Categories
Shared Links - Audio Posts

Hybrid Warfare and Active Measures

Listen to this article

Michael_Novakhov
shared this story
.

b’

Hybrid Warfare and Active Measures

Byxc2xa0Gabriel Lloyd

Introduction

Since Vladimir Putinxe2x80x99s inauguration as Russiaxe2x80x99s president following the tumultuous tenure of Boris Yeltsin, Russia has implemented a coordinated policy of conventional espionage measures, cyber intrusions, and information operations targeting the United States. Validated on the multi-domain battlefields and computer networks of vulnerable Baltic neighbors, Russiaxe2x80x99s active campaigns of intelligence and influence operations have caught the United States off-guard. Four successive U.S. presidential administrations have grappled with Russian aggression, but U.S. responses have consistently lacked cohesion, strategy and effectiveness in deterrence. Russiaxe2x80x99s weaponization of social media and willingness to attack the foundations of American democracy have made the development of a coherent U.S. strategy a matter of urgent national importance. By examining the underlying doctrine of hybrid warfare, the specific tactics that Putinxe2x80x99s Russia is using against the United States and highlighting recent U.S. responses to Russian espionage and cyber influence campaigns, this paper identifies the potent tools and patterns of hybrid warfare strategy that collectively constitute a growing threat to U.S. national security. While hybrid warfare falls short of conventional military conflict in the metric of physical destruction, its deleterious effects on American security are undeniable and suggest the need for a long-term, comprehensive strategy from the United States.

Hybrid Warfare

Modern Russian intelligence operations, cyber intrusions and influence operations have found both potency in the proliferation of social media technologies and a receptive target in the existing political and social divisions in the United States. Media reports, including dramatic documentaries and breathless biopics on the ten Russian xe2x80x9cillegalsxe2x80x9d arrested in 2010, create perceptions of either a newly developed Russian playbook or a full-scale return to the Cold War era of spy-vs-spy. Neither perspective is entirely accurate. Russia under Putin pursues transparent foreign policy objectives aimed at strengthening Russian prestige on the international stage, diminishing American unipolar global power, and fundamentally shifting the existing international power structure. An evaluation of Russiaxe2x80x99s policy objectives by the Baltic Bulletin succinctly encapsulates Putin-era attitudes towards the international system, observing that xe2x80x9cRussia seeks to gain superpower status and to reshape the rules of the international system so that Western domination ends and a multipolar world order emerges,xe2x80x9d and notes that Russia has no interest in xe2x80x9cseek[ing] cooperation with Western countries on equal terms without challenging the current status quo.xe2x80x9d[i] The novel set of tools that Putin-era Russia uses against the United States in pursuit of these ends exists within the larger construct of the Gerasimov Doctrine and hybrid warfare.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 Analysts have used a myriad of terms to describe the fusion of Russian espionage, cyber and information operations, but all three are best explained as elements of a Russian hybrid warfare strategy. Hybrid warfare xe2x80x9crefers to Moscowxe2x80x99s use of a broad range of subversive instruments, many of them nonmilitary, to further Russian national interest.xe2x80x9d[ii] While not a term Russian officials use themselves, the concept incorporates the espionage, cyber and information operations directed at the United States, as well as a range of other military and government actions against neighboring Baltic states, European Union powers, and other regional and global competitors. RAND Corporation political scientist Christopher Chivvisxe2x80x99 conceptual framework for hybrid warfare, which offers three defining characteristics and six common tools, clarifies the nature of the Russian hybrid warfare threat to the United States.