Putin Uses Psychiatrists For Social Engineering Attacks Against Individual Targets



Vladimir_Putin_Photo_AP

Newsweek cross-posted an article that first appeared on The Daily Signal, and this is extremely relevant to what we are battling here today.

Kiev, Ukraine—Since 2014, Russia has used Ukraine as a testing ground for its hybrid warfare doctrine, underscoring what some security experts say is a case study for the new kinds of security threats the U.S. and its Western allies can anticipate from Moscow.

“The threats Ukraine faces are harbingers of things to come for the U.S. and its other allies,” said Junaid Islam, chief technology officer and president of Vidder, a California-based cybersecurity firm that does work in Ukraine.

“It is in the national strategic interests of both the United States and Ukraine to cooperate deeply in cybersecurity, because Ukraine is a canary in the cyberspace coal mine,” Islam told The Daily Signal.

A top Ukrainian security official recently disclosed a cyberwarfare tactic honed by Russia in Ukraine, which could be a bellwether for Russia’s next act of political warfare against the U.S.

The Ukrainian government recently has been attacked by “undetectable” computer viruses that target “particular individuals, in particular departments, and they’re constructed based on the social understanding of social media by particular people,” Dmytro Shymkiv, deputy head of the Presidential Administration of Ukraine on Administrative, Social and Economic Reform, explained this month during the Future in Review conference in Park City, Utah.

Russia recruits psychiatrists, scientists, and neurologists for social engineering attacks

“Russia recruits psychiatrists, scientists, and neurologists, who construct these things to target particular individuals,” Shymkiv said.

According to Ukrainian security officials, Russian agents build a psychological profile of their mark through his or her social media footprint. Then, using that information, the Russians can make personalized computer viruses, or run a social media influence operation specifically crafted with that one particular person in mind.

“People say, ‘Well, that’s a science fiction.’ It’s not,” Shymkiv said. “When the annexation of Crimea took place, [Russia] shut down the internet to Ukraine, and they used social media to influence people’s behavior. And you can influence people’s behavior. You do it in a nice way, posting things to their friends, et cetera. There’s a whole factory in Russia doing this.”

This is known in the cybersecurity world as “social engineering”—a form of cyberattack in which people are psychologically manipulated into performing actions or divulging confidential information. According to some security experts, the best defense against this kind of threat is education.

“Man is the weakest link in the chain of information technology,” Mykhailo Vasyanovich, head of the Public Council for the Ministry of Information Policy of Ukraine, told The Daily Signal.

“With such cyberattacks, which are now taking place in Ukraine, it is necessary to raise the level of information technology literacy of users by conducting educational work on cybersecurity among employees of private and state enterprises,” Vasyanovich said.

Some experts worry this reliance on the security savvy of internet users to fend off Russian cyberattacks might be a vulnerability for the U.S.

“What may especially worry the U.S. is that Russia targets influential individuals, such as journalists or political analysts, especially those of rather skeptical approach toward Moscow,” Daniel Szeligowski, senior research fellow on Ukraine for the Polish Institute of International Affairs, told The Daily Signal.

“Unlike institutions or infrastructure, they don’t have state protection and are thus vulnerable to intimidation and blackmailing,” Szeligowski added. “And given the rising popularity of social media, such a threat is even more widespread.”

Hybrid War

Russia’s hybrid attacks against Ukraine have included, but are not limited to:

  • Using social media to shape public opinion among an adversary’s population.
  • Turning commercially available computer software into a tool for espionage and cyberwarfare.
  • Exploiting smartphones to spy on and wage psychological warfare against an adversary’s military forces.
  • Using cyberattacks to undermine an adversary’s electoral process.
  • Using pseudo-news reports to push a propaganda line that sows division within an adversary’s national culture.

All of these tactics have also been used by Russia against the U.S. since Russo-American relations took a nosedive in the fallout over Russia’s military aggression against Ukraine in early 2014.

“Ukraine is a perfect testing ground for hybrid warfare,” Szeligowski said. “Thus, it is no wonder that Russia has already seized the opportunity, and in Ukraine it has made a dry run of all sorts of its offensive techniques.”

Russian hybrid warfare is not covert warfare. Rather, it’s the combined use of conventional military force with other means such as cyberattacks and propaganda to sow chaos and confusion—both on the battlefield and deep behind the front lines.

Hybrid warfare is an evolving threat spanning every combat domain. Particularly, hybrid warfare weaponizes many pieces of everyday life, including smartphones, social media networks, commercially available computer software, and journalism.

Russia Field-Tested Hybrid Warfare in Ukraine. Why That Cyberthreat Matters for US.

 HybridWarfare

U.S. forces participate in a NATO exercise in Estonia in June, simulating a hybrid warfare attack from an unnamed adversary. (Photo: Nolan Peterson/The Daily Signal)

“Russia is testing in Ukraine both procedures and concepts, which later on are being applied in the West—such as during the U.S. and French elections,” a Polish security official told The Daily Signal on background, asking not to be named due to professional restrictions on speaking to the media.

