From 2017 to 2019, the Committee held hearings, conducted interviews, and reviewed intelligence related to Russian attempts in 2016 to access election infrastructure. The Committee sought to determine the extent of Russian activities, identify the response of the U.S. Government at the state, local, and federal level to the threat, and make recommendations on how to better prepare for such threats in the future. The Committee received testimony from state election officials, Obama administration officials, and those in the Intelligence Community and elsewhere in the U.S. Government responsible for evaluating threats to elections.
This white paper was prepared as part of the Strategic Multilayer Asssessment, entitled The Future of Global Competition and Conflict. Twenty-three expert contributors contributed to this white paper and provided wide-ranging assessments of Russia’s global interests and objectives, as well as the activities—gray or otherwise—that it conducts to achieve them. This white paper is divided into five sections and twenty-five chapters, as described below. This summary reports some of the white paper’s high-level findings, but it is no substitute for a careful read of the individual contributions.
Department of Justice Report on the Investigation into Russian Interference in the 2016 Presidential Election
The Internet Research Agency (IRA) carried out the earliest Russian interference operations identified by the investigation-a social media campaign designed to provoke and amplify political and social discord in the United States. The IRA was based in St. Petersburg, Russia, and received funding from Russian oligarch Yevgeniy Prigozhin and companies he controlled. The IRA later used social media accounts and interest groups to sow discord in the U.S. political system through what it termed “information warfare.” The campaign evolved from a generalized program designed in 2014 and 2015 to undermine the U.S. electoral system, to a targeted operation that by early 2016 favored candidate Trump and disparaged candidate Clinton. The IRA’s operation also included the purchase of political advertisements on social media in the names of U.S. persons and entities, as well as the staging of political rallies inside the United States. To organize those rallies, IRA employees posed as U.S. grassroots entities and persons and made contact with Trump supporters and Trump Campaign officials in the United States. The investigation did not identify evidence that any U.S. persons conspired or coordinated with the IRA. Section II of this report details the Office’s investigation of the Russian social media campaign.
From Multi-Domain Battle to Multi-Domain Operations. TRADOC Pamphlet 525-3-1, The U.S. Army in Multi-Domain Operations 2028 expands upon the ideas previously explained in Multi-Domain Battle: Evolution of Combined Arms for the 21st Century. It describes how the Army contributes to the Joint Force’s principal task as defined in the unclassified Summary of the National Defense Strategy: deter and defeat Chinese and Russian aggression in both competition and conflict. The U.S. Army in Multi-Domain Operations concept proposes detailed solutions to the specific problems posed by the militaries of post-industrial, information-based states like China and Russia. Although this concept focuses on China and Russia, the ideas also apply to other threats.
BOD 17-01 requires all federal executive branch departments and agencies to (1) identify the use or presence of “Kaspersky-branded products” on all federal information systems within 30 days of BOD issuance (i.e., by October 13); (2) develop and provide to DHS a detailed plan of action to remove and discontinue present and future use of all Kaspersky-branded products within 60 days of BOD issuance (i.e., by November 12); and (3) begin to implement the plan of action at 90 days after BOD issuance (i.e., December 12), unless directed otherwise by DHS in light of new information obtained by DHS, including but not limited to new information submitted by Kaspersky.
The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) reviewed the Independent Assessment, titled Information Security Risks of Anti-Virus Software (hereafter “BRG Assessment”), prepared by Berkeley Research Group, LLC (BRG), and dated November 10, 2017. Kaspersky Lab (hereafter “Kaspersky”) submitted the BRG Assessment to DHS as an exhibit to Kaspersky’s request for DHS to initiate a review of Binding Operational Directive (BOD) 17-01. The BRG Assessment, in part, responds to the NCCIC Information Security Risk Assessment (hereafter “NCCIC Assessment”) on commercial off-the-shelf (COTS) anti-virus software and Kaspersky-branded products, dated August 29, 2017. The NCCIC Assessment was attached as Exhibit 1 to an Information Memorandum from the Assistant Secreta1Y for DHS Cybersecurity and Communications (CS&C) to the Acting Secretary of DHS, dated September 1, 2017 (hereafter “Information Memorandum”). This document is a Supplemental Information Security Risk Assessment and will similarly be attached to an Information Memorandum from the Assistant Secretary for CS&C to the Acting Secretary of DHS.