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 Russian hybrid warfare is not a military strategy or a diplomatic one, but rather a fusion of seemingly disparate elements of government operations into a unified instrument of national power. Chivvis observes that hybrid warfare xe2x80x9ceconomizes the use of forcexe2x80xa6it is persistentxe2x80xa6[and] it is population centric.xe2x80x9d[iii] Nuclear deterrence, massive infantry and artillery formations, and secret submarines remain elements of the Russian vision of national security, but the post-Cold War atrophy of Soviet power has left Russia in search of long-running, cost-effective and partially hidden strategies that will achieve in the long-term what it is impossible for a militarily overmatched Russia to achieve through military hardware alone. Cyber tools, information operations, and espionage are not tools for occasional use. Instead, xe2x80x9chybrid war breaks down the traditional binary delineation between war and peacexe2x80xa6hybrid war strategies are always underway, although at certain moments they may become more acute and intense or cross over into conventional combat operations.xe2x80x9d[iv] A diverse array of tactics support ongoing hybrid warfare operations, including information operations, cyber operations, the use of proxy forces, economic influence, clandestine (intelligence) operations, and political influence.[v] All six elements are present in increasingly bold Russian efforts focused against the United States over the past decade.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 While he does not specifically use the term hybrid warfare, Valery Gerasimovxe2x80x99s professional writings provide the clearest open-source view into modern Russian strategic thinking and lay the conceptual foundations for understanding recent Russian operations against the United States. Gerasimov, the Chief of Staff of the Russian Federation Armed Forces, describes a global xe2x80x9ctendency toward blurring the lines between the state of war and peace,xe2x80x9d and notes of the Arab Spring and Color Revolutions that xe2x80x9ca perfectly thriving state can, in a matter of months and even days, be transformed into an arena of fierce armed conflict, become a victim of foreign intervention, and sink to a web of chaos, humanitarian catastrophe, and civil war.xe2x80x9d[vi] Present in Gerasimovxe2x80x99s writing is an underlying articulated sense of Russian vulnerability to dangerous global trends, and the need for a strong, nationally unified response. Strikingly, Gerasimov asserts that xe2x80x9cthe very xe2x80x98rules of warxe2x80x99 have changed. The role of nonmilitary means of achieving political and strategic goals has grown and, in many cases, they have exceeded the power of force of weapons in their effectiveness.xe2x80x9d[vii] Lieutenant Colonel Timothy Thomas, senior analyst at the U.S. Army Foreign Military Studies Office, while downplaying the novelty of Gerasimovxe2x80x99s writings, observes that xe2x80x9cGerasimovxe2x80x99s speech isxe2x80xa6the first to express the observation that in contemporary conflict, nonmilitary methods are being used at a ratio of 4:1 relative to military methods.xe2x80x9d[viii] This conception of hybrid warfare, obliquely referenced by the top Russian military official in open publications, represents the foundational strategic vision upon which Russia builds its espionage, cyber, and influence operations.

