered these techniques in Ukraine.
When protests emerged in Ukraine in 2014, Russia attributed them to Facebook and western covert influence. But it was ready to strike back. Russia launched a multifaceted information, propaganda and cyber campaign. Surveillance technology was used to pick up an American diplomat's angry private comments about Europeans, which were then spread on social media. Trolls were unleashed. When Russian backed rebels shot down a Malaysian Airlines passenger flight over Ukraine, propaganda challenged the facts while hackers targeted the official international investigation.
In the 90s, a new criminal underworld of hackers emerged in Russia. The state realised these people could be enlisted to help. Hackers are said to be offered a choice when they run afoul of the law: go to prison or work for the state. Hacker groups are believed to be tolerated so long as they do not carry out criminal acts within Russia and work for the state when required. In Ukraine, Russia moved beyond espionage. Read more: Exposed: how one of Russia's most sophisticated hacking groups operates
On December 23, 2015, the lights went out in parts of Ukraine after a "highly synchronised, multi-stage, multisite attack" on an electricity distribution company - an act which went beyond espionage and into the realms of sabotage.
Russia has also deployed these aggressive tactics further afield. In April 2015, TV5Monde's TV networks - which broadcast French-language content around the world - went dark. The perpetrators had penetrated the network months earlier and carried out a reconnaissance of its systems, before fabricating malware to destroy the internet-connected hardware that controlled the station's operations. The attackers posed as members of a jihadist group but western intelligence soon identified them as the Russian group known as APT 28, or Fancy Bear. The general western consensus was that Russia was testing its capabilities.
The risk is that Russia and its hackers get something wrong and go too far. That may have been the case in their most ambitious alleged operation - the attempt to influence the 2016 US election. The US intelligence community says that Russian hackers, including APT 28 or Fancy Bear, targeted the Democratic National Committee and officials on the Hillary Clinton campaign. The hackers then engineered for leaked emails to get into the public domain via WikiLeaks and other sites. Part of the genius of this technique is that it doesn't take much work by the hackers. They simply dump the data on to public-facing websites and let journalists sift through it themselves. It's another judo move. "You've turned the openness against people," explains Laura Galante, director of global intelligence at FireEye and a former Pentagon official.
You might think the furore following the US election may have led Russian hacking groups to keep their head down. The reality is anything but. Those who track APT 28, such as Galante, say they are seeing the same infrastructure used in the US election operations now being used in Europe - including Germany, which holds its own election this year. Hashtags and Twitter handles are being employed to push anti-refugee lines.
The Kremlin denies it is behind these operations. Like an expert judo player, it makes sure its opponent cannot get a grip. Moscow's response to the accusations is to demand hard proof. That is not easy to do in public, as the US intelligence community has found. Recent arrests of cyber officials in Russia - including some from the Federal Security Service - have been linked by some to an ongoing mole-hunt for the sources for US reports linking Russia to the election hack. Others think the arrests are linked to the Shaltay Boltay (or Humpty Dumpty) hacking group, which was a kind-of Russian version of WikiLeaks, publishing embarrassing material from government officials. Others link the arrests to a power struggle between different parts of the security services. Discerning the truth is not easy.
Read more: Hunting the DNC hackers: how Crowdstrike found proof Russia hacked the Democrats
Despite Russia's mastery of the internet, there are still free voices in the country's media. And the way in which bloggers around the world were able to prove Russian troops were present in Ukraine by analysing their social-media posts showed Russia still has its vulnerabilities. No doubt the NSA and GCHQ have their own cyber weapons, but they may be more wary of using them than the Russians. British officials acknowledge the sheer scale of Russia's activity and its brazenness has been a surprise.
One of the ways in which Russia rose to becoming a superpower in the judo world was thanks to their fighters' novel tactics and mastery of grips on their opponents. The same may now be happening online.
The internet, its proponents in Silicon Valley claimed, would liberate us to challenge authority as part of a global community. But what if Russia is showing that the internet can instead be mastered in a different way? To exert control at home and to disrupt it abroad. The Russian state has exploited western values such as freedom of the press and dependence on technology to its own ends. Whether this is just an aberration or a genuinely different path is, as yet, unclear.
This article was originally published by WIRED UK