“In short, Ukraine remains for Russia a crucial hybrid warfare battleground and testbed,” the security official said. “The Russian hybrid warfare model is being further developed, perfected, and tested as we speak. Russia’s ability to escalate rapidly across the whole spectrum of conflict makes the West prone to the ‘surprise effect.’”

Russia’s use of social media and cyberattacks as weapons of war might be innovative, but, at its core, it’s a modern revamp of a Cold War-era idea.

Hybrid warfare is the Kremlin’s contemporary take on a Soviet military doctrine called “deep battle,” in which front-line combat operations are supported with operations to spread chaos and confusion deep within the enemy’s country. Hybrid warfare also draws on the Soviet Union’s well-documented history of “influence operations” against the U.S. and other Western allies.

In effect, Russia’s overall strategy to undermine the West hasn’t changed all that much from the Soviet Union’s playbook. But the world in which those Soviet theories are now put into practice is a radically different one than during the Cold War.

The advent of the internet, and social media in particular, has given the Kremlin direct access to the populations of its adversaries—bypassing the gatekeeper role America’s media institutions used to play.

“Everything today is digitized, including phone and mail services, and everything runs on the same network,” Kenneth Geers, ambassador of NATO’s cybersecurity center and a senior fellow at the Atlantic Council, told The Daily Signal. “There is only one internet, and one cyberspace, inhabited by all of the world’s citizens, soldiers, spies, and statesmen.”

Meanwhile, Americans’ distrust in their media institutions has reached historic levels. Russia has stealthily taken advantage of Americans’ crisis of confidence in the media to permeate the U.S. news cycle with misinformation spread by propaganda mouthpieces cloaked as alternative news sources, such as RT and Sputnik.

Lessons Learned

Some commercial cybersecurity firms have stepped in both to harden Ukraine’s cyberdefenses and use lessons learned from Ukraine to craft better defenses for the U.S. to counter Russia.

“With the world increasingly digital and connected, Ukraine is of strategic, vital interest to the West,” said Greg Ness, a cybersecurity specialist and vice president of marketing at Vidder. “What happens in Ukraine doesn’t stay in Ukraine.”

California-based Vidder has put together a team of cybersecurity experts to comprise the core of a proposed U.S.-Ukraine cybersecurity center with offices in Kiev, Washington, and Silicon Valley.

“By ensuring that Ukraine adopts leading cybersecurity solutions and best practices, we will not only provide Ukraine with the best protection from cyberattacks, but it also helps U.S. experts develop new and more effective technologies and strategies in the future,” Islam, Vidder’s president, told The Daily Signal. “It will also help establish Ukraine as a secure, stable, prosperous, and reliable ally in Eastern Europe.”

The war in Ukraine has shaped how NATO forces are training for the next military conflict. On Thursday, NATO and Ukraine launched a joint center to counter hybrid warfare. The center is part of the Comprehensive Assistance Package that NATO pledged to Ukraine during the alliance’s summit in Warsaw last year.

According to NATO, the joint center will be “a platform for identifying lessons learned from hybrid war in Ukraine.”

For its part, the U.S. military has reportedly been studying the war in Ukraine to shape its own military doctrine.

Lt. Gen. H.R. McMaster, the Trump administration’s national security adviser,  recently directed a study to analyze Russia’s hybrid warfare tactics in Ukraine in order to craft recommendations for the U.S. Army.

Szeligowski added, however, that not all of Russia’s hybrid warfare tactics in Ukraine would be effective against the U.S.

“There is a yawning gap between Ukrainian and American cyber capabilities, not to mention cultural and linguistic differences between Russians and Americans,” Szeligowski said. “But it goes beyond any doubt that, at least at some point, Russia already used hybrid warfare instruments against the U.S.—and did it effectively.”

Hybrid Way of Life

The effects of Russia’s proxy war against Ukraine are limited to a 250-mile-long static front line in southeastern Ukraine’s Donbas region. The war is moderated in intensity and is geographically frozen according to the rules of the February 2015 cease-fire deal, known as Minsk II.

More than 10,100 Ukrainians have died so far in the war. The conflict has displaced about 1.7 million people. Yet, the physical consequences of the war are quarantined from most of the country. Outside the range of the artillery, mortars, rockets, and tank shots, you’d hardly know there was war going on.

On a physical battlefield, a war extends as far as the range of the weapons used. In hybrid warfare, however, the battlefield knows no limit.

Consequently, there’s hardly any part of Ukrainian life that hasn’t been affected by Russia’s ongoing hybrid war.

Russian cyberattacks have hit Ukraine’s power grid, water supply systems, the country’s banking system (shutting down ATMs), its largest international airport, and the electoral process.

