Chapters
Shownotes Transcript
Hello everyone, this is Tom Murren and I'm here with the grunt for another Between Two Nerds podcast. G'day grunt. G'day Tom.
How are you doing? I'm well. This week's episode is brought to you by Proofpoint. And Proofpoint has a report out about a campaign that targeted organizations in the US involved in AI efforts. And there's a link to that in this week's newsletter. And today we have a special guest. So it'll be, in fact, between three nerds.
as long as you don't mind being called a nerd. So I have Elena Grossfeld, who's a PhD candidate at the Department of War Studies in King's College, London. G'day Elena, how are you?
Hi, nice to meet you and very glad to be counted among the nerds. That's right. So, Greg was telling me that you've got interests in strategic culture of Russian and Soviet intelligence and you've got a cybersecurity background. So, in fact, you're the perfect nerd for this podcast because that's exactly the sorts of topics we like to talk about. Thank you.
So, Elena, I thought we might start by talking about just what you know about the strategic culture of Russian Soviet intelligence. I find these things fascinating, and I'm interested in the KGB, how it's...
its culture, has that flowed down to its descendant splinter intelligence agencies that exist nowadays? Very much so. First of all, the definition of strategic culture, you know, of course, as always, there are multiple definitions to go with it. But the idea is a state or organization's unique way of coping with external threats, whether real or imaginary, that's the short. There's also long form, but we won't go into that.
So the KGB, what happened in 1991 when the Soviet Union disintegrated?
The KGB basically was pretty much preserved. They did not have any investigative process started or any sort of legal process or any sort of illustration like happened in the Baltics, for example, or in the former Warsaw Bloc states. What happened was they had a, you would call it like a major reorganization. They had a big workforce reduction. This is true.
And they were split into several splinter organizations, but in a way that preserved their ability. Because the new Russian government and administration were really scared that if they start messing with KGB too much, they will not have anyone left to do intelligence. Right.
So what they did was the first chief directorate, which was in charge of the foreign intelligence, became the SVR. And they remained the same since then. You know, nothing changed there. And the part that was everything else was split.
So the part that was responsible for border protection was first separated into its own organization. And then instead of before FSB, there was FSK and whatever. But at the end of the day, they managed to gather all their resources around them. And so now there's SVR and FSB. And there was a continuity of
of instructional materials, of the same people even. Because, okay, the tops changed, but starting from some level down, everything remained the same. So it wasn't a perfect condition to preserve the strategic culture. Like if you were to define the process, how you best preserve strategic culture, you would go with that.
And it worked. So I think of strategic culture as just the way you operate and the way you solve problems, which is different from your definition. But in my head, there's enough overlap that I'm going to go with it. So how would you describe the KGB's culture? What characterizes the way it behaved?
So first of all, a slight correction to your definition of strategic culture, because it's not necessarily how you operate. It's more like, what is your strategy? What are the ends and the means and the goals? What are you striving for? What things you consider important? What is your priority? What do you consider a threat even, right? So in that sense, the KGB as a,
the party's fighting detachment, their first goal was to preserve the regime and to preserve the party's rule. And as such, they did everything, like literally everything. They were above the Soviet military. Because if you look at the Cold War, for example, there were no confrontations between the major powers.
no direct confrontations. There were plenty of proxy conflicts and special operations and that kind of stuff. But all of those were driven by the KGB, or if not driven, then managed, probably conceived, designed, facilitated, and everything else. So in that sense, the major part of their strategic culture is that there is a war
The fact that there was no major war since World War II, it was not in their heads. In their heads, there is a war. Everybody is fighting. And that's the second part is the besieged fortress, the siege mentality. Everybody is against us. So the main adversary changed on occasions, but it was always...
a certain circle of enemies, right? So US, UK, Israel, the West Germany and whatnot. Even the fact that a state was considered a socialist state was not enough to take it out of the list of enemies, right? Because like look at China. For the longest time, China was the enemy. Yugoslavia. Yugoslavia, when Tito broke up with the bloc,
He's now part of the enemies. Maybe not as bad an enemy as the US, but definitely in the other side. Another thing was because there is a war and you are surrounded by enemies,
You need to preserve this ideological space against the enemy's ideological subversion, like they're trying to subvert you. So radio transmission, Radio Liberty or Voice of America or the BBC Russian Service or whoever, this is the enemy. And they are trying to corrupt you from within. And you're feeling that
If you're not protecting the state, this is how the corruption are going to set in and your walls will come crumbling down because the enemy within contributed to it, responded to the enemy from outside.
