Information Warfare: The Perils And Protections Of Poland

Archives

May 31, 2020: Russia is again hacking Polish military websites, this time to leave false documents criticizing the current Polish government and Polish support for NATO and the United States. In April, one such fake document inserted into a Polish military school website, allegedly from the director of the school, criticized NATO and the Polish government. The Poles, like other East European NATO members, plus non-member Ukraine, learned over the past fifteen years to be alert to such disinformation operations and the fake letter was quickly noticed and removed. There have been a number of similar attacks on Polish military and civilian web sites which are more annoying to the Poles than useful to Russia. It is suspected that this operation was probably some kind of training exercise for Russian hackers.

For years Russia has been developing and testing military grade Cyber War weapons on real targets and finding out what works and what needs improvement. The problem with this is that most of the testing is conducted on weaker neighbors Russia is not getting along with. For example, in late 2015, a large part of western Ukraine suffered a power blackout. Some 1.4 million homes and businesses went dark for several hours because of a computer virus (BlackEnergy) believed to be Russian and deliberately deployed against Ukraine to disrupt power plants and the electrical distribution system. From the beginning Ukraine suspected that this was a Cyber War attack carried out by Russia as it was the kind of attack that had no monetary reward, but was the sort of thing one nation would use on an enemy in wartime. Russia denied any involvement, but the Russians always say that even when there is a pile of evidence proving otherwise.

NATO Cyber War advisers immediately went to work helping Ukraine sort out how the attack was carried out and how to protect against future attacks. The investigation concluded that the attacker had first got access to the networks of three small energy companies using spear-fishing attacks. These are carried out using official looking emails that have an attachment which, when opened, secretly installs software that gives the attackers access to the company network. After that several other specialized bits of malware (hacker software) were used to map the compromised networks and then carry out crippling attacks. NATO Cyber War investigators found clear evidence of a professional style attack on the energy company networks including careful reconnaissance of the target network to see what items had to be disabled to cause the most damage. The NATO experts gave Ukraine a long list of changes that would have to be made to government and corporate networks associated with all utility (power, water, and so on) and industrial networks.

The forerunner of this Ukraine attack hit tiny Estonia (population 1.3 million) as early as 2007. In response, Estonia, also NATO member, made a lot of changes and in 2015 formed a Cyber War militia. All this because Russia keeps threatening another major Cyber War offensive. Despite its small size, Estonia is the most technically advanced (on a per-capita basis) nation in East Europe and was able to recruit several hundred skilled volunteers who are hard at work pooling their knowledge and skills to better handle more Cyber War aggression from Russia. Ukraine, despite being the largest East European nation, is much less well prepared to form another Russian Cyber War attack.

Estonia borders Russia which makes Russia reluctant to come in with tanks to take over as they did twice in the 1940s. Instead, Russia made a major effort to crush Estonia via major Internet based attacks in 2007. Estonia survived that “invasion” but admitted that this sort of Russian aggression caused considerable financial damage. In the wake of these Russian Cyber War attacks Estonia demanded that the UN and NATO declare this sort of thing terrorism and dealt with accordingly. NATO tried to be helpful, but that wasn’t enough. The UN was even less helpful as the UN has a hard time getting anything done when Russia is involved because Russia is one of the handful of founding members that have a veto over such decisions.

NATO did make an effort and in 2008 established a Cyber Defense Center in Estonia. This was the most tangible NATO response to Estonian calls for NATO to declare Cyber War on Russia. NATO agreed to discuss the issue but never took any action against Russia. The Cyber Defense Center was a consolation prize, and studies Cyber War techniques and incidents and attempts to coordinate efforts by other NATO members to create Cyber War defenses and offensive weapons. NATO believes this may have deterred Russia from making more Cyber War attacks. Estonians were not convinced because Russia then went ahead and invaded Georgia (a nation of four million in the Caucasus) in 2008 and Ukraine in 2014, and still makes very public threats against Estonia. But the Cyber Defense Center in Estonia has proved to be a valuable resource for other nations looking to improve their Cyber War defenses, especially against Russia.

Cyber Wars have actually been going on since the late 1990s and they are getting worse. It started in the 1990s as individuals attacked the web sites in other nations because of diplomatic disputes. This was usually stirred up by some international incident. India and Pakistan went at it several times, and Arabs and Israelis have been trashing each other’s web sites for years. The Arabs backed off at first, mainly because the Israeli hackers are much more effective. But in the last few years, the Arabs have acquired more skills and are back at it. Chinese and Taiwanese hackers go at each other periodically, and in 2001, Chinese and American hackers clashed because of a collision off the Chinese coast between an American reconnaissance aircraft and a Chinese fighter. That was just the beginning for China, which now regularly makes major hacking attacks on the U.S. and other NATO members.

Since 2005 these Cyber Wars have escalated from web site defacing and shutting down sites with massive amounts of junk traffic (DDOS attacks), to elaborate espionage efforts against American military networks. The attackers are believed to be Chinese, and some American military commanders are calling for a more active defense (namely, a counterattack) to deal with the matter.

The Russian attacks against Estonia were the result of Estonia moving a statue, honoring Russian World War II soldiers, from the center of the capital to a military cemetery in the countryside. The Estonians always saw the statue as a reminder of half a century of Russian occupation and oppression. Russia saw the statue move as an insult to the efforts of Russian soldiers to liberate Estonia and enable the Russians to occupy the place for half a century. The basic problem here is that most Russians don't see their Soviet era ancestors as evil people, despite the millions of Russians and non-Russians killed by the Soviet secret police. The Russians are very proud of their defeat of Nazi Germany in World War II, ignoring the fact that the Soviet government was just biding its time before it launched its own invasion of Germany and Europe in general. All this means little to anyone from outside East Europe, but for any nation neighboring Russia these Russian resentments have to be carefully monitored.

While many Russians would have backed a military attack on Estonia to retaliate for the insult by an ungrateful neighbor, this approach was seen as imprudent. Estonia is part of NATO and an attack on one NATO member is considered an attack on all. It's because of this Russian threat that Estonia was so eager to get into NATO. The Russians, however, believe that massive Cyber War attacks will not trigger a NATO response. They were so sure of this that some of the early DDOS attacks were easily traced back to computers owned by the Russian government. When that got out, the attacks stopped for a few days and then resumed from what appear to be illegal botnets. Maybe some legal botnets as well. Russian language message boards were full of useful information on how to join the holy war against evil Estonia. There's no indication that any Russians are afraid of a visit from the Russian cyber-police for any damage they might do to Estonia. And the damage has been significant, amounting to millions of dollars. While no one has been injured, Estonia is insisting that this attack, by Russia, should trigger the mutual defense provisions of the NATO treaty. It didn't, but it was a reminder to all that Cyber War is very real except when it comes time to fight back.

Poland is the largest of the East European NATO members and is particularly hostile towards Russia because for several centuries Russian has been threatening, attacking, and, during the Cold War, occupying “independent” Poland with a large military force. The Russians still express open contempt for Poland, especially now that Poland is a member of NATO and reequipping its military with superior Western weapons in place of the Russian equipment they were forced to use during the Cold War. Poland has obtained F-35A stealth fighters, missile-defense systems and even German tanks. Poland has become far more prosperous than Russia and reminds the Russians that, unlike 1939, when Russia and Nazi Germany formed an alliance and invaded Poland, this time around Poland has been assured that their current allies would intervene if Russia tried anything like that again. In 1939 Poland had assurances from Western nations, especially Britain and France, that military aid would be available if Poland were attacked. Britain and France declared war on Germany over the invasion but that was it. This time NATO forces are regularly coming to Poland for joint training exercises, in part to convince Russia that there would not be another 1939. This time the Germans are on Poland’s side.

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close