Page 55 - Cyber Terrorism and Extremism as Threat to Critical Infrastructure Protection
P. 55
MARK GRZEGORZEWSKI: RUSSIAN CYBER OPERATIONS: THE RELATIONSHIP BETWEEN THE STATE AND CYBERCRIMINALS
Criminal states can also be viewed through the lens of the kleptocratic interdependence thesis
as articulated by Kelly Greenhill, which addresses “a set of profit- and power-driven, self-
reinforcing domestic and international relationships between criminal groups and govern-
ment officials”. In this relationship, criminals provide support to the elites, who protect the
criminals. This long-lasting, mutually supportive relationship in effect blurs the lines between
politics and crime (Greenhill, 2009); it becomes parasitic in that the institutions of the state
become corrupted by crime.
In contrast, the cyber mercenary thesis, as articulated by Tim Maurer, describes how states use
proxy groups, including criminals, to project power. Maurer defines a cyber mercenary as “an
intermediary that conducts or directly contributes to an offensive cyber operation that is en-
abled knowingly, actively or passively, by a beneficiary who gains advantage from its effect”.
He divides this relationship between states and their proxies into three distinct typologies
along a spectrum in order to explain the degree of control by states. Maurer concludes that the
reason for the cyber state-proxy relationship is due to the state attempting to retain plausible
deniability and to avoid engaging in direct conflict (Maurer, 2018).
Maurer’s three typologies are delegation, orchestration, and sanctioning; in brief, delegation
involves the state strictly authorizing the proxy to act on its behalf, orchestration involves a
loose relationship between the state and the proxy to carry out actions where the former en-
courages the latter to act, and finally, sanctioning is the loosest of the relationships, where the
state knows of the activities of the proxy but turns a blind eye to its activities.
3 Russia and Cyber Criminals
Today, Russia cannot measure up militaristically to the United States. By all measures of
power, Russia is lacking. Yet, the Russian state still wants to be a major player on the world
stage. The great loss of power post-Cold War has caused the Russian state to become a vin-
dictive, revisionist power. Accordingly, in order to reach some sort of parity with the United
States, Russia has chosen to strike back against the US asymmetrically. This includes their
worldwide disinformation efforts, arming insurgents against Western-friendly governments,
and employing cyber means to weaken opponents (Blank 2017). All this is to say, Russia uses
the power of disruption to stay in the game.
Russia is one the main centres of cybercrime in the world today (Kadlecová, 2015). In fact,
85% of Europol’s cybercrime cases are against Russian-speaking organized cyber groups
(Brewster, 2014). Furthermore, the largest known collection of stolen internet credentials
occurred within Russia (Perlroth and Gelles, 2014). Russia is a hub of cybercrime due to
legal loopholes in Russian law, low legal enforcement of the laws, and the low cost of cyber
services (Kadlecová, 2015). In addition, the high number of Russian students that graduate
with degrees in computer science, coupled with low employment opportunities, pushes many
Russians into the field of cybercrime. When put against the backdrop of a culture that had to
survive during Soviet times by any means necessary, Russians have developed a belief that
they gain what they obtain, including through cyber theft (McDougal, 2015).
Under international law, if a party is able to prove that the state provided “instruction,” “di-
rection,” or “control” to a proxy, then the actions of the cybercriminal can be attributed to
55