This corresponds exactly with those sections from the UN proposals that they had for cybersecurity in 99 and 2000, where the concept of a threat from cyberspace was a foreigner will use the internet to interfere with our information technologies and destroy our psychological abilities.
and disrupt cohesion in society, damage our national psyche,
All of these things, which, you know, someone reading it from the West, it's like, this sounds like things you worried about during Soviet era times when, you know, like Homo Sovieticus or whatever was under threat. Yeah. But the Cold War's over, America won, Russia understood that it lost and stopped caring about all that and tried to be friends, right? I mean...
No. Not at all. Did they not get the memo? So when you look at it, since when you say that the Soviet side lost, like they lost, but they didn't actually lose in terms of KGB. They're still around. They're still protecting. When you look at it, Yeltsin was...
When you look one step behind him, there was a KGB guy or, you know, then it became the FSK or whatever. When Putin came to power, his announcement before he became prime minister, he was the director of FSB. And he told his people, I will give you the exact quote. He was basically saying that the officers undercover have successfully infiltrated the Russian government.
and captured it. And this is when you look at it, this is exactly, you know, what Lenin said and the Bolsheviks said in 1917 when they got hold of it. So you see this unbroken continuity, you know, and in their mind, masses are stupid, public is stupid, you cannot trust them
All this democratic crap is just that. It's definitely not supposed to work. And it's not working. If you're asking them, it's not working. And they're going to point to the West. They're going to point to US and UK and wherever else to say, see, it's not working. It's like, why are you pretending? So this is an intelligence culture and not Russian culture? Yeah.
This is intelligence driven. So there is a small argument in the strategic culture section that whether it's a strategic culture when it refers to the military and intelligence culture when it refers to intelligence agencies or not, we can argue about the terms.
But if you're asking me... What are the odds? Academics splitting hairs over time. Right. No, but when you look at it deeper, even if we say, okay, intelligence agencies will have an intelligence culture, but KGB was so much more than intelligence agency. It was basically like a mini army.
Yeah, I guess the question was whether it's kind of a wrapped up leadership apparatus culture as opposed to just a distinctive thing of the KGB or intelligence services.
Is it the Russian leadership's worldview that results in the intelligence agencies being like this, or is it the other way around? Well, that's a good question, because basically, you know, when Andropov came to power, this was the first time that the leader of the KGB, the head of the KGB, became a state's leader. Like, if you look historically, there is a difference between the intelligence view and the leadership view.
Intelligence is much worse. They're way more suspicious. It just so happens that now, basically since 1991, you can say the intelligence captured a state. Right. And so, you know, now it doesn't really matter where it came because now it's the same thing.
Right. One of the things that I found really interesting was that you said that the KGB was the prime way that they prosecuted this perceived war. And to me, that resonated with me in the way that several states use KGB.
particularly cyber operations as the prime way they sort of project power, I guess. And I had thought that was because, you know, you look at Russia, it's relatively militarily weak.
So that doesn't seem like an option. It's economically not that strong. So that doesn't seem like an option except for energy in some cases. And so therefore you're left with silent. And culturally it doesn't have a very, it doesn't have massive soft power from, like it's a movie and all this other stuff. So there's,
Something left, right? Yeah, but your argument is that, in fact, intelligence services were the main way that they did that anyway. So it's just a continuation rather than a result of circumstances. Very much so, because I think cyber...
you know, with all due respect, cyber, it's a great thing, but it's not like a standalone thing, right? It's part of... Well, thank you very much for coming on. Yeah, this is my contribution to cybersecurity. It's like integrated, it's technology, but if you don't have goals, like
Cyber is just one of the things that you use to achieve your goals. And by the way, I don't think that Russians think of themselves as weak militarily. If you're asking them,
Everything is great. You know, Putin was shown this great video clip from some video game that see everything is flying in those hypersonic weapons. And at the beginning of the war in Ukraine, we're like, oh, you know, we're gonna flood London because we're gonna send some in Russia, they're called the Wonder Waffle. You know, there's this super weapon that is going to destroy everything and then some.
