A presentation from October 2018 produced by the Dutch Ministry of Defense describing the Russian Main Intelligence Directorate’s cyber operations against the Organisation for the Prohibition of Chemical Weapons.
BOD 17-01 requires all federal executive branch departments and agencies to (1) identify the use or presence of “Kaspersky-branded products” on all federal information systems within 30 days of BOD issuance (i.e., by October 13); (2) develop and provide to DHS a detailed plan of action to remove and discontinue present and future use of all Kaspersky-branded products within 60 days of BOD issuance (i.e., by November 12); and (3) begin to implement the plan of action at 90 days after BOD issuance (i.e., December 12), unless directed otherwise by DHS in light of new information obtained by DHS, including but not limited to new information submitted by Kaspersky.
The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) reviewed the Independent Assessment, titled Information Security Risks of Anti-Virus Software (hereafter “BRG Assessment”), prepared by Berkeley Research Group, LLC (BRG), and dated November 10, 2017. Kaspersky Lab (hereafter “Kaspersky”) submitted the BRG Assessment to DHS as an exhibit to Kaspersky’s request for DHS to initiate a review of Binding Operational Directive (BOD) 17-01. The BRG Assessment, in part, responds to the NCCIC Information Security Risk Assessment (hereafter “NCCIC Assessment”) on commercial off-the-shelf (COTS) anti-virus software and Kaspersky-branded products, dated August 29, 2017. The NCCIC Assessment was attached as Exhibit 1 to an Information Memorandum from the Assistant Secreta1Y for DHS Cybersecurity and Communications (CS&C) to the Acting Secretary of DHS, dated September 1, 2017 (hereafter “Information Memorandum”). This document is a Supplemental Information Security Risk Assessment and will similarly be attached to an Information Memorandum from the Assistant Secretary for CS&C to the Acting Secretary of DHS.
This assessment presents the inherent information security concerns and security ramifications associated with the use of any commercial-off-the-shelf (COTS) antivirus solution in devices with access to a federal network. It also addresses specific risks presented by Kaspersky-branded products, solutions, and services (collectively, “Kaspersky-branded products”).
The French services analysed the testimonies, photos and videos that spontaneously appeared on specialized websites, in the press and on social media in the hours and days following the attack. Testimonies obtained by the French services were also analysed. After examining the videos and images of victims published online, they were able to conclude with a high degree of confidence that the vast majority are recent and not fabricated. The spontaneous circulation of these images across all social networks confirms that they were not video montages or recycled images. Lastly, some of the entities that published this information are generally considered reliable.
In the last seven years, Russia has reasserted itself as a military force in Eastern Europe and the Caucasus. With the 2008 military incursion into Georgia and the 2014 seizure of Crimea and support for pro-Russian separatists in Ukraine, Russia has assumed a more aggressive, interventionist stance in Europe. In the effort to influence events in Ukraine, the Russians have used what the US Army defines as “Hybrid Warfare” to infiltrate, isolate, and dominate eastern Ukraine and Crimea. This is all a part of the strategy of what can be called “Indirect Action”—the belief by the Russians that they reserve the right to protect ethnic Russians and interests in their former states from domination by Western powers and NATO.
Section 241 of the Countering America’ s Adversaries Through Sanctions Act of 2017 (СААTSA) requires the Secretary of the Treasury, in consultation with the Director of National Intelligence and the Secretary of State, to submit to the appropriate congressional committees 180 days after enactment а detailed report оп senior political figures and oligarchs in the Russian Federation (Section 241 (a)(l)) and on Russian parastatal entities (Section 241 (а)(2)). Pursuant to Section 241(Ь), the report shall Ье submitted in an unclassified form but may have а classified annex. This is the unclassified portion of the report.
In accordance with Section 242 of PuЬlic Law 115-44 (P.L. 115-44) (“Countering America’s Adversaries Through Sanctions Act” (CAATSA)), the U.S. Department of the Treasury, in consultation with the Department of State and the Director of National Intelligence, was tasked with preparing а report addressing the potential effects of expanding sanctions under Directive 1 issued under Executive Order (Е.О.) 13662 to include sovereign debt and the full range of derivative products.
As the American Army fought in Iraq and Afghanistan, it became the best tactical level counter insurgency force of the modern era. America’s enemies, however, did not rest. Russia observed the transformation of the American Army and began a transformation of their own. This new military barely resembles its former Soviet self. Wielding a sophisticated blend of Unmanned Aircraft Systems (UAS), electronic warfare (EW) jamming equipment, and long range rocket artillery, it took the Soviet model out of the 1980s and into the 21st Century.
As part of this vision, DIA has a long history of producing comprehensive and authoritative defense intelligence overviews. In September 1981, Secretary of Defense Caspar Weinberger asked the Defense Intelligence Agency to produce an unclassified overview of the Soviet Union’s military strength. The purpose was to provide America’s leaders, the national security community, and the public a complete and accurate view of the threat. The result: the first edition of Soviet Military Power. DIA produced over 250,000 copies, and it soon became an annual publication that was translated into eight languages and distributed around the world. In many cases, this report conveyed the scope and breadth of Soviet military strength to U.S. policymakers and the public for the first time.
U.S. competitors pursuing meaningful revision or rejection of the current U.S.-led status quo are employing a host of hybrid methods to advance and secure interests that are in many cases contrary to those of the United States. These challengers employ unique combinations of influence, intimidation, coercion, and aggression to incrementally crowd out effective resistance, establish local or regional advantages, and manipulate risk perceptions in their favor. So far, the United States has not come up with a coherent countervailing approach. It is in this “gray zone”—the awkward and uncomfortable space between traditional conceptions of war and peace—where the United States and its defense enterprise face systemic challenges to U.S. position and authority. As a result, gray zone competition and conflict should be pacers for defense strategy.
