By Dr. Matthew Crosston and Anonymous*
Every month another story of cybertheft linked to China or Russia emerges. Recent data breaches at Target, United Airlines, Blue Cross Blue Shield, and OPM have been linked back to Russia, while theft of key technology across major Department of Defense contractors such as Lockheed Martin and US government laboratories have been linked to China.
Neither China nor Russia’s government formally admit to leveraging the internet to steal secrets from other countries but hacks have been linked directly to their intelligence services’ respective buildings or individuals known to be under governmental influence. International cyber incidents in Ukraine, Georgia, and Estonia have all been apparently linked back to Russia while the Canadian government recently set up domestic cyber-protection programs after several major corporations were hacked by Chinese intelligence. The US government struggles on how to approach these cyber intrusions. Should they be ignored so that other foreign policy initiatives can move forward? Are these initiatives acts of war or a new method of state gamesmanship? Do these collections of vast amounts of information count as high treason/espionage or simple economic theft? Environmental negotiations just about broke down several years ago when President Obama called out China for hacking several governmental systems during the negotiations. What does all of this signify as Russia and China become more important strategic world partners, while still at least semi-maintaining long-held intelligence and military adversarial attitudes toward the US? Welcome to the REAL cyber era, where multiple players try to steal the world one byte at a time while pretending to do nothing of the sort.
The Chinese, American, and Russian intelligence services have no issue launching clandestine internet attacks to pursue what they all consider to be legitimate national security and foreign policy objectives. Sometimes the information collected is economic, directed against or about important corporations; other times the information is military and political. In all cases the information is highly strategic. While it is true that the information the Russian and Chinese intelligence services are providing to their respective policymakers is much broader in scope than the CIA or US Department of Defense, and is arguably much more domestically invasive than the FBI or DEA, both Russia and China have successfully started campaigns questioning the ‘purity of purpose’ within American intelligence given the details of the Snowden scandal. All of which begs questions: should American intelligence maneuvers match Chinese and Russian cyber precedence? Is the American public aversion to cyber collection programs really just a front for a private philosophy that already rivals China and Russia? Is there something fundamentally important for states to consider in this style vs. substance cyber spy debate?
Crucial differences in intelligence organizational culture and mission make figuring these questions out quite difficult. While the United States has been quick to leverage open-source collection for its own programs, it has supposedly been hesitant to execute the power of its cyber abilities in invasive, offensive, global scenarios (although this consideration is now being heavily debated in the classified sector and some accuse it of already transpiring). This article will attempt to determine if Chinese and Russian intelligence services have gained a tactical advantage over the United States because of a political and bureaucratic blind spot, or if the United States intelligence collection culture is different only at the superficial level and is largely the same as its rivals in terms of true cyber substance.
The first important aspect in understanding the Grand Cyber Game is to understand how the Russian, Chinese, and US intelligence communities are structured. The United States is known for the ‘big brothers’ of its IC, the Central Intelligence Agency (CIA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA). However, there are actually 17 members of the US Intelligence Community. Some of these include intelligence offices for each branch of the US military, Department of Homeland Security, Department of Energy, Department of State, Department of the Treasury, Drug Enforcement Administration, National Reconnaissance Office (NRO), and National Geospatial-Intelligence Agency (NGA). The first five use intelligence collection as part of a law enforcement mission, while the NSA, NRO, and NGA all harvest data and imagery collection. Traditionally, the CIA operates overseas and cultivates human sources while conducting clandestine operations. The FBI traditionally manages counterterrorism operations domestically, provides investigation support overseas when American citizens are involved, and acts under an enforcement jurisdiction to maintain the law. The NSA was established to provide cryptologic services and to protect US information systems and signals intelligence. It supports military customers, national policymakers, and counterterrorism and counter-intelligence communities under the Department of Defense. However, in a post-9/11 world, these explicitly defined roles have become more blurred and opaque as global travel and transnational collections are intensely complicated by the internet.