So if you're asking them, they are a great military power. Right. I don't know that they know whether their nuclear weapons are working based on the recent reports about how their doomsday plane was, you know,
taken apart for electronics and metal components, you know, while it was parking in some airfield. So there is some, like, some enlisted men were basically draining the brake fluid to get drunk and someone else was selling the titanium of the tires. I mean...
So I don't know how much they actually test the system and verify that it's working. But if you look at the books and what's on the books and the list of weapons that they have in their possession, everything's fine. Everything's working. We're like a great power. And you're right. I mean, the amount of soft power that they lost since the Soviet disintegration, it
It's enormous. But when you look at it, instead of the money they used to invest during the Cold War in all their strategic allies in Global South and South America and wherever, now they decided that buying proxy power, you know, helping the...
with some old Soviet missiles is much cheaper. Why do you need to build roads and hospitals and schools? You're getting the same results with so much less money. Right. So when we're talking about this strategic culture or this intelligence culture,
Where does the military intelligence fall into this? Because the GRU and the KGB were kind of set up against each other or to balance each other out to a degree. So if the KGB is running everything, where does that put the GRU? And how is that also in relation to the army, these three power structures? So...
Historically, KGB and GRU did not like each other too much. And they always had this slight competition, even though they were, for example, in bypassing export controls and trying to steal the Western technologies, they were working together. Like each had their own list, but basically they were
cooperating or not cooperating, each was doing their own thing. But when you look at the military structure, the KGB was basically in charge because they had the parallel reporting structure with the special department officers that were
in every single unit starting from like a certain size and they had a parallel reporting structure that they did not report to the general staff they were reporting to the KGB and so that there was always that political control over the military part that
was implemented. Now, the GRU, in terms of military intelligence, they're still in charge. But the FSB officers are still embedded with the military units even now in Ukraine. When we were talking about, for example, like the satellites,
Right? The imagery and whatnot. Historically, it was part of the GRU. They are the ones collecting the data. They're the ones looking and preparing it for the use. They're not very effective. And so, as you said, there are other ways now that they're trying to cover for it.
Right. So for everyone who hasn't read your paper or my thesis, just a little bit of the two or three members of the audience who maybe aren't completely up to date.
Oh, I'm sorry. No, no, no. I do this all the time. It's great. Tom always has to fill in. So essentially, one of the problems that the Russians have right now is that their spy satellites are crap. I think right now they're down to one satellite that can cover Ukraine, and it does a flyover every two and a half days. So this is one of the areas that they've turned to cyber to compensate. So rather than using...
These really old satellites, they've been hacking IP cameras, CCTV, and things like that so they can get other imagery. That was from your paper, is that right, Elena? So my paper was the bad state of the Russian space-based intelligence, and Grapp was the
Looking at the CCTV, for example, not just the battle damage assessment, which is great, but also to track the military shipments from the West. Right. Right. A lot of the, I'm going to say industrial capacity, but that's not quite right. But it's sort of the military industrial complex in Ukraine is very dispersed and dilapidated.
you'd kind of say it's like garage level because quite literally it happens in like underground parking lots and in people's living rooms and things like that. And so again, CCTV is a way of
trying to find out where these things are located because it's not something you can actually necessarily see from a satellite anyway. But if you've got a camera pointing at a structure, you can see a lot of traffic. Like if people are going in with boxes and coming out with drones, it's a bit of a hint. So it's, yeah, like cyber is taking on a position of more tactical intelligence. Yeah.
The other thing that struck me is that the way GRU, at least the cyber operators behave, is very much like the way you described the KGB in that they would do everything. So you see one of the groups in there
commonly known as Sandworm. It does destructive ops, it does espionage ops, it does influence ops, and it seems that whenever there's a job to be done, it just sticks up its hand and says, yep, we'll have a go. I guess it's a very proactive or can-do approach, and admirable in some ways, but also very alien to someone from a Western bureaucracy, where we tend to be less audacious, I guess.