Espionage, Cyber Operations, and Internet-Based Information Operations

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 Hybrid warfare can take many forms, from subtle information operations to full scale military altercations. The primary tools Russia has used against the United States in the 21st century fall into three categories: espionage operations, cyber intrusions and hacks, and information or influence operations. Russian strategists combine these three types of tools into interdependent hybrid warfare strategies. Executed primarily through Russiaxe2x80x99s compartmentalized state security organizations, these tools retain distinct similarities to Soviet operations during the Cold War and have achieved outsized effects through the leverage of technology. Thomas Rid describes the fusion of intelligence and targeted disinformation campaigns in the 1960s, in which intelligence agencies ran deliberate disinformation campaigns as an element of so-called political warfare. By the late 1970s, xe2x80x9cdisinformation became well-resourced and fine-tunedxe2x80xa6lifted to an operational science of global proportions, administered by a vast, well-oiled bureaucracy.xe2x80x9d[ix] This fusion of intelligence and information operations became widely known as xe2x80x98active measures.xe2x80x99 While the fall of the Soviet Union and breakup of the KGB largely paused such operations in the 1990s, Putin-era Russia has fused traditional conceptions of active measures with innovations in cyber warfare and social media to create modern active measures that have been used against the United States with alarming effectiveness.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 Traditional espionage operations are the foundation of active measures campaigns, both of Cold War and 21st century varieties. While Russian intelligence operations are most associated with the recruitment of American spies like Robert Hanssen or Aldrich Ames, intelligence officers who possessed placement and access to classified information that they could sell to Russian intelligence officers, traditional agent recruitment is only one facet of the Russian intelligence domain. The 1960s and 1970s saw KGB intelligence officers spearheading disinformation campaigns. Today, disinformation remains a vital part of the Russian security servicesxe2x80x99 repertoire. Gordon Corera, referencing the 10 Russian sleeper agents or xe2x80x9cillegalsxe2x80x9d arrested and traded in 2010, notes that observers downplayed the threat these operatives posed because they did not acquire classified material. Corera contends they were engaged in the 21st century hybrid warfare version of Cold War information operations, a phenomenon as dangerous as the compromise of classified information. Corera poses the question, xe2x80x9cwhat if spies are not after secrets but influence?,xe2x80x9d observing that xe2x80x9cthe Kremlinxe2x80x99s agents have learned to marshal espionage, influence operations, and use technology in a novel way as they engage in a conflict with the West that for many years went unrecognized.xe2x80x9d[x] Despite the necessary attention paid to internet-based information operations and cyber methodologies in the wake of the 2016 U.S. Presidential election, traditional Russian intelligence operations remain a major element of Putinxe2x80x99s strategy against the West.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 The recent implication of Russian security services in the targeting of former Russian intelligence officers exiled in Europe has added a troubling dimension to Russian espionage operations in Europe. In 2006, exiled F.S.B intelligence officer Alexander Litvinenko died after polonium-210 was surreptitiously placed in his tea in London. Similarly in 2018, Sergey Skripal, a former G.R.U. intelligence officer traded in the 2010 spy swap for 10 Russian illegals, narrowly escaped death after a high-dose exposure to the nerve agent Novichok. Just as with cyberattacks, ironclad attribution of these attacks is difficult to achieve. A long-running British inquiry into the death of Litvinenko concluded the attack was likely ordered by Russian authorities, but Russia refused to extradite the leading suspects for prosecution. In Skripalxe2x80x99s case, British police identified Anatoly Chepiga and Alexander Mishkin as the Novichok assassins, and research revealed Putin had previously awarded both men state honors for their service.[xi] Russian assassinations of defectors have not reached Americaxe2x80x99s shores, but the brazenness of these operations, and the mysterious poisoning of Russian opposition leader Alexei Navalny point to the incorporation of Cold War-era assassination techniques into the hybrid warfare playbook. An assassination on American soil, while unlikely, is far from impossible.