In December 2016, a cyberattack, which Ukrainian officials attributed to Russia, took down one-fifth of Kiev’s electrical grid. Since 2014, Ukrainian security services have thwarted numerous cyberattacks in which malware from abroad was used in attempts to steal classified information from Ukrainian government networks.

In the eyes of Ukrainian security officials, the internet has become as much of a battlefield as the trenches in the Donbas region. The main goal of Russia’s information warfare, according to Ukrainian security officials, is to incite civil unrest throughout all of Ukraine and to undermine the government’s credibility.

Since 2014, Ukraine has established a Situation Center for Cybersecurity, and Ukrainian officials have fostered closer ties to Western intelligence agencies to bolster their cyberdefenses.

Security State

Russia’s purchase of $100,000 worth of Facebook advertisements in the run-up to the 2016 U.S. presidential election sparked a media frenzy in America and an outcry from lawmakers for social media sites to provide better transparency about the identity of those who purchase advertisements on their sites.

In Ukraine, Russia has been exploiting social media as a weapon of war for years.

In a sweeping ban announced in May, Ukrainian officials banned Russian internet search engines, including Yandex, as well as popular Russian social media sites such as VKontakte, which millions of Ukrainians used.

The ban prompted some pushback from Ukrainians, who used these sites for many daily tasks and for social reasons. But Ukrainian officials insisted the sites posed a national security threat, which warranted the free speech trade-off.

Also in May, Ukraine banned commercially available Russian software, including anti-virus software from Moscow-based Kaspersky Lab—the same company U.S. officials now say was used as a Trojan horse for Russian intelligence agencies to steal classified information from the U.S. government.

“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security,” the Department of Homeland Security said in a Sept. 13 statement posted to its website.

U.S. intelligence officials said Russian intelligence services had modified anti-virus software from Kaspersky Lab to clandestinely search computers around the world for classified U.S. government documents and top-secret information.

“Possessing a worldwide deployment of sensors may be too great a temptation for any country’s intelligence service to ignore, and Kaspersky may have been forced into a quiet business partnership with the Russian government,” Geers, the NATO cybersecurity specialist, said.

Similarly, news reports recently detailed how Russian military forces have been targeting the smartphones of NATO troops to gather intelligence.

Ukrainian soldiers in the eastern war zone have long been advised by their leaders not to turn on their smartphones while in the war zone. Russian forces reportedly have used the cell signals emitting from Ukrainian soldiers’ phones to target its artillery.

And for years Ukrainian soldiers have reported receiving death threats and demands for their surrender from their enemies over cellphone text messages.

New Weapons

Journalism has been one of Russia’s most lethal weapons against Ukraine.

Ukrainian officials have banned a slew of Russian TV stations from broadcasting in Ukraine, and foreign journalists accused of spreading Russian propaganda have been booted out of the country.

Anti-propaganda outlets in Ukraine such as StopFake.org also monitor media reports for Russian disinformation and are dedicated to setting the record straight.

To counter Russian propaganda in the war zone, Ukraine’s government has rebuilt its TV and radio broadcast network in the east—which Russia and its separatist proxies destroyed in the opening days of the war.

For years, Ukrainian citizens in eastern Ukraine could access only Russian TV channels for their news. Now, Ukraine has taken back control of the airwaves. While not as evident or as spectacular as the artillery bombardments and the tank battles, the battle for broadcast dominance in eastern Ukraine is a key piece of the overall war effort for Kiev.

After all, many Ukrainian citizens in eastern Ukraine can’t tell whether the artillery they are living under is fired from Ukrainian or Russian forces. And so long as they had access only to Russian television networks—which exclusively painted Ukrainian forces as the aggressor and, consequently, responsible for all civilian casualties—public opinion toward Ukraine’s central government was under an endless stress test as the war dragged on.

Now, with Ukraine able to defend itself on the airwaves, Russia has lost a potent weapon to turn the citizens of eastern Ukraine against their own government.

Similarly, U.S. lawmakers have debated how to defend the U.S. population against Kremlin-backed news outlets, including RT (formerly Russia Today) and Sputnik, which U.S. officials have called out as Russian propaganda mouthpieces.

The FBI reportedly has turned to a U.S. law intended to prevent the spread of Nazi propaganda to determine whether the two Russian media outlets should register as foreign agents.

In America, as has been the case in Ukraine, manipulation of the media by a foreign power increasingly is regarded as a hostile act warranting retaliation.

“America has experienced a sustained attempt by a hostile power to feed and exploit our country’s division,” former President George W. Bush said in an Oct. 19 speech in New York.

Russia “has made a project of turning Americans against each other,” Bush said, adding, “Foreign aggressions, including cyberattacks, disinformation, and financial influence, should never be downplayed or tolerated.”

Nolan Peterson, a former special operations pilot and a combat veteran of Iraq and Afghanistan, is The Daily Signal’s foreign correspondent based in Ukraine.




Subscribe To Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews