In addition to propaganda designed to influence service members and veterans, Russian state actors are friending service members on Facebook while posing as attractive young women to gather intelligence and targeting the Twitter accounts of Defense Department employees with highly customized “phishing” attacks. The same Russian military hacking group that breached the Democratic National Committee, “Fancy Bear,” was also responsible for publicly posting stolen Army data online while posing as supporters of the Islamic State in 2015, according to the findings of one cybersecurity firm. And the hacking group’s most common target for phishing attacks in the West has been military personnel, with service members’ spouses making up another prominent target demographic, according to another cybersecurity firm.
While the military and its contractors have long been the targets of cyberattacks from hostile foreign powers, the Russian campaign is noteworthy for its heightened intensity, especially since the imposition of Western economic sanctions following the 2014 annexation of Crimea, and for the novel tactics it is employing online. All of it amounts to a new kind of low-intensity or “hybrid” warfare that Western governments are still struggling to effectively counter.
“We are focused on the azalea bushes at the edge of a redwood forest,” said retired Gen. Philip Breedlove, who stepped down last June after three years as supreme allied commander of NATO, where he witnessed a surge in Russian active measures against Baltic states and in efforts to spread negative disinformation about the alliance’s soldiers stationed in Europe.