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 The 2020 Russian government cyber intrusion into United States federal government computer systems through a hack of SolarWinds represents the latest in a long line of offensive cyber operations Russia has perpetrated against the United States and NATO allies. The cyber intrusions represent another interconnected facet of Russiaxe2x80x99s hybrid warfare strategy. Beginning with a powerful 2007 denial-of-service attack aimed at neighboring Estonia, Russia has demonstrated a willingness to use cyber weapons to steal information and government secrets, disrupt internet commerce, and sow disinformation. Oliver Fitton identifies the potency of these cyber tactics, as well as the United Statesxe2x80x99 difficulty in defending against them, noting xe2x80x9ccyber operations are difficult to attribute and, in some cases, deniable even if a degree of attribution is possiblexe2x80xa6the potential for both ambiguity and effectiveness means that cyber operations are very likely to be employedxe2x80x9d as part of a hybrid warfare strategy short of outright conflict.[xii] A closer examination of the SolarWinds attack serves as a useful case study in offensive cyber operations as distinct from cyber-enabled information operations.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 The SolarWinds hack, identified by private sector and U.S. government officials in December 2020, represents arguably the most serious state-sponsored cyber-attack targeting the United States, and the clearest indication yet that Russia is actively engaged in a policy of offensive cyber operations within a larger hybrid warfare strategy. The hack also illustrates the sheer effectiveness of state-sponsored cyber operations. In this xe2x80x9csupply chainxe2x80x9d attack, Russian hackers infiltrated the servers of SolarWinds, a company whose software saw common usage as a popular IT resource management tool. The hackers used SolarWindsxe2x80x99 periodic software updates to install backdoor access and infiltrate malware into government and private sector networks. Unclassified networks from the Pentagon, Department of Homeland Security, State Department, Department of Energy, National Nuclear Security Administration, and Department of the Treasury experienced widespread compromise. The attack was ongoing for months before its December discovery. Tom Bossert, Homeland Security Advisor to President Trump, describes the massive extent of this hack, positing that xe2x80x9cthe Russians have had access to a considerable number of important and sensitive networks for six to nine months. The Russian S.V.R. will surely have used its access to further gain administrative control over the networks.xe2x80x9d[xiii] The S.V.R.xe2x80x99s unimpeded access for the better part of a year makes it difficult for experts to assess what other systems may be compromised, and the exact purpose of the attack. Speculating on possible Russian strategy, Bossert assesses that xe2x80x9cthe actual and perceived control of so many important networks could easily be used to undermine public and consumer trust in dataxe2x80xa6in the networks that the Russians control, they have the power to destroy or alter data, and impersonate legitimate people. Domestic and geopolitical tensions could escalate quite easily if they use their access for malign influence and misinformationxe2x80x94both hallmarks of Russian behavior.xe2x80x9d[xiv] Just as the use of sleeper agents in conventional espionage operations supported an end goal of facilitating Russian influence campaigns, the SolarWinds cyberattack, too, creates infrastructure to support information operations.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 The United States has largely recognized its vulnerability to cyber operations and traditional espionage for years, yet Russiaxe2x80x99s ability to weaponize social media as part of influence operations caught most Americans unprepared. Beginning in 2014, the Internet Research Agency, a Russian troll farm, used the tools of online marketing to implement information operations and propaganda campaigns on behalf of the Russian security services targeting U.S. citizens. xe2x80x9cWhat we have here is a multi-strategy, multithreaded approach to influencing and to dividing,xe2x80x9d observes Renee DiResta, technical research manager at Stanford Internet Research Observatory.[xv] Between 2014 and the 2016 U.S. elections, the Internet Research Agency and Russian GRU created more than 20 social media influence campaigns targeting 13 countries.[xvi] Meg Kelly and Elyse Samuels of the New York Times provide an illuminating and alarming summary of these operations, noting xe2x80x9cRussian operatives weaponized social media, using services and techniques that were designed by technology companies for advertisers. They co-opted traditional media by sharing hacked information and spreading sensationalized stories through fake online personas. They updated long-standing propaganda tactics with inauthentic behavior on social media and in traditional media to reach voters in the digital era.xe2x80x9d[xvii] Social media provided a mechanism for Russia to link traditional espionage-based influence operations and cyber-attacks into a unified, potent weapon that is difficult to detect or prevent. Just as Gerasimovxe2x80x99s conception of hybrid warfare seeks to synchronize warfighting domains, Russian active measures in the 21st century combine the effects of previously separate security and intelligence disciplines.

