European Commission Vice President Andrus Ansip has spoken at the RSA Conference 2018 about Russia’s ongoing campaign to weaponise information.
The 2018 RSA Conference is being held this week in San Francisco, USA, and gathers together public and private stakeholders to discuss the current state of cybersecurity around the world. Russia’s efforts to weaponise information are thought to have impacted the 2016 US Presidential Election, and are suspected to be ongoing, meaning that the topic has been widely discussed at the event.
Ansip highlighted an incident which happened in 2007, when he was prime minister of Estonia, as a means of demonstrating the scale and history of such attacks, as well as to illustrate the lessons he learned from the incident which can be applied to contemporary incidents.
He explained: “In 2007, cyber-attacks were used as a weapon to achieve political goals. Since then… malicious cyber-activity has proliferated. It has become more brazen and sophisticated, more imaginative and international. Misinformation is another widely used tool of political influence.”
How does this relate to Russia?
While Ansip did not directly accuse Russia of carrying out the 2007 cyberattack, he emphasised that the country has remained at the forefront of cyber warfare, and suggested that the country views cyber operations as a legitimate element of information warfare.
Ansip added: “In Russia, for example, military doctrine sees cyber operations as part of its tactics for information warfare. Deception, false data, and destabilising propaganda are deemed legitimate tools to convince people to ‘buy’ the disinformation message as credible information.”
What is the EU doing to combat this?
Repeated attempts to weaponise information and spread misinformation by numerous parties led to the creation of a special team in 2015, which was designed to respond in particular to Russian efforts in this area. In the first two years of its operation, the team found over 3,500 examples of misinformation that contradicted publicly available facts.
Ansip also praised US-EU collaboration on combating the threat of cyberattacks, but warned that greater enforcement mechanisms are needed, and greater penalties should be introduced for those who do not obey the law.
He concluded: “Digital innovation should not be abused… The perpetrators are operating on a global and daily basis, and that is not about to change. We have to fight it together – to prevent, deter and respond. Constant vigilance and cooperation. But it is not only about defeating threats. There is a lot to be positive about, especially when we work together.”
