Another Episode of Russian Information Warfare and Active Measures
For the last two years we have been consumed with reports of Russian information warfare (IW) and active measures to attack the U.S. and allied governments. But by focusing on those attacks we have neglected other vital sectors that are constantly and daily under Russian and other attacks, namely the corporate sector. Private, semi-public, public, and government corporations, have all been subjected to major cyber-attacks that aim not only to injure them but to discredit their businesses and, if they are tied to a government, cripple that government’s policies.
Readers should remember the 2014 North Korean attacks on Sony to register Pyongyang’s displeasure over a movie satirizing Kim Jong-Un. Indeed, the U.S. government recently indicted a North Korean national, Park Jin Hyok for attacking Sony, orchestrating the 2017 WannaCry malware attack that infected over 200,000 computers in 150 countries. He also orchestrated a massive 2016 heist of $81 million from the Bangladesh Bank through the SWIFT network. We also know of the Iranian hack of the Saudi oil company, ARAMCO, that evidently intended not only to destroy data or force a shutdown of operations but also to sabotage ARAMCO operations and cause a lethal explosion. And these attacks preceded the more recent well-known Russian probes and attacks of our national electric grid.
To undermine a business however, it is not even necessary to attack it directly. Often it suffices to destroy its reputation and drive away supporters and customers by disinformation cleverly placed, as is often the case in Russian strikes, in obscure international media that is then used to furnish a supposedly respectable basis for escalating attacks on a business to destroy it and the state policies with which it is associated.
A recent example of such operations occurred when an article in an obscure Bulgarian journal charged that Silk Way Airlines, a subcontractor of the Pentagon through U.S. firms working with the Defense Department, is using diplomatic privileges to carry weapons to terrorists in Syria, Iraq, Afghanistan, Pakistan, and the Congo. The author alleges that documents allegedly obtained from an anonymous Twitter account in Bulgaria that supposedly sent files from Bulgarian and Azeri diplomatic sources show that Silk Way Airlines offered diplomatic flights to private companies and arms manufacturers from the U.S., Balkans, and Israel, as well as to the militaries of Saudi Arabia, UAE, Germany and Denmark in Afghanistan and of Sweden in Iraq. A subsequent article based itself on this original article, argued that Silk Way Airlines, which has received government loans from the Export-Import Bank of the United States, was also ferrying weapons to terrorists.
However, this is a classic example of Russian disinformation and active measures to destroy Silk Way Airlines and undermine U.S. and allied policies in all these countries who are either fighting terrorism or threatened by it. Indeed, the original sources for the Bulgarian article come from IP addresses in Russia and Armenia, not Bulgarian or Azeri diplomatic files. Furthermore, the Bulgarian journalist who originally reported this story, Dilyana Gaytandzhieva, was subsequently fired for reporting this disinformation.
Obviously, no credible reporter bases a story on anonymous Twitter sources purporting to be genuine diplomatic sources, especially when they were fakes originating in Russia and/or Armenia. So we see here a classic example of disinformation and active measures to compromise Silk Way Airways, frighten governments and banks from lending to it, and attack Western (not only U.S.) policy. These attacks on the company also tried to portray its president as being close to the Azeri government and therefore supposedly a figure of questionable probity.
One can understand why Armenian sources would attack an Azeri business firm. But this shameful episode shows just how subservient Armenia has become to Russia and justifies NSC Director Bolton’s recent warnings to Yerevan that we will be watching Armenia’s behavior vis-à-vis Tehran and Moscow. But while this episode may be a relatively small and obscure one, it shows the power and willingness of our adversaries to employ disinformation and fake news to undermine U.S. partners, contractors, and policies.
Such episodes highlight the need for strong public-private partnerships in the U.S. and even globally to protect legitimate and lawful business activities from unscrupulous attacks. Indeed, Silk Way Airways followed all the established protocols and regulations of the International Air Transport Association (IATA) and the International Civil Aviation Organization (ICAO) as well as operating in full compliance with DOD requirements. In fact Silk Way Airways has contracts not only with the Pentagon but with U.S. Transport Command, Boeing and Boeing Global Services, the Canadian Department of National Defense, the German Armed Forces, the French Army and the United Nations. So this is hardly a shadowy criminal pro-terrorist operation.
This case reveals the threat to legitimate business as well as Russia’s ongoing effort, as a state sponsor of terrorism in Ukraine and the Middle East, if not elsewhere, to undermine Washington’s war on terrorism and its allies and partners. Such Russian activities must be publicized early and regularly. Otherwise the attacks we have seen to date will proliferate around the world with severely negative results for us, our partners and our allies.