Inconsistent and Nonexistent United States Policies

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 Broad consensus exists in policymaking and analytical communities that the threat posed to U.S. national security by Russian espionage, cyber operations and multi-discipline active measures is both serious and growing. Creating a comprehensive response strategy, however, has proved difficult for leaders of both political parties. Response, too, is only part of the solution. United States policy should consist of both deterrence and response elements, proactive and reactive measures to limit Russiaxe2x80x99s ability to achieve its long-term strategic goals of reshaping the existing international system. This section will examine a sample of U.S. responses to espionage, cyber, and information operations campaigns.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 United States responses to Russian espionage operations have changed little since the Cold War. The expulsion of Russian spies with diplomatic credentials or the trade of xe2x80x98illegalsxe2x80x99 for imprisoned U.S. intelligence assets are not novel techniques. Past administrations have struggled, however, to balance punitive actions with a desire not to destroy bilateral relations with Russia. In response to the Russian cyber-attacks on the Democratic National Committee (DNC) in 2016, for example, the Obama administration ordered the expulsion of 35 Russian intelligence officers (under diplomatic cover) as well as a litany of new sanctions on Vladimir Putinxe2x80x99s government and private corporations accused of serving as fronts for Russian intelligence operations. Administration officials hinted at other covert response measures, but open-source details are not available.[xviii] The capture of 10 Russian xe2x80x98illegalsxe2x80x99 in 2010 presented a challenge rarely seen in the days since the Cold War, as none of the accused intelligence operatives had diplomatic immunity. Under such circumstances, criminal prosecution remains an option, however Administration officials elected to trade the ten agents for four Russian double agents who had worked for the United States and Britain before being imprisoned in Russia on espionage related charges. The expulsion or swap of intelligence officers comes at a cost for the Russian intelligence services, as these officers have decades of experience and contacts in the United States. There is little evidence, however, that the threat of expulsion alone serves any deterrent effect. Instead, Russia factors in such risks as the cost of doing business in the intelligence profession. Expulsion of known intelligence officers can also make future counterintelligence operations more difficult, as the FBI must identify new intelligence operatives rather than surveilling known ones.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 U.S. responses to Russian security servicesxe2x80x99 targeting of dissidents has also adhered largely to a cold-war playbook of expulsion and sanctions. In response to the poisoning of former Russian intelligence officer Sergei Skripal in 2018, the Trump administration announced the expulsion of 60 Russian diplomats (some likely intelligence officers) and the closure of a diplomatic compound in Seattle. With no requirement to permanently reduce manning levels at diplomatic compounds, however, all 60 were replaced with some combination of legitimate diplomats and intelligence officers.[xix] Despite the severity of the assassination allegations, the United States sought once again to balance a xe2x80x98proportionate responsexe2x80x99 with a desire to preserve some level of amity in bilateral relations with Russia.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 Cyber-attacks and hacks pose distinct challenges to U.S. authorities. First, attribution of cyber-attacks can be a difficult and lengthy process. Herbert Lin, a senior researcher at the Center for International Security and Cooperation at Stanford University, notes that xe2x80x9call attribution judgements are necessarily accompanied by some measure of uncertaintyxe2x80xa6attribution of malicious cyber activity can be to a machine, to a specific human being pressing keysxe2x80xa6and to a party that is deemed ultimately responsible for that activity.xe2x80x9d[xx] Just as the United States takes technical measures to hide its involvement in cyber operations, Russia, too, operates through a web of proxies, private corporations, and false certificates. Second, cyberwar and cyber espionage are distinctly different activities. The SolarWinds intrusion, while devastating to U.S. national security, was not an act of cyberwar, but rather another form of intelligence collection. Borghard notes that xe2x80x9cto call [SolarWinds] a cyberattack would be off the mark. At this point, the operation appears to have been espionage to steal national security information, rather than to disrupt, deny, or degrade US government data or networksxe2x80xa6Espionage is an accepted part of international statecraft, one that states often respond to with arrests, diplomacy, or counterintelligence. In contrast, an attack (even a cyberattack) has international and domestic legal ramifications that could allow states to respond with force.xe2x80x9d[xxi] The United States treats Russian cyberattacks and hacks as espionage and has traditionally used the associated tools of statecraft in response, primarily diplomatic expulsions and limited sanctions.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 The Biden Administrationxe2x80x99s response to the Solar Winds hack, announced on April 15, 2021, shared many similarities with previous U.S. responses to state-sponsored cyber intrusions, but sought explicitly to establish clear attribution. President Biden signed an executive order which, in addition to announcing the expulsion of ten Russian diplomats from diplomatic missions in Washington, DC, sanctioned 32 individuals and entities xe2x80x9ccarrying out Russian government-directed attempts to influence the 2020 U.S. presidential election, and other acts of disinformation and interference.xe2x80x9d[xxii] Additionally, the White House explicitly named xe2x80x9cthe Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platformxe2x80x9d stating xe2x80x9cthe U.S. Intelligence Community has high confidence in its assessment of the attribution to the SVR.xe2x80x9d[xxiii] Finally, the National Security Agency, Cybersecurity & Infrastructure Security Agency, and Federal Bureau of Investigation issued a joint advisory entitled xe2x80x9cRussian SVR Targets U.S. and Allied Networks,xe2x80x9d seeking to publicize cautionary information to blunt the effectiveness of future Russian cyber espionage operations.[xxiv]