This assessment presents the inherent information security concerns and security ramifications associated with the use of any commercial-off-the-shelf (COTS) antivirus solution in devices with access to a federal network. It also addresses specific risks presented by Kaspersky-branded products, solutions, and services (collectively, “Kaspersky-branded products”).
The French services analysed the testimonies, photos and videos that spontaneously appeared on specialized websites, in the press and on social media in the hours and days following the attack. Testimonies obtained by the French services were also analysed. After examining the videos and images of victims published online, they were able to conclude with a high degree of confidence that the vast majority are recent and not fabricated. The spontaneous circulation of these images across all social networks confirms that they were not video montages or recycled images. Lastly, some of the entities that published this information are generally considered reliable.
In the last seven years, Russia has reasserted itself as a military force in Eastern Europe and the Caucasus. With the 2008 military incursion into Georgia and the 2014 seizure of Crimea and support for pro-Russian separatists in Ukraine, Russia has assumed a more aggressive, interventionist stance in Europe. In the effort to influence events in Ukraine, the Russians have used what the US Army defines as “Hybrid Warfare” to infiltrate, isolate, and dominate eastern Ukraine and Crimea. This is all a part of the strategy of what can be called “Indirect Action”—the belief by the Russians that they reserve the right to protect ethnic Russians and interests in their former states from domination by Western powers and NATO.
Section 241 of the Countering America’ s Adversaries Through Sanctions Act of 2017 (СААTSA) requires the Secretary of the Treasury, in consultation with the Director of National Intelligence and the Secretary of State, to submit to the appropriate congressional committees 180 days after enactment а detailed report оп senior political figures and oligarchs in the Russian Federation (Section 241 (a)(l)) and on Russian parastatal entities (Section 241 (а)(2)). Pursuant to Section 241(Ь), the report shall Ье submitted in an unclassified form but may have а classified annex. This is the unclassified portion of the report.
In accordance with Section 242 of PuЬlic Law 115-44 (P.L. 115-44) (“Countering America’s Adversaries Through Sanctions Act” (CAATSA)), the U.S. Department of the Treasury, in consultation with the Department of State and the Director of National Intelligence, was tasked with preparing а report addressing the potential effects of expanding sanctions under Directive 1 issued under Executive Order (Е.О.) 13662 to include sovereign debt and the full range of derivative products.
As the American Army fought in Iraq and Afghanistan, it became the best tactical level counter insurgency force of the modern era. America’s enemies, however, did not rest. Russia observed the transformation of the American Army and began a transformation of their own. This new military barely resembles its former Soviet self. Wielding a sophisticated blend of Unmanned Aircraft Systems (UAS), electronic warfare (EW) jamming equipment, and long range rocket artillery, it took the Soviet model out of the 1980s and into the 21st Century.
As part of this vision, DIA has a long history of producing comprehensive and authoritative defense intelligence overviews. In September 1981, Secretary of Defense Caspar Weinberger asked the Defense Intelligence Agency to produce an unclassified overview of the Soviet Union’s military strength. The purpose was to provide America’s leaders, the national security community, and the public a complete and accurate view of the threat. The result: the first edition of Soviet Military Power. DIA produced over 250,000 copies, and it soon became an annual publication that was translated into eight languages and distributed around the world. In many cases, this report conveyed the scope and breadth of Soviet military strength to U.S. policymakers and the public for the first time.
U.S. competitors pursuing meaningful revision or rejection of the current U.S.-led status quo are employing a host of hybrid methods to advance and secure interests that are in many cases contrary to those of the United States. These challengers employ unique combinations of influence, intimidation, coercion, and aggression to incrementally crowd out effective resistance, establish local or regional advantages, and manipulate risk perceptions in their favor. So far, the United States has not come up with a coherent countervailing approach. It is in this “gray zone”—the awkward and uncomfortable space between traditional conceptions of war and peace—where the United States and its defense enterprise face systemic challenges to U.S. position and authority. As a result, gray zone competition and conflict should be pacers for defense strategy.
