Cyber-attacks intentionally targeted the information systems of the Georgian government, where the flow of communications revolved around particular websites.
In 2008, during the Summer Olympics in Beijing, the Russian armed forces began an invasion of Georgia through South Ossetia. The war with Georgia lasted only five days, and there were less than 1,000 battle deaths reported. The war is important, however, because it was the first time in history that a military strategy incorporated a cyber-attack during armed conflict.
Cyber-attacks intentionally targeted the information systems of the Georgian government, where the flow of communications revolved around particular websites. These cyber-attacks aimed to prevent the government from communicating during the invasion and hinder military coordination. These attacks caused thirty-five percent of Georgian networks to disappear. Russian hackers attacked fifty-four government and news websites, including the website of the Georgian President Mihkail Saakashvili, the Ministry of Foreign Affairs, and the Ministry of Defense. Russian efforts also made several important news sites unstable, such as the Georgian television station R2. The National Bank of Georgia was one of the hardest-hit targets and had to suspend its online services and transactions. The hackers utilized Distributed Denial of Service attacks (DDoS) and malware that prohibited users from accessing websites.
Cyber-attacks were additionally instrumental in helping Russia to control the narrative on the conflict in Georgia. While invading Georgia, Russia provided multiple narratives online as alternate explanations for its actions. They asserted that Georgia was the aggressor in the conflict and Russian intervention was justified in the war to alleviate the oppression of the South Ossetians and Abkhazians.
Russia utilized these cyber-attacks as a force multiplier to enhance its information operations against Georgia. The cyberattacks against Georgia additionally coincided perfectly with the ground invasion of Russian forces. Furthermore, the attacks also helped to mobilize South Ossetians and Abkhazians for the invasion.
The tactical gains by Russian forces, however, through the use of cyberwar were limited. At the time of the invasion, only 10% of the population was connected to the Internet. Fewer people connected to the Internet reduced the impact of cyberattacks. These types of attacks are more effective against networks with more people connected. Nevertheless, these attacks succeeded in helping Russia controlling the narrative of the conflict.
The style of warfare utilized by Russia in Georgia is known as hybrid warfare. It seeks to weaponize information, integrate cyber-attacks, incorporate electronic warfare, and utilize local proxy volunteers known as kontraktniki against both government and civilian targets. Russian hybrid war is designed to deal with regions and states within the periphery of the Russian Federation. This new type of conflict is a blend of information warfare, fielding paramilitary units, using economic pressure, and denial of Russian involvement in the conflict.
In 2013, Valery Gerasimov, Chief of the Russian General Staff of the Armed Forces, presented a report to the Russian Academy of Military Sciences that stated, “the role of nonmilitary means of achieving political and strategic goals has grown. In many cases, they have exceeded the power of force of weapons in their effectiveness.” This approach has become known as the Gerasimov Doctrine. The doctrine furthermore stresses “the need for modern Russian warfare to utilize information in warfare in a 4:1 ratio of nonmilitary to military measures.” Similarly, Russian strategy, as taught in the Military Information Unit of the Russian Department of Defense, is called spetzpropaganda. This distortion of the truth or controlling the narrative through propaganda or psychological warfare is also a large part of the Russian strategy.
Russia uses hybrid warfare by applying military force subversively to further its political goals by undermining a nation’s territorial integrity, political cohesion, and economy. The ultimate objective of Russian hybrid warfare is not the defeat but the destabilization of neighboring countries. Destabilizing neighboring states by supporting pro-Russian separatist movements gives Moscow more influence in the region. Using local groups as proxies for intervention into other countries affords Russia denial of involvement in the conflict. Backing local separatists or paramilitaries indirectly allows Moscow to take advantage of domestic dissent and aid secessionist groups that support Russian policies. To intervene on behalf of these local pro-Russian groups, Moscow must disseminate and control a narrative that portrays them in a positive light. Russian hybrid warfare demonstrates how the narrative dimension of war is becoming critical.
Information warfare is directed at a global audience and seeks to gain a battlefield advantage over the enemy. Today, Russia is conducting information warfare at a degree and sophistication never seen before. Moscow utilizes information warfare to control the narrative of conflict, believing that controlling the narrative of a conflict can afford a state legitimacy. Thus, ultimately victory on the battlefield is achieved not just through combined arms but also by misperception and disinformation.
The goal of information tactics is to alter neighboring states’ domestic and foreign policy while mobilizing pro-Russian groups. The Kremlin seeks to frame these separatist groups in a positive light and control the narrative by the weaponization of information. It is a battle of ideas for the hearts and minds of targeted populations. These information campaigns sow confusion and promote fearmongering. These processes and actors allow the Kremlin to control and alter event narratives. Russia provides multiple false narratives to pollute the information environment and influence the information available to policymakers.
Social media platforms such as Twitter, Facebook, and Instagram play significant parts in Russian spetzpropaganda. Russia uses sophisticated social media campaigns that utilize massive amounts of accounts that disseminate fake or alternate news. Russia floods social media, employing thousands of programmers and hackers with comments on Facebook, Twitter, and YouTube. Moscow backs up this propaganda with sophisticated bot networks or accounts that are run automatically to feed disinformation and manipulation. Moscow additionally deploys information operations troops that regularly create disinformation and post pro-Russian propaganda.
Information warfare is a vital component of Russian strategy in Ukraine. Russia has used the internet via social media to launch multiple narratives of the events in Crimea and eastern Ukraine to sow confusion, promote disinformation, and paint the west in a negative light. Moscow has used online propaganda to control the narrative of events that depict Ukraine as an aggressor against ethnic Russian minorities in the east.