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 The Biden Administrationxe2x80x99s decision to address both cyber espionage (SolarWinds) and social media-enabled election interference with a unified response is evidence of a dawning recognition that Russian hybrid warfare techniques are elements of a unified strategy rather than isolated incidents of concern. In 2018, The Trump Administration sanctioned five Russian citizens and 19 individuals for cyber activity related to the 2016 election but hesitated to pursue more lasting policy changes. By 2019, however, the Trump Administration acknowledged the vulnerability of the U.S. election system and warned that technological advances would only increase the risk of foreign interference. In a memo to Congress, Trump wrote that xe2x80x9cthe ability of persons locatedxe2x80xa6outside the United States to interfere in or undermine public confidence in United States elections, including through the unauthorized accessing of election and campaign infrastructure or the covert distribution of propaganda and disinformation, continues to pose an unusual and extraordinary threat to the national security and foreign policy of the United States.xe2x80x9d[xxv] Absent in the memo, however, was the identification of Russia as a leading culprit in the disinformation arena.

xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0xc2xa0 Because the expansive proliferation of social media served to enable Russiaxe2x80x99s modern disinformation strategy, social media platforms have made some effort to address the issue from the private sector. Twitter banned political ads in the run-up to the 2020 presidential election, while Facebook and Google created tools for users to check on the source of political ads and content. Facebook has subjected some posts to scrutiny from third party fact checkers, a policy that has roiled domestic political tensions in the United States. Across the social media industry, engineers have focused new attention on purging fraudulent accounts and bots from their platforms, with some degree of success.[xxvi] Debate continues about the degree to which social media platforms have an obligation to review and censor misleading content, and government regulators are thus-far unwilling to subject the companies to strenuous government oversight. Brookings fellow Niam Yaraghi notes that xe2x80x9cthere are two ways to consider a social media platform: on one hand, we can view them as technologies that merely enable individuals to publish and share contentxe2x80xa6on the other hand, one can argue that social media platforms have now evolved curators of content.xe2x80x9d[xxvii] Despite limited efforts to address their exploitation as delivery vehicles for Russian influence and disinformation activities, the major social media companies remain vulnerable to continued exploitation.

Conclusions

Russian active measures exist as part of a hybrid warfare strategy put in place by President Putin as a tool to pursue foreign and domestic political aims. The United States under the past three administrations has lacked a comprehensive strategy of response. While the constitutional and democratic norms of the United States necessitate a different foreign policy playbook from Russiaxe2x80x99s, nevertheless it is imperative for the U.S. to implement a structured, comprehensive strategy to deter and respond to brazen acts of aggression aimed at undermining U.S. national security and domestic governance. While Russiaxe2x80x99s active measures are largely refinements of Cold War-era strategies and tactics, their surprising success in disrupting American life have no doubt caught the attention of other U.S. adversaries, most notably China, Iran and North Korea. The defense and intelligence establishments must continue to examine how peer and near-peer adversaries around the globe are developing their own active measures. The exponential growth of technological interdependence all but ensures active measures, in a variety of forms, will remain a threat to American national security for the foreseeable future.