Conversely, modern Chinese intelligence services have always had domestic and international missions intertwined. China’s Ministry of Public Security (MPS) was formed in 1954 as a domestic law enforcement agency. It managed criminal investigations, security protection, public information network security, traffic control, legal affairs, counter-terrorism, drug control, and other anti-smuggling and anti-corruption duties. In 1983, the Ministry of State Security (MSS) was established as the formal intelligence and security agency of China for non-military areas of interests. It has the same authority to arrest or detain people as the MPS with a nearly identical oversight mission by the courts, but it is also a separate, parallel network to the MPS. The MSS mission is to ensure “the security of the state through effective measures against enemy agents, spies, and counter-revolutionary activities designed to sabotage or overthrow China’s socialist system.” Similar to the CIA, the MSS gathers foreign intelligence from targets in various countries overseas while the MPS gathers information domestically to protect against domestic terrorism and political coups. Both heavily rely on cyber collection.
Russia operates with three principal intelligence services. The SVR focuses on foreign intelligence collection, but mainly with civilian affairs. It is formally responsible for intelligence and espionage activities outside the Russian Federation. The GRU is the main foreign military intelligence directorate of the General Staff of the Armed Forces. It is Russia’s largest foreign intelligence agency, deploying at least six times as many agents as the formal KGB successor, the SVR. The FSB operates in theory only across the former Soviet Republics and domestically, but having had its operational portfolio increased in 2003 to include the Border Guard Service and the Federal Agency of Government Communication and Information. The three intelligence services often overlap and sometimes compete against one another in the recruitment and collection of intelligence sources. Russia also established an Anti-Terrorist Center that falls under full control of the FSB. The Center’s mandate was to create a database for intelligence sharing among the security services of all members of the Commonwealth of Independent States (CIS). Although the SVR has promised not to spy within CIS territories, the FSB has not. As such, it has become the de facto leading intelligence service for foreign collection activities for Russia. Interestingly, Russia has often turned a blind eye to Central Asian intelligence service activity within its borders, when Central Asian leaders are making moves against so-called political enemies (these moves are usually abductions back to Central Asia for detainment). These activities have included both the Chinese MSS and MSP. In 2001, the Shanghai Cooperation Organization (SCO) was established by China, Kazakhstan, Kyrgyzstan, Russia, Tajikistan, and Uzbekistan, to work together against terrorism, separatism, and extremism. They established their own Regional Anti-Terrorist Structure (RATS) that became the mechanism of choice for carrying out abductions across national boundaries, outside of standard judicial procedures. RATS operations have been compared to the CIA’s practice of extraordinary rendition and allow members to detain suspects in the six participating states outside of any rule of law. The members’ operators are not subject to criminal liability and they are immune from arrest and detention within the six states.
The reality is, on an international level, the intelligence services of all three nations operate with remarkably similar mission goals and objectives: they wish to protect the national interests of their respective states and garner advantages for said states via the acquisition of important information. While Hollywood has often focused on the political deviance and violence of intelligence missions around the world, the less exciting reality is that intelligence is more often utilized simply for political leverage. On the domestic level, the United States has long-held the moral superiority card against rivals like Russia and China, largely based on the democratic system in America supposedly being more altruistic and legally-minded than the so-called autocratic-type regimes in Beijing and Moscow. Snowden and other details in the past several years have started to make some at least wonder how much that moralism is built upon a foundation of sand and not stone. Finally, the stylistic aspect of intelligence public relations is significantly different between the three: the US decidedly tries to maintain an air of secrecy and deniability over just about everything its Intelligence Community does or needs to do. Russia and China, while revealing no secrets, tend to be a bit more unabashed about the role and necessity intelligence plays for the furthering of state power and do not fear making public statements to that effect anywhere, anytime. For them, therefore, the only difference between the three great players in the Grand Cyber Spy Game is the costuming and marketing of their respective goals, but NOT the ploys, initiatives, and overall desires. When it comes to winning, it seems all three are set and determined to virtually steal, that is, ‘obtain’ as much as possible. The Grand Cyber Spy Game demands no less.
About the authors:
(*) Anonymous is currently a graduate student in International Security and Intelligence Studies at Bellevue University and works within the US governmental system. The opinions expressed are strictly personal and do not reflect a formal endorsement of or by the United States’ government and/or Intelligence Community.
Matthew Crosston is Professor of Political Science, Director of the International Security and Intelligence Studies Program, and the Miller Chair at Bellevue University
This article was published at Modern Diplomacy