I don't think it's audaciousness necessarily, but it's just like when you come to work for, I don't know, a tech company in the West, they tell you this is your job description, you're working for this group, this is your responsibilities. Unless it's a startup, when you try to get into somebody else's piece of grass, you will get kicked out because like, hey,
This is my piece of grass, go out on your own. And especially system administration, right? You need something, you don't have the administrative powers to do it. You have to wait until the system administrator comes in, presses the button, and then you get your stuff. From what my understanding is, the Russian operating principles, this is not how it works there.
So taking stuff from other people's turfs is okay. You're fine. Don't worry about it. Worst case, your boss will figure it out with their boss. They'll have a fight in the parking lot, but you're fine. Because your boss doesn't care that you come to him and say, I don't have, you know, like, it's their job. Your boss tells you, hey, you go and do this. And you better go and do this. Right. One of the things I speculated was that
during the summer of 22, there's a lot of what other analysts have sort of described as like confusing cyber activity, where there's literally this free-for-all going on in Ukraine, where some of it was opportunistic, some of it seemed to maybe be strategic, some of it was just like absolutely random, like there wasn't any rhyme or reason. And my interpretation of it was that
It was kind of like, look busy, the boss is coming. So that they couldn't go to the general staff and be like, hi, we do cyber. How can we help? And the general staff would be like, well, we're not in the middle of a war. We're not really losing badly. Let's go and talk to the nerds who are hanging out behind the
the lines and playing on their computers and tell them how to help us. Like the general staff had nothing for them. But at the same time, I can imagine the general staff is not going to be like, what have you guys been doing? And the response is, you haven't told us what to do, so we haven't done anything. And the general staff goes, oh, fair enough. You know, completely understandable. So...
Yeah. So like you just get everyone doing stuff that you can put on a report and say, here is stuff that we did this week and it's even more than we did last week. So you can see there's more stuff being done, which is, you know, obviously better than less stuff being done. Like looking at it, it's just so obviously busy work for cyber people.
and not some sort of genius four-dimensional chess set up for, you know, mate in 57 moves or something. Right, and the other thing is you could be right that, you know, nobody was preparing for it well in advance to, like, draw exact plans, you know, what do we do at this point, what do we do at that point. Oh, you know, if things don't work really well on the battlefield, we're going to go this route.
It wasn't like that because they were like, hey, we're going to march in Kiev in three days and don't forget to bring your nice uniform. So, you know, I don't think that anyone was actually expecting that will hit the fan. And, you know, and the other thing is like could very well be that what you noticed was activities from different groups that were brought together and said, hey, you know, please help.
They are not talking to each other, they're not talking to general staff, and so basically everybody kept on doing what they were usually doing in wherever they were before, and they were just now, okay, Ukraine. Even if before they were like, I don't know, hiking Israel or US. Yeah, that would make sense. It's the...
It's the sort of thing where a system will do what it's going to do. Yeah. I don't know that it qualifies as makes sense, but it might not need to make sense.
Right? But definitely not to an outside observer. And again, when you look at from strategic culture point, which was like the whole idea of how they came with strategic culture approach in the first place is that they were looking. So the US, the Americans, they were thinking we're so smart. We're using game theory to define the best strategy. They said, well, it's scientific because game theory is math, right? So it should give the same results. Right.
And the Russians or Soviets at that point were clearly doing something else. So they're like, okay, what's going on? But you know, even the best game theory...
process will not give you the same results if your desired outcome or the cost that you're willing to pay or the importance that you attach to different pieces is different, right? Because like, how do you come with an optimal strategy where you're trying to achieve a different thing? So that was one of the things from a paper I was reading on Vietnam where Schelling had put together this whole theory of how to convince Ho Chi Minh to
This was in like 64 or whatever. Like, this is how we're going to convince Ho Chi Minh to sort of back down and let us exit quietly. And then he can do whatever he wants as long as we're out of there. And there was this solid theory of like, we will escalate violence and he will see that we're serious. So he will back down and then we can back down because he's back down and then everything will work out. And...
One of the guys that was being briefed said, but what if he's not rational? Like, you know, like this is all based on we make this step and they will make this rational response. And it's, you know, but they're communists. They don't think like us. How is it supposed to work? No, it's slightly unfair. I would not call them irrational. They just have different...
objectives, right? So when you look at the war now in Ukraine, right, and you see the amount of casualties the Russians are prepared to suffer, and you compare it with Afghanistan,
as an approach, and you compare it with like World War II, and you see that the cost-benefit analysis is completely different, right? So in your eyes, it might be irrational. In Ho Chi Minh's eyes, this is like, no, this is what we're doing. So the strategic culture, this, you know, besieged mentality, everyone's out to get us, that's a huge part of Russian culture now, with just part of the news and that.
