Cyber Brief: European Cybersecurity and Russia

With Russian election hacking still in the news, today’s posting features a recent Estonian Foreign Intelligence Service publication that includes an in-depth analysis of Russia's strategy for using influence and cyber operations in Europe. Also included are related reports and government documents on Russian strategy, national cyber defense strategies, and international cyber defense cooperation in Europe.

New to the Cyber Vault

Document 01

Government of The Netherlands. "National Cyber Security Strategy 2: From Awareness to Capability." 2013. Unclassified. [3361]

Jan 1, 2013

Source

European Union

This document outlines the cybersecurity strategy for the nation of The Netherlands.

Document 02

Government of Hungary. "National Cyber Security Strategy of Hungary." March 21 2013. Unclassified. [3397]

Mar 21, 2013

Source

European Union

This document outlines the cybersecurity strategy for the nation of Hungary.

Document 03

European Union Agency for Network and Information Security. "Cybersecurity Cooperation: Defending the Digital Frontline." October 2013. Unclassified. [914]

Oct 1, 2013

Source

ENISA

This document draws distinctions between different facets of cyber, isolates cybersecurity, and outlines a European cybersecurity response framework.

Document 04

Government of Belgium. "Cyber Security Strategy for Defence." 2014 September 30. Unclassifed. [3352]

Sep 30, 2014

Source

CCDCOE

This document outlines the cybersecurity strategy for the nation of Belgium.

Document 05

Government of the Czech Republic. "Action Plan for the National Cyber Security Strategy 2015-2020." 2015. Unclassified. [3396]

Jan 1, 2015

Source

CCDOE, link broken

This document outlines the cybersecurity strategy and implementation plan for the Czech Republic.

Document 06

NATO Defense College. "Russia's Renewed Military Thinking: Non-Linear Warfare and Reflexive Control." November 2015. Unclassified. [3577]

Nov 1, 2015

Source

NATO Defense College

This research ties modern Russian strategy in cyber, information, and hybrid warfare to the Soviet-era concept of 'reflexive control'.

Document 07

Estonian Foreign Intelligence Service. "International Security and Estonia: 2018." February 2018. Unclassified. [Raport]

Feb 1, 2018

Source

Estonian Foreign Intelligence Service

This document analyzes Estonia's chief security concerns and includes an in-depth analysis of Russian strategy as a whole as well as the state of cyber threats.

From the Cyber Vault

Major William C. Ashmore, School of Advanced Military Studies, United States Army Command and General Staff, Impact of Alleged Russian Cyber Attacks, 2009. Unclassified.

This monograph was written to examine the implications of alleged Russian cyber attacks against Estonia and Georgia for the Russian Federation, former Soviet satellites, and international organizations.

NATO Cooperative Cyber Defence Centre of Excellence, National Cyber Security Framework Manual. 2012. Unclassified. [2806]

This document outlines a framework and methodology for developing a complete national strategy for cyber security.

NATO Cooperative Cyber Defence Centre of Excellence, The Cyber Defence Unit of the Estonian Defence League: Legal, Policy and Organisational Analysis, 2013. Unclassified.

This document outlines Estonia's cyber defense capabilities, policies, and legal frameworks.

Ministry of Economic Affairs and Communication, Government of Estonia, Cyber Security Strategy 2014-2017, 2014. Unclassified.

This strategy document contains an analysis of the current situation, principles of ensuring cyber security, the general goals of the strategy for 2017, subgoals, and the entities related to the strategy.

Information Systems Authority, Republic of Estonia, 2014 Annual Report, Cyber Security Branch of the Estonian Information Systems Authority, 2014. Unclassified.

This report discusses 2014 cyber incidents, studies and guidelines, the prevention of cyber risks, international cooperation in 2014, and significant changes in Estonia's legislative and strategic framework for cyber security.

Michael Connell and Sarah Vogler, Center for Naval Analysis, Russia's Approach to Cyber Warfare, March 2017. Unclassified.

This paper examines both the theoretical and practical underpinnings of the Russian approach to cyber warfare. It contains chapters on cyber as a subcomponent of information warfare, organizations and agencies, hacktivists and criminals, three case studies of Russian cyber operations (Estonia in 2007, Georgia in 2008, and Ukraine from 2013 to the present), and chapters on bots, leaks, and trolls.

Defense Intelligence Agency, Russian Military Power, June 2017. Unclassified.

One section of this study addresses Russian cyber activities, including cyber-enabled psychological operations (including the use of hacktivists, trolls, and bots) and information defense.