Circling the Lion's Den

Cyber wars

The KGB's successor in the electronic intelligence field was the Federal Agency of Government Communications and Information (the FAPSI), built on the basis of the 8th and 16th departments of the KGB (encoding/decoding and Radio interception respectively).

Like the U.S. NSA, the FAPSI was responsible for communications security and signals intelligence, and though by no means enjoying the same financing as the NSA, the FAPSI inherited the KGB's excellent mathematics school (now the FSB’s Institute of Cryptology), its facilities abroad (including two SIGINT/ELINT bases oversees, in Cam Ranh Bay, Vietnam and Lourdes, Cuba1) and the so-called Third Chief Directorate. Only a few people outside the Agency were in the know of its official name – the GURRSS (Glavnoye Upravlenie Radioelectronnoi Razvedki Na Setyah Svyazi – the Main Directorate of Electronic Intelligence on Communications), which was in charge of electronic interception abroad. The cyber-facilities of the FAPSI were highly estimated by American experts: the FAPSI was said to have both the authority and capability to penetrate all government and private information services in Russia. It also has reportedly been successful in collecting intelligence on foreign business ventures, including confidential bank transactions.

From the mid-90s the FAPSI leadership did not hide its interest in controlling the Internet: in 1996 FAPSI's deputy director, Colonel-General Vladimir Markomenko claimed in the State Duma's hearings that “the Internet poses a threat to National Security”ii, and the Agency was duly empowered to monitor all electronic financial and securities transactions and other electronic communications, including private Internet access; the FAPSI was even developing its own Internet service provider to serve the Russian government bodies: in 1996 FAPSI together with one of its commercial offspring, the Scientific – Technical Centre Atlas set up the “Business Network of Russia” company accessible to paying clients.

But like its counterparts in other parts of the world, the FAPSI was a victim of the notion that the main threat posed by the Internet was potential vulnerability of government resources and communications, carried out by foreign intelligence services or terrorists. That position might be explained by the Cold war legacy when the KGB, NSA and GCHQ were engaged in breaking their enemies’ codes and ciphers, but the same time it was highly profitable for raising of information security market’s profits, where the FAPSI was not only the controller, but also the biggest player.

Unlike the NSA, the FAPSI was authorized to engage in commercial operations. It built up a business empire consisting of state-owned companies specializing in developing information security software. At the same time the agency was responsible for maintaining both government and presidential information systems and communications, thus decided who would be chosen to fulfil government contracts in this field. And the FAPSI has been issuing software licences in the state and private institutions. Thus it enjoyed a unique position: companies and individuals were not allowed to develop their own computer security systems but had to buy those already available, and with a FAPSI licence. Hardly surprisingly, in the late 90s, out of 23 security systems for Internet users licensed by FAPSI, 21 were produced by the same company.

The FAPSI’s approach to the threats posed by the Internet was strengthened and secured for the years ahead by positions of the Agency in the Kremlin. Vladislav Sherstyuk, a former chief of the Third Chief Directorate of the GURRSS and director of the FAPSI in 1998-1999, was placed into the Security Council of the Russian Federation in December 1999 to preside over the information security section.

As a result, the presentation of hostile intrusion as the main threat for Russia in the Internet became an essential part of the Russian concept of information warfare. In 1997 Vladimir Markomenko, then the deputy director of FAPSI and the only official voice to define Russian Information Warfare, asserted that the "information war" concept comprises four components:

  • 1. The suppression of components of the infrastructure of state and military administration (destruction of command and control centres); electromagnetic pressure on components of the information and telecommunications system (electronic warfare)
  • 2. Acquisition of intelligence through intercepting and deciphering information flows transmitted via communications channels, also though spurious radiation, and through electronic information intercepting devices especially planted in premises and in technical systems (electronic intelligence)
  • 3. Unauthorised access to information resources (by the use of software and hardware for penetrating systems for the protection of enemy information and telecommunications systems) with subsequent distortion, destruction, or theft, or a disruption of the normal operations of these systems (hacker warfare)
  • 4. Formation and mass dissemination by enemy information channels or global data interaction networks of disinformation or tendentious information for influencing the opinions, intentions, and orientation of society and decision makers (psychological warfare).*

If the first three components presented an obvious military view suitable for conventional war, the last point was thought to mean the threat posed by foreign news outlets, not by websites: for example, in the Doctrine of Information Security, signed by President Putin in September 2000 (written by Sherstyuk’s section in the Security Council), among the threats is listed “the ouster of Russian information agencies and mass media from the internal information market and the strengthening of dependence on the spiritual, economic and political spheres of social life in Russia on foreign information structures”.

Not surprisingly, all these efforts proved to be useless in 1999 when it turned out that Chechen rebels used the Internet for propaganda and recruitment, but not for attacking the government websites. It never changed the FAPSI’s assumption, and when in 2003 the FAPSI was disbanded, the Third Chief Directorate GURRSS was absorbed by the FSB along with its approach to the Internet.

Agentura.Ru

---

* Nezavisimoye voyennoye obozreniye 16-21.08.1997 "Vladimir Markomenko. Invisible, Drawn-Out War" Markomenko lists the functions of Russian IW and describes them in this article