So obviously it's sort of disseminated out. But I'm wondering, like, how much of this is sort of like eating their own dog food when they know their own dog food is bad? And I'm thinking specifically of the technology of the color revolutions. So the Russians are convinced that the various sort of pro-democracy movements
Revolutions that happened in their former Warsaw Pact allies were CIA plots instigated with some sort of
CIA thing and they don't know exactly what it was but they know that it was done and it was it was done by CIA agents and they made all of these people protest and topple the government and encroach on on Russia's near abroad and it had to have been that because there's just absolutely no way that a whole bunch of regular people would get together and topple government on their own without the CIA somehow being involved it's just it's impossible and
And they so firmly believe this that any paper you read on information warfare and how cyber is done, the Russians will always talk about how the Americans have perfected information warfare to the level that they can do these color revolutions. And we know that that's not true. Like that didn't happen. But they believe it so thoroughly. It's like they're eating their own dog food, but it's slop and they know it's slop.
At what point do they poison themselves so much they can't come back? Yeah, but I think they believe it because in their life experiences, in their strategic culture, in their mental models, this is how things work.
And I think they cannot imagine a reality different from the one they live in. So, yes, they do active measures. Yes, they do sponsor groups. Yes, they do try to sponsor protests and whatever. In Germany, for example, there were several protests that were instigated by Russia. And they say, okay, we're doing it.
So everybody must be doing it, right? Right, right. Well, I mean, the other thing is that the Russians supported Trump in the 2016 election, and he won. See, it works. So in about the first year of the Ukraine war, the size of the cyber teams that were being used doubled dramatically.
And a lot of that was sourced from pre-existing skilled people, criminals, for example. And so one thing I'm curious about is what happens to a strategic culture when you double the size of some teams, right?
with a completely foreign culture. It seems to me like that's going to have some impact on the way that they operate over time. It can't be continuity with nothing changed if you've got that much new blood so quickly. So first of all, you're absolutely right. I mean, there must be some impact, but it depends on how long they will remain alive.
As a part of it. So, for example, if we look at the... After the revolution, the Chika. And then the Gapu, Ogapu, whatever, you know. They had pretty regular purges that they were, you know, eliminating the people and then bringing on new ones. It did not change the strategic culture much because they were all...
and cultured in the same manner. So you're bringing in new people in 1918, right? You give them the gun. You say you find the counter-revolutionaries and the enemies of the revolution and you shoot them on the spot. No legal procedure is required.
And that's how you promote the strategic culture, right? So then he gets a deputy, he tells them the same, and then he gets shot, and then the deputy becomes the person, and so on and so forth. So if this big group of people is to stay for a long time there, of course, there will be like a back and forth. But when they're coming to an already existing structure, I
I think the strategic culture and the institutional mindset will probably remain the same. Organizational culture could change faster than the strategic culture, right? So organizational culture is like, who do you report to? How do you decide like who does what or whatever? But I think in terms of like, okay, those are the enemies and this is what we do to them. I think this part stays pretty much stable. Yeah.
Unless there is like a bigger change after that. But, you know, I don't think anyone actually done any study and, you know, I don't
Maybe someone should do a PhD on this. Right, but it would be great to get an access to actual data, I don't know, like forum posts, maybe like new recruits bitching about how life was so much better when they were doing criminal cyber as opposed to breaking into CCTV. They haven't stopped. I mean, that's the thing is like...
They literally, they just do it in like the off hours on weekends now. It's the exact same people. Right? Right.
Well, Elena, thanks a lot for coming on the show. It's been fascinating and it's made me think differently about how some of the Russian cyber groups operate. And so you're at Klusha on Twitter, at K-L-O-O-S-H-A. Is that the best way for people to reach you?
one of the ways or through my KCL email. Okay, that's King's College London. Yep. Okay, great. Thanks a lot, Elena. Thank you both. Thanks for joining us. Have a great day. Bye-bye.