(U//FOUO) U. S. Marine Corps Forces Europe and Africa Campaign Plan 2016-2020: Theater Crisis and Contingency Response Forces in Readiness
The U.S. Marine Corps Forces Europe and Africa Campaign Plan 2016-2020 defines the organization’s desired baseline operating conditions and capabilities beyond a one-year planning and execution cycle and directs action to achieve desired end states. The Campaign Plan synthesizes strategic guidance provided by U.S. European Command (USEUCOM), U.S. Africa Command (USAFRICOM), and Headquarters Marine Corps (HQMC); accounts for the Commanders’ priorities and vision; establishes a deliberate yet broadly-defined multi-year plan to achieve stated objectives; and provides a framework for implementation, periodic assessment, and refinement.
U.S. Army Foreign Military Studies Office: Russia’s Military Strategy Impacting 21st Century Reform and Geopolitics
Today’s military innovators are the modern-day scientists and engineers who assist in the creation of contemporary and new concept weaponry; and the military theorists who study changes in the character of war. Digital specialists understand how to develop and employ the capabilities of electronic warfare equipment, satellite technology, and fiber optic cables. While Kalashnikov’s fame is imbedded in Russia’s culture, it may be harder to find a current digital entrepreneur whose legacy will endure as long as his: there are simply too many of them, and their time in the spotlight appears to be quite short, since even now we are about to pass from the age of cyber to that of quantum. It is difficult to predict whose discoveries will be the most coveted by tomorrow’s military-industrial complex, not to mention the decision-making apparatus of the Kremlin and General Staff. Military theorists are playing an important role as well. They are studying how new weaponry has changed the correlation of forces in the world, the nature of war, and the impact of weaponry on both forecasting and the initial period of war.
Office of the Director of National Intelligence Background Report: Assessing Russian Activities and Intentions in Recent US Elections
The nature of cyberspace makes attribution of cyber operations difficult but not impossible. Every kind of cyber operation—malicious or not—leaves a trail. US Intelligence Community analysts use this information, their constantly growing knowledge base of previous events and known malicious actors, and their knowledge of how these malicious actors work and the tools that they use, to attempt to trace these operations back to their source. In every case, they apply the same tradecraft standards described in the Analytic Process above.
This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.
The FBI received information of an additional IP address, 126.96.36.199, which was detected in the July 2016 compromise of a state’s Board of Election Web site. Additionally, in August 2016 attempted intrusion activities into another state’s Board of Election system identified the IP address, 188.8.131.52 used in the aforementioned compromise.
Russia’s strategic objectives in the Baltic region do not focus on the Baltic States as final targets, but on using the Batlic States to discredit and dismantle the North Atlantic Treaty Organization (NATO) and undermining the European Union (EU) by using the Baltic States. Experts in Russia and European security from the United States and the Baltic region agree that Russia could use the Baltic States toward this end by employing any one of a spectrum of actions, to include direct invasion with conventional forces, an incursion and occupation using irregular forces like the one witnessed in Crimea in 2014, or longterm fostering of social, political, and economic instability. Disagreement existed among experts as to which approach was more likely.
This document is intended as a primer—a brief, informative treatment—concerning the ongoing conflict in Ukraine. It is an unclassified expansion of an earlier classified version that drew from numerous classified and unclassified sources, including key US Department of State diplomatic cables. For this version, the authors drew from open source articles, journals, and books. Because the primer examines a very recent conflict, it does not reflect a comprehensive historiography, nor does it achieve in-depth analysis. Instead, it is intended to acquaint the reader with the essential background to and course of the Russian intervention in Ukraine from the onset of the crisis in late 2013 through the end of 2014.
Syria and its ongoing civil war represent an operational environment (OE) that includes many of the characteristics illustrative of the complexities of modern warfare. Now in its fourth year, the civil war in Syria has lured a variety of threat actors from the Middle East and beyond. What began as a protest for improved opportunities and human rights has devolved into a full-scale civil war. As the Syrian military and security forces fought to subdue the civil unrest across the country, these protest groups responded with increasing violence aided by internal and external forces with a long history of terrorist activity. Ill-suited for the scale of combat that was unfolding across the country, Syrian forces turned to their allies for help, including Hezbollah and Iran. The inclusion of these forces has in many ways transformed the military of President Bashar al Assad from a conventional defensive force to a counterinsurgency force.
An updated version of the Military Doctrine of the Russian Federation released by the Kremlin on December 26, 2014. The update has received significant media coverage for reportedly naming the North Atlantic Treaty Organization as one of its primary threats, despite the fact that the previous version of the doctrine signed in 2010 contained similar statements.
Terrorists in late December 2013 conducted three attacks targeting people using public transportation systems in Russia, emphasizing terrorists’ persistent interest in attacking locations where large congregations of people are confined to small, often enclosed spaces. Russian officials claim North Caucasus-based violent extremists associated with the Imirat Kavkaz (IK) probably conducted these attacks to embarrass the Russian government in the build-up to the 2014 Olympic Games in Sochi. The IK, a violent extremist group based in Russia, has no known capability in the Homeland and is unlikely to directly target Western interests overseas.
A draft order from the Russian Ministry of Communications written in coordination with the FSB that, if implemented, will require Russian internet service providers to retain all internet traffic and provide the FSB with access for 12 hours after the data is collected, including stored data, phone numbers, IP addresses, account names, social network activity and e-mail addresses. The proposed rule changes have concerned Russian telecommunications providers who say that the requirements violate the Russian constitution.