[i] Franklin Kramer and Lauren Speranza, “The Russian Hybrid Challenge: A Comprehensive Strategic Framework,”xc2xa0The Atlantic Council: Brett Scowcroft Center on International Security, May 2017, accessed April 10, 2021, The Russian Hybrid Challenge: A Comprehensive Strategic Framework

[ii]Christopher Chivvis, “Understanding Russian “Hybrid Warfare” and What Can Be Done About It,”xc2xa0Testimony before the Committee on Armed Services, United States House of Representatives, March 22, 2017, accessed April 10, 2021, <a href=”https://www.rand.org/content/dam/rand/pubs/testimonies/CT400/CT468/RAND_CT468.pdf” rel=”nofollow”>https://www.rand.org/content/dam/rand/pubs/testimonies/CT400/CT468/RAND_CT468.pdf</a>

[iii] Chivvis, xe2x80x9cUnderstanding Russian xe2x80x9cHybrid Warfarexe2x80x9d and What Can Be Done About Itxe2x80x9d

[iv] Chivvis, xe2x80x9cUnderstanding Russian xe2x80x9cHybrid Warfarexe2x80x9d and What Can Be Done About Itxe2x80x9d

[v] Chivvis, xe2x80x9cUnderstanding Russian xe2x80x9cHybrid Warfarexe2x80x9d and What Can Be Done About Itxe2x80x9d

[vi] Valery Gerasimov, “The Value of Science Is Foresight, New Challenges Demand Rethinking the Forms and Methods of Carrying Out Combat Operations,”xc2xa0Military Review, Jan. & Feb. 2016, p. 24, accessed April 10, 2021, <a href=”https://www.armyupress.army.mil/Portals/7/military-review/Archives/English/MilitaryReview_20160228_art008.pdf” rel=”nofollow”>https://www.armyupress.army.mil/Portals/7/military-review/Archives/English/MilitaryReview_20160228_art008.pdf</a>,

[vii] Gerasimov, xe2x80x9cThe Value of Science Is Foresight, New Challenges Demand Rethinking the Forms and Methods of Carrying Out Combat Operations,xe2x80x9d p. 24.

[viii] Timothy Thomas, “The Evolving Nature of Russia’s Way of War,”xc2xa0Military Review, July & Aug. 2017, p. 41, accessed April 10, 2021, <a href=”https://www.armyupress.army.mil/Portals/7/military-review/Archives/English/MilitaryReview_20170831_THOMAS_Russias_Way_of_War.pdf#:~:text=” rel=”nofollow”>https://www.armyupress.army.mil/Portals/7/military-review/Archives/English/MilitaryReview_20170831_THOMAS_Russias_Way_of_War.pdf#:~:text=</a>

[ix] Thomas Rid,xc2xa0Active Measures: The Secret History of Disinformation and Political Warfarexc2xa0(S.l.: Profile Books, 2021), p. 7.

[x] Gordon Corera,xc2xa0Russians Among Us: Sleeper Cells, Ghost Stories and the Hunt for Putins Agentsxc2xa0(S.l.: William Collins, 2021), p. 7.

[xi] Reevell, Patrick. xe2x80x9cBefore Navalny, a Long History of Russian Poisonings.xe2x80x9dxc2xa0ABC News, ABC News Network, 26 Aug. 2020, abcnews.go.com/International/navalny-long-history-russian-poisonings/story?id=72579648.

[xii] Oliver Fitton, “Cyber Operations and Gray Zones: Challenges for NATO,”xc2xa0Connections: The Quarterly Journalxc2xa015, no. 2 (2016): p, 116, doi:10.11610/connections.15.2.08

[xiii] Thomas P. Bossert, “I Was the Homeland Security Adviser to Trump. We’re Being Hacked,” The New York Times, December 17, 2020, p. 116, accessed April 18, 2021, <a href=”https://www.nytimes.com/2020/12/16/opinion/fireeye-solarwinds-russia-hack.html” rel=”nofollow”>https://www.nytimes.com/2020/12/16/opinion/fireeye-solarwinds-russia-hack.html</a>

[xiv] Bossert, “I Was the Homeland Security Adviser to Trump. We’re Being Hacked,” 2020.

[xv] Meg Kelly and Elyse Samuels, “Analysis | How Russia Weaponized Social Media, Got Caught and Escaped Consequences,” The Washington Post, November 18, 2019, accessed April 18, 2021, <a href=”https://www.washingtonpost.com/politics/2019/11/18/how-russia-weaponized-social-media-got-caught-escaped-consequences/” rel=”nofollow”>https://www.washingtonpost.com/politics/2019/11/18/how-russia-weaponized-social-media-got-caught-escaped-consequences/</a>

[xvi] Kelly and Samuels, Analysis | How Russia Weaponized Social Media, Got Caught and Escaped Consequences, 2021.