Russia created hundreds of Facebook and Twitter accounts to promote the success of pro-Russian separatists in the east, mobilize support, spread disinformation and hatred, and destabilize the situation in Ukraine. These accounts dominate the conflict’s narrative, portraying the rebels as overthrowing the ‘oppressive’ Ukrainian government. The Russians coordinated many of these accounts across multiple social media platforms from Moscow.
The invasion of Georgia was the testing ground for Russia’s new style of warfare.
Russian hackers similarly used malware to direct traffic to pro-Russian websites. Hackers would overload certain websites with fake complaints, generated from bots, to force Twitter to block pro-Ukrainian websites. Russian trolls used viruses to compromise the information assets of Ukrainian forces and obtain intelligence by attacking engineering systems. These hackers would often hijack existing Ukrainian social media sites and embed them with pro-Russian information.
Learning from operations in Georgia and Ukraine, Russia has adapted its approach across both invasions, identifies successes, and abandons failures. The battleground of these invasions has helped prove the increasing importance of information warfare as a part of modern strategy, which can alter the outcome of a conflict.
The invasion of Georgia was the testing ground for Russia’s new style of warfare. At the time of the invasion, Georgia had three main Internet Service Providers (ISP); none of these were controlled or owned by Russia. With the lack of direct control over the ISPs, Russia could not take over the channels that information traveled; instead, Russian cyberattacks had to be utilized to undermine information flow. Websites were shutdown, DDoS attacks were used, and malware was planted to prevent information from being accessed. Sabotaging information flow and spreading vast amounts of disinformation allowed Moscow to prevent Georgia from successfully developing a counter-narrative during the conflict.
Moscow utilized a different approach with the 2014 invasion of Ukraine. Information operations were much more effective in Ukraine. Most importantly, in Ukraine, most of the ISP providers are controlled by Russian agencies. Therefore, the style of cyberattacks seen in Georgia was not mainstream in Ukraine; there was no need to sabotage or paralyze the information systems that Russia controlled. Instead, information operations were concentrated using social media. Social media allows users to flood the internet with so much false traffic and disinformation on the conflict that when an average person uses a search engine, such as Google, that they will not be provided with an accurate narrative of the events as they unfold.
Perception management has also been a critical feature of Moscow’s information warfare in Ukraine. Perception management is a subset of information warfare; it seeks to create a self-interested narrative that justifies the action of a state and provides those actions with legal legitimacy. Part of the perception management campaign was the idea of self-determination for Crimea and the separatist republics. Perception manipulation justified Russian intervention into the conflict on cultural and historical ties with the separatists.
Moscow used hybrid warfare in Georgia and Ukraine to target groups of people that share historical, ethnic, and cultural similarities with Russia. Many of these groups self-identify as Russian and seek a closer alignment with Moscow. Russia used these groups as local proxy paramilitary forces to undermine neighboring countries by promoting separatism and secessionism. Russia disseminated information about the oppression that these groups face as “Russian ethnic minorities” in their home country. The Kremlin’s information operations constructed the narrative that these groups are mobilizing at the grassroots level to secure their collective rights in the face of government repression. Hundreds of fake social media accounts backed by Russian hackers using malware and cyber-attacks fed the news and online community with disinformation designed to distort the truth that these groups are backed by Russia to promote domestic dissent. Russia disseminated massive amounts of propaganda to the international community to govern the perception that these groups are legitimate in their struggle to be free and establish their independence.
The Russians use hybrid warfare to destabilize surrounding countries. Its effective use in Georgia and Ukraine demonstrates its importance on the modern battlefield. Hybrid warfare emphasizes the importance of informational operations and the weaponization of information over conventional military strategy in new Russian military doctrine. The successful Russian armed incursions into Georgia and Ukraine illustrate how informational elements of hybrid warfare are becoming more important than kinetic military strategy.
The wars of the future will not be conventional battles but conflicts over who can control information and narrative. Russia’s hybrid warfare emphasizes the importance of weaponizing information in military doctrine. The success of the Georgian and Ukrainian invasions suggests that Russia can use hybrid warfare to destabilize other neighboring countries. Furthermore, these invasions demonstrate the shift from cyber-attacks to a greater reliance on social media for subverting surrounding nations. Sophisticated informational campaigns are used to uphold the legitimacy of groups claiming ethnic separation or autonomy who seek a closer alignment with Russia. Russia will exploit these groups to undermine states that fall within its self-determined sphere of influence. The Ukrainian invasion, moreover, demonstrates the importance of Russian control over foreign internet service providers. Russian dominance over ISPs allows Moscow to control, filter, influence, and direct internet traffic; this can lead to domestic instability and allow an aggressive nation to construction a positive narrative that alters the global perception regarding their actions.
Countries that desire to mitigate the effectiveness of Russian hybrid warfare should set domestic policy and legislation limiting the extent and percentage that Russian owned or backed companies can control domestic ISPs. Today, most people receive their information electronically. States should ensure better protections against attacks directed at the news and information websites. The Russian campaign successfully controlled the narrative during the invasion of Georgia because it had paralyzed the state news websites. Therefore, better protections to safeguard online information sources is vital. In addition, more secure information sources will prevent Russia from dominating the information sphere with a single narrative. Information warfare becomes stronger as more people become connected to the internet. More connected individuals who use social media platforms represent a stronger incentive for Russia to target information operations. States need to partner with big tech or social media companies, especially in areas with rapidly increasing populations, to learn how to combat Russian information operations. These efforts can limit how Russia utilizes platforms such as Facebook and Twitter to mobilize proxy forces in potential separatist areas.
Thomas Deen is a PhD student in International Affairs at the University of Georgia. His interests largely focus on the intersection between violent political conflict and technology. The views expressed in this article are those of the author and do not necessarily reflect those of the U.S. Army War College, the U.S. Army, or the Department of Defense.
Photo Credit: Image by Gerd Altmann from Pixabay