December 4, 2020



With its history of aggression toward American allies in Europe, Russia is the Euro-Atlantic community’s most dangerous cyber opponent. The Kremlin is a committed, hostile, reckless, and inventive actor that will require coordinated, consistent, and committed trans-Atlantic cooperation to manage.


The Russian government views the American-European partnership as a threat to its regional and global interests, and it has committed to an adversarial relationship with the United States and its European allies. Putin’s primary aims include the “preservation of his regime, the end of American global hegemony and the restoration of Russia as a mighty and feared force on the international stage.” While the Russian government is not always a unitary actor, Putin’s core objectives unite the often feuding and disparate components of its foreign policy, military, and intelligence apparatus and are consistently pursued by all branches of the state. Putin’s Russia sees the American-European partnership as a key roadblock to pursuing its revanchist dream of turning Russia into a political and military power that dominates or controls its neighbors in Europe. The Putin regime views democratic projects across the former Soviet territory as a unique and primary threat to its domestic legitimacy and regional influence. The regime wages complex military, economic, political and intelligence campaigns against these projects, despite international sanctions and condemnation.


The Kremlin has shown little compunction about using any means at its disposal, including its cyber toolkit, to antagonize the United States, undermine democratic countries and attempt to assert control in Europe. The Russian government extensively uses disinformation and hacking to achieve political, economic, or military ends. Military operations against Ukraine and Georgia aimed at punishing these countries for their lack of fealty to Moscow have been accompanied by devastating hacking operations against targets such as electrical grids, government websites, corporations, and even frontline artillery units. European countries, including France in 2017, which was targeted by a Russian hack-and-dump operation against then-candidate Emmanuel Macron, have been repeatedly targeted by Russian hackers working with disinformation campaigns to influence the results of local and national elections. Countries in Europe with national agendas that Russia views as counter to its global interests, such as Poland, Romania, Norway, and others, have been targeted by Russian cyberattacks and political pressure simultaneously.


Russian cyber actors are sophisticated and committed. According to  Nicu Popescu, Moldova’s minister of foreign affairs and European integration, and Stanislav Secrieru, a senior analyst at the European Union Institute for Security Studies, Russia has a long history of activity in cyberspace and is “undoubtedly one of the world’s great cyber powers” with “extremely sophisticated capabilities” that are “integrated into its foreign and security policy much more extensively than other international players.”


That virtuosity is thanks in part to a “general laissez-faire approach to cybersecurity” by the international community. During this period of relative inattention to Russia’s cyber campaigns, the Kremlin has used its cyber tools in reckless and dangerous ways particularly against Ukraine. The Kremlin conducted cyberattacks against civilian infrastructure in Ukraine in 2015, crossing a de facto red line. The Kremlin’s attacks on Ukraine in 2017 not only caused immense damage to Ukraine but resulted in massive spillover well beyond the scope of its initial attack, causing worldwide economic chaos.