(U//FOUO) U. S. Marine Corps Forces Europe and Africa Campaign Plan 2016-2020: Theater Crisis and Contingency Response Forces in Readiness
The U.S. Marine Corps Forces Europe and Africa Campaign Plan 2016-2020 defines the organization’s desired baseline operating conditions and capabilities beyond a one-year planning and execution cycle and directs action to achieve desired end states. The Campaign Plan synthesizes strategic guidance provided by U.S. European Command (USEUCOM), U.S. Africa Command (USAFRICOM), and Headquarters Marine Corps (HQMC); accounts for the Commanders’ priorities and vision; establishes a deliberate yet broadly-defined multi-year plan to achieve stated objectives; and provides a framework for implementation, periodic assessment, and refinement.
U.S. Army Foreign Military Studies Office: Russia’s Military Strategy Impacting 21st Century Reform and Geopolitics
Today’s military innovators are the modern-day scientists and engineers who assist in the creation of contemporary and new concept weaponry; and the military theorists who study changes in the character of war. Digital specialists understand how to develop and employ the capabilities of electronic warfare equipment, satellite technology, and fiber optic cables. While Kalashnikov’s fame is imbedded in Russia’s culture, it may be harder to find a current digital entrepreneur whose legacy will endure as long as his: there are simply too many of them, and their time in the spotlight appears to be quite short, since even now we are about to pass from the age of cyber to that of quantum. It is difficult to predict whose discoveries will be the most coveted by tomorrow’s military-industrial complex, not to mention the decision-making apparatus of the Kremlin and General Staff. Military theorists are playing an important role as well. They are studying how new weaponry has changed the correlation of forces in the world, the nature of war, and the impact of weaponry on both forecasting and the initial period of war.
Office of the Director of National Intelligence Background Report: Assessing Russian Activities and Intentions in Recent US Elections
The nature of cyberspace makes attribution of cyber operations difficult but not impossible. Every kind of cyber operation—malicious or not—leaves a trail. US Intelligence Community analysts use this information, their constantly growing knowledge base of previous events and known malicious actors, and their knowledge of how these malicious actors work and the tools that they use, to attempt to trace these operations back to their source. In every case, they apply the same tradecraft standards described in the Analytic Process above.
This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.
The FBI received information of an additional IP address, 220.127.116.11, which was detected in the July 2016 compromise of a state’s Board of Election Web site. Additionally, in August 2016 attempted intrusion activities into another state’s Board of Election system identified the IP address, 18.104.22.168 used in the aforementioned compromise.
Russia’s strategic objectives in the Baltic region do not focus on the Baltic States as final targets, but on using the Batlic States to discredit and dismantle the North Atlantic Treaty Organization (NATO) and undermining the European Union (EU) by using the Baltic States. Experts in Russia and European security from the United States and the Baltic region agree that Russia could use the Baltic States toward this end by employing any one of a spectrum of actions, to include direct invasion with conventional forces, an incursion and occupation using irregular forces like the one witnessed in Crimea in 2014, or longterm fostering of social, political, and economic instability. Disagreement existed among experts as to which approach was more likely.
This document is intended as a primer—a brief, informative treatment—concerning the ongoing conflict in Ukraine. It is an unclassified expansion of an earlier classified version that drew from numerous classified and unclassified sources, including key US Department of State diplomatic cables. For this version, the authors drew from open source articles, journals, and books. Because the primer examines a very recent conflict, it does not reflect a comprehensive historiography, nor does it achieve in-depth analysis. Instead, it is intended to acquaint the reader with the essential background to and course of the Russian intervention in Ukraine from the onset of the crisis in late 2013 through the end of 2014.
Syria and its ongoing civil war represent an operational environment (OE) that includes many of the characteristics illustrative of the complexities of modern warfare. Now in its fourth year, the civil war in Syria has lured a variety of threat actors from the Middle East and beyond. What began as a protest for improved opportunities and human rights has devolved into a full-scale civil war. As the Syrian military and security forces fought to subdue the civil unrest across the country, these protest groups responded with increasing violence aided by internal and external forces with a long history of terrorist activity. Ill-suited for the scale of combat that was unfolding across the country, Syrian forces turned to their allies for help, including Hezbollah and Iran. The inclusion of these forces has in many ways transformed the military of President Bashar al Assad from a conventional defensive force to a counterinsurgency force.