How Russia Operates

On September 6, 2017 – roughly 10 months after the presidential election – Facebook Chief Security Officer Alex Stamos disclosed that the social network sold approximately $100,000 worth of ads to “470 inauthentic accounts and Pages” originating from Russia. That dollar amount translates to about 3,000 ads potentially seen by as many as 73 million people.

While Facebook has not publicized the content of those ads, its representatives indicated the ads focused on divisive issues such as race relations and polarizing topics such as the Second Amendment right to bear arms. The ads likely targeted swing state voters, but even without political campaign precision, they would have advanced the Kremlin aim of weakening democracy, in part by turning Americans against one another. In any event, we do know creating and disseminating false information is a weapon of political warfare the Soviet Union and Russia have been using for decades. It falls into a bucket of tactics with a collective name: Active Measures.

Active Measures today refers to anything from seeding and spreading propaganda to computer hacking to political assassination done in pursuit of Vladimir Putin’s domestic and foreign policy objectives, the latter of which entails undermining democracies around the world. He targets the most powerful, the ones with the greatest ability to affect his domestic political and economic status and impact Russia’s foreign policy.

Journalist Garrett Graff put together A Guide to Russia’s High Tech Tool Box for Subverting US Democracy for Wired in August 2017. In it, he explains the grand strategy at play — the Gerasimov Doctrine — and lays out eight ways Russia operates.

Named for its author, Russia’s Chief of the General Staff General Valery Gerasimov, the Gerasimov Doctrine advocates a hybrid strategy of “political and economic influence and targeted information campaigns to shape the battlefield in advance of either conventional or unconventional military operations.

In Politico Magazine’s The Gerasimov Doctrine, Molly McKew – an information warfare specialist and U.S-Russia relations expert – writes, “Chaos is the strategy the Kremlin pursues: Gerasimov specifies that the objective is to achieve an environment of permanent unrest and conflict within an enemy state.”

On May 8, 2017, former Director of National Intelligence James Clapper testified before a Senate Judiciary subcommittee and explained that educating the American public as to what the Russians are doing is vital to national security:


In other words, the more we know, the better prepared we are to fight back. The following are the weapons Russia has at its disposal:


Russia actively deploys “information influence operations that seek to muddy the political waters” using state-sponsored media, Twitter bots and social media trolls, and high-paid D.C. lobbyists, Graff explains. The goal is not always to benefit one political candidate or cause over another but rather to undermine public faith in a free press and blur lines between fact and fiction. During the 2016 presidential election, Donald Trump aided the Russian disinformation campaign – whether he knew it or not – every time he used the phrase “fake news” about something that was demonstrably true.

Inside and outside Russia, Putin puts forth different, sometimes competing versions of events, intentionally confusing the public and encouraging general apathy about what is true and what is fiction. .

If you what to know what Russia wants you to believe today, check out the Alliance for Securing Democracy’s Disinformation Dashboard which tracks “600 monitored Twitter accounts linked to Russian influence operations.”


Graff says Putin’s government isn’t the only Russian entity making use of hackers and malware. Organized crime now is organized online, and criminals often collaborate with intelligence officials to mine data and steal information. A Third Way report published June 14, 2017 describes some of the recent cybercrimes Russians have conducted against U.S. banks, governments, and hospitals. In 2013, authorities busted a gang of mostly Russian hackers who stole more than 160