By Daniel Loud, Special Contributor for Intelligence-related Issues

Recent controversies surrounding the U.S. presidential election have preempted discussion among policymakers and intelligence professionals about emerging threats to cybersecurity and information breaches, particularly by Russia. While very few doubt that the Kremlin interfered in the election, there is considerable debate over an appropriate response and strategies for defending against breaches in the future. To the bewilderment of the security and intelligence establishment in the West, Russian breaches of cybersecurity constitute an entirely new, discrete form of threat to these states’ interests. To counter such discrete threats, military thinking must take a backseat to intelligence battles. To discourage future Russian breaches of cybersecurity, western intelligence agencies must understand the Kremlin’s goals in pursing these attacks. 

A 2013 article by Valery Gerasimov, chief of the Russian General Staff, may provide the necessary insight. This article and its associated “Gerasimov Doctrine” have already gained recognition as the basis for Russian hybrid warfare, which the country used in Ukraine. However, it can also inform discussion on Russian actions against states it is not officially at war with, such as the United States. The Gerasimov Doctrine draws on two key inspirations: traditional Russian strategic thinking and lessons from recent American campaigns in the Middle East. The first inspiration, traditional strategic thinking, harkens back to the time of the Napoleonic wars. While Russia has often been forced to contend with militarily superior enemies,  the country has taken on the practice of “preparing the battlefield” (McDermott 98), or altering the landscape of battle so to achieve an advantageous position against the enemy. In the post-Cold War order, Russia no longer has the capacity to match NATO’s military superiority, making such battlefield preparation critical. While Russia is not at war with the west and has no plans to enter one, the Kremlin can still take steps to alter the political battlefield, increasing its relative power and blunting the advantages of it rivals.

The second inspiration comes from the early 2000s and lessons learned from American campaigns in the Middle East, which Russian analysts have perceived as efforts to destabilize Russia’s nearabroad. Gerasimov concluded that the United States did not achieve its political goals through blunt invasion, but instead took non-conventional actions within a “single intelligence information space” (Gerasimov 24) ranging from no-fly zones to social media campaigns aimed at unseating legitimate leaders. For Gerasimov, such non-military actions indicate the new form of warfare, focused on asymmetrical, non-military tactics to supplement or even supplant conventional campaigns. Such nonmilitary means can be used against the west as well, particularly when it comes to information. Revealing damaging information on politicians or undermining faith in institutions is a natural application of Russian hacking to strengthen the Kremlin’s relative position without truly risking a major war. Thus, we see how the Gerasimov Doctrine applies to the west: battlefield preparation by way of non-military means and manipulation of information staying short of war.

Currently, the intelligence community’s efforts to counter Russian hacking do not reflect an understanding of the Gerasimov Doctrine. The root of this problem is the 2014 NATO summit at Wales, which established a precedent for cooperation and intelligence sharing in a joint effort to improve cyber-defenses. However, members used this intelligence sharing to decide if “a cyberattack would lead to the invocation of Article 5” (NATO Declaration Section 72). As Article 5 establishes the responsibility of all NATO members to respond to an act of war against another member, clearly this policy is meant to deter Russia from cyberattacks that would constitute acts of war. However, recall that the Gerasimov Doctrine calls for actions short of war to reach political goals. My analysis makes it clear that the current deterrent goal of intelligence communities throughout the NATO countries is oriented toward the wrong kind of threat. If the U.S. and its allies are to successfully detect and defend against further Russian breaches of cybersecurity, they needs to reorient its strategy according to the Russian blueprint laid out in the Gerasimov Doctrine.

Daniel Loud is a junior at UPenn, where he studies International Relations.