[xvii] Kelly and Samuels, Analysis | How Russia Weaponized Social Media, Got Caught and Escaped Consequences, 2021.

[xviii] David E. Sanger, “Obama Strikes Back at Russia for Election Hacking,” The New York Times, December 29, 2016, accessed April 18, 2021, <a href=”https://www.nytimes.com/2016/12/29/us/politics/russia-election-hacking-sanctions.html” rel=”nofollow”>https://www.nytimes.com/2016/12/29/us/politics/russia-election-hacking-sanctions.html</a>

[xix] Sonam Sheth, “There’s a Huge Caveat in the US’ Expulsion of 60 Russian Diplomats,” Business Insider, March 31, 2018, accessed April 18, 2021, <a href=”https://www.businessinsider.com/theres-a-huge-caveat-in-the-us-expulsion-of-60-russian-diplomats-2018-3″ rel=”nofollow”>https://www.businessinsider.com/theres-a-huge-caveat-in-the-us-expulsion-of-60-russian-diplomats-2018-3</a>

[xx] Herbert Lin, “Attributes of Malicious Cyber Incidents: From Soup to Nuts,”xc2xa0Columbia Journal of International Affairs, March 9, 2017, accessed April 10, 2021

[xxi] Erica Borghard, “Russia’s Hack Wasn’t Cyberwar. That Complicates US Strategy,” Wired, December 17, 2021, accessed April 18, 2021, <a href=”https://www.wired.com/story/russia-solarwinds-hack-wasnt-cyberwar-us-strategy/” rel=”nofollow”>https://www.wired.com/story/russia-solarwinds-hack-wasnt-cyberwar-us-strategy/</a>

[xxii] “FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government,” The White House, April 15, 2021, |PAGE|, accessed April 18, 2021, <a href=”https://www.whitehouse.gov/briefing-room/statements-releases/2021/04/15/fact-sheet-imposing-costs-for-harmful-foreign-activities-by-the-russian-government/” rel=”nofollow”>https://www.whitehouse.gov/briefing-room/statements-releases/2021/04/15/fact-sheet-imposing-costs-for-harmful-foreign-activities-by-the-russian-government/</a>

[xxiii] “FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government,” The White House, 2021.

[xxiv] “FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government,” The White House, 2021.

[xxv] Christopher Chivvis, “Understanding Russian “Hybrid Warfare” and What Can Be Done About It,”xc2xa0Testimony before the Committee on Armed Services, United States House of Representatives, March 22, 2017, accessed April 10, 2021, <a href=”https://www.rand.org/content/dam/rand/pubs/testimonies/CT400/CT468/RAND_CT468.pdf” rel=”nofollow”>https://www.rand.org/content/dam/rand/pubs/testimonies/CT400/CT468/RAND_CT468.pdf</a>)

[xxvi] Queenie Wong, “Here’s How Social Media Companies Are Fighting Election Misinformation,” CNET, November 07, 2020, accessed April 18, 2021, <a href=”https://www.cnet.com/news/heres-how-social-media-companies-are-fighting-election-misinformation/” rel=”nofollow”>https://www.cnet.com/news/heres-how-social-media-companies-are-fighting-election-misinformation/</a>

[xxvii] Niam Yaraghi, “How Should Social Media Platforms Combat Misinformation and Hate Speech?” Brookings, April 09, 2019, accessed April 18, 2021, <a href=”https://www.brookings.edu/blog/techtank/2019/04/09/how-should-social-media-platforms-combat-misinformation-and-hate-speech/” rel=”nofollow”>https://www.brookings.edu/blog/techtank/2019/04/09/how-should-social-media-platforms-combat-misinformation-and-hate-speech/</a>