Russia’s cyber campaign of interference in the internal politics of Western democracies has been effective. In election after election, Russia’s favorite candidates and parties were helped by Russian cyber operatives to come to power, or increase their electoral strength: Donald Trump in the United States; Marine Le Pen and her Front National in France; Geert Wilders and his Party of Freedom in the Netherlands; the neo-Fascist AfD in Germany, and others. It now emerges that operatives of the GRU, Russia’s military intelligence, also lent stealthy support to the Brexit movement in Britain, the Catalonian independence movement in Spain, the anti-immigration groups in Sweden, and more.
In all these cases, Russia helped populist, nationalist candidates and movements which share an antipathy toward the post-Second World War political, economic, and military order – and toward the institutions which sustained that order: NATO, the EU, the WTO, the UN, and more.
These movements serve Russian interests in yet another sense: many of the followers of these movements have come to believe that the post-Second World War order may serve the interests of detached and cosmopolitan elites in their countries – but at the expense of the economic well-being and cultural preferences of many of the citizens.
The vote for the populist, ethno-nationalist parties, movements, and causes – a rebellion against the “establishment” – is precisely the vote which Russia’s broad, systematic cyber and disinformation campaign was aiming to encourage.
Russia’s calculation was straight forward: Increasing the strength of populist, ethno-nationalist movements in Western countries would weaken the international institutions which promoted a liberal, open international economic order, and the accompanying military organizations, which have kept Russia (and, earlier, the Soviet Union) in check. Moreover, the divisive and polarizing movements Russia supports would intensify discord and rancor along racial, ethnic, and religious lines, thus weakening Western countries – Russia’s main adversaries – even more.
The European establishment, however, appears to be ready to fight back.
The Telegraph reports that in the coming weeks, EU governments are planning to sign a declaration – officially titled “The framework on a joint EU diplomatic response to malicious cyber activities” — which defines cyberattacks on any EUcountry as an act of war, potentially triggering a military retaliation – even including conventional arms – in response.
Sources told the Telegraph that the declaration has been drafted to serve as a deterrent, aiming to put countries — chief among them Russia — on notice: Carrying out cyberattacks and cyberespionage against EU members, either directly or indirectly through cut-outs and non-state actors, would no longer be tolerated. The EU and its members states are no longer going to take such cyberattacks without exacting a price from the perpetrators.
The draft deceleration, now being under consideration by the governments of all EU member states, explicitly warns that any cyberattack could attract a response using conventional weapons in “grave instances.”
The draft declaration states that a country under attack can exercise its “inherent right of individual or collective self-defense” under international law.
Analysts said that the planned EU declaration will be a clear indication by member states of their willingness to invoke the mutual defense clause of the EU Treaty, which allows a member state which finds itself under attack to demand “aid and assistance” from fellow EU governments.
The proposed EU declaration would be similar to a change NATO made to the treaty governing NATO operations: In 2014, NATO updated its cyber defense policy, to make an explicit link between cyberattacks at a certain threshold and the invocation of a NATO’s article 5 collective defense as part of the treaty.
Raj Samani, chief scientist and fellow at McAfee, told the Telegraph that the EU action should be understood against the backdrop of Russia’s cyber-interference in the elections in the United States, Germany, France, and the Netherlands, and North Korea’s WannaCry attacks in May 2017. He said that EU governments want to assert themselves, but that the question of the attribution of a cyberattack should be handled carefully, especially when military retaliation is contemplated.
“While it is important to define cyberattacks that are used for espionage or disruption as they would be when committed by physical actors, the greatest challenge that countries have will be in identifying and proving that the malicious actors that caused the cyberattack have direct links to governmental organizations – something that these groups will be even more keen to conceal going forward,” he said.
More Blacklisted News...