Future of the Russian Cyber Defense

November 24, 2023

In the contemporary world, emerging technologies have dramatically changed the nature of wars, particularly following the appearance of a new domain for interstate competition and rivalry, which is cyberspace. As such, the conflicts, both existing and novel, become increasingly complex while the states acquire the possibility to cause severe damage to their adversaries with no troops on the battlefield.

For the Russian Federation, it is indispensable to maintain strategic balance, advantage, and (often) superiority in the cyber domain compared to its primary competitors, specifically the United States along with the European countries (e.g., the United Kingdom)[1]. Russia realizes the significance of having the edge among all the existing spheres, including cyberspace and artificial intelligence, as today’s conflicts are gradually shifting towards unmanned technologies and virtual domains.

Concerning cyber warfare, the Russian Federation is now considered to be one of the leading cyber powers in the world. Significantly, Russia has moved away from traditional (and simpler) phishing and denial-of-service attacks toward more sophisticated and complex cyber operations, such as the credential harvesting, supply chain compromises, infiltrating critical service provider platforms[2].

In brief, the current Russian cyber capabilities allow the state to win any battle with no fighting by disengaging an adversary’s command and control systems. Nonetheless the conflict in Ukraine has demonstrated that the world is still far from the predicted digital wars, with the dramatic prevalence of conventional forces on the contemporary battlefields. Respectively, in the context of the Special Military Operation, the Russian Federation has not been using its cyber potential, but instead, most cyber activities in Ukraine are used for intelligence[3]. In spite of the fact that experts foresaw a new generation war over Ukraine, it is still being waged by traditional means.

Nevertheless, all the aforementioned does not mean that it is meaningless to achieve and maintain a strategic advantage within the cyber domain. Conversely, due to the increasing tensions with the political West, cyber defense has become increasingly essential for the Russian Federation. It starts from information warfare and media propaganda and goes through possible attacks on the Russian critical infrastructure alongside command and control systems. Thus, that is in the Russian interests to possess the most technologically advanced cyber capacities.

In brief, there may be two predominant tendencies in Russian military planning today:

The ongoing military operation that requires greater conventional military forces, and

The necessity to keep up with others in the cyber domain and maintain Russian superiority in cyberspace.

Nonetheless, it is hardly possible to pursue both paths. The principle issue is that the resources are not infinite, and for the need of the Special Military Operation, Russia is to rationally allocate the existing resources either toward cyber warfare or conventional weaponry. Similarly, there is a need in reconsidering the approach toward the cyber domain and reformation of the existing rules, laws, and principles that all the actors involved are expected to follow.

Therefore, there might be three trajectories for further military maintenance and development:

Concentrate maximum available resources on maintaining the conventional capabilities to nourish the Special Military Operation.

Reform the institutional structure of the Russian military forces by establishing a separate branch liable for maintaining national cybersecurity.

There is no cyber command in Russia today. The FSB, the SVR, the military, and the Presidential Administration are all involved in the cyber activities of the Russian Federation. Although they coordinate cyber operations involving several agencies and non-state or quasi-state entities, there is no joint cyber command. There is no distinct division of operational responsibility and no standardized reporting or accountability framework. Instead, there is an informal structure of ties in which political expediency may take precedence over operational efficiency, which governs Russia’s cyber-active agencies and individuals[4]. Respectively the establishment of a new military brunch, such as a Cyber Command, could be another way of further cyber modernization.

Strengthen the public-private partnerships over national cybersecurity issues.

Today, there is no comprehensive partnership between the public and private sectors on the issues of national security. Even though there are some private companies like Positive Technologies or Innovation Centers within Skolkovo, the tendency is that the government and, specifically, the Ministry of Defense is controlling (sometimes through privatization) all the activities that pertain to national sovereignty, integrity, and security. As such, it is reasonable to recall the state-sponsored ERA Technopark or the Advanced Research Foundation[5]. In the current realities, when the military forces are gripped by the ongoing conflict in Ukraine and require maximum resources to continue fighting, it seems reasonable to give more freedom to the private sector in cyber.

It seems relevant, in short-term, to follow the 1st option and to temporarily neglect the incremental enhancement of State’s cyber capabilities. Russia is currently possessing one of the most advanced cyber offense and defense potentials, which is supposed to be relevant and up-to-date for the next few months or so. Ultimately, Russia is now placed in the position of a choice and if analyzing the consequences of the loss in the ongoing conflict with the West, there must be no way back.

Yet the Russian cyber defense architecture should be reformed in the future. From a long-term perspective, options 2 and 3 are equally salient. It is both a matter of prestige and a matter of national security to possess self-sufficient cyber capabilities. Still, the organizational structure seems to be outdated and requires more innovative ideas, one of which could be the establishment of a Cyber Command as a separate branch of the Russian Military.

Apart from that, based on the examples of the Skolkovo Innovation Centre and Positive Technologies, there is a high potential for further development of national cyber capabilities with support from and cooperation with the private sector. For a long time, the Russian government has been neglecting the operational freedom of companies that touch upon the issues of national security. Yet it can and should be reconsidered in the future to be increasingly efficient and innovative.

[1] Russia is ranked 5th in the Global Cyber Security Index (ITU) and 3rd in the National Cyber Power Index. Global Cybersecurity Index // ITU. URL: https://www.itu.int/epublications/publication/D-STR-GCI.01-2021-HTM-E (accessed 18.11.2023) ; National Cyber Power Index // Belfer Center. URL: https://www.belfercenter.org/publication/national-cyber-power-index-2022 (accessed 18.11.2023).

[2] Wolff J. Understanding Russia’s Cyber Strategy // Foreign Policy Research Institute. July 6, 2021. URL: https://www.fpri.org/article/2021/07/understanding-russias-cyber-strategy/ (accessed 18.11.2023).

[3] Bateman J., Beecroft N., Wilde G. What the Russian Invasion Reveals About the Future of Cyber Warfare // Carnegie Endowment for International Peace. December 19, 2022. URL: https://carnegieendowment.org/2022/12/19/what-russian-invasion-reveals-about-future-of-cyber-warfare-pub-88667 (accessed 19.10.2023).

[4] Soldatov A., Borogan I. Russian Cyberwarfare: Unpacking the Kremlin’s Capabilities // Center for European Policy Analysis. September 8, 2022. URL: https://cepa.org/comprehensive-reports/russian-cyberwarfare-unpacking-the-kremlins-capabilities/ (accessed 19.10.2023).

[5] See The official website of the ERA Innovation Technopark // URL: https://mil.ru/era.htm (accessed 19.10.2023) ; The official website of ARF // URL: https://fpi.gov.ru/ (accessed 19.10.2023).

Key words: Global Security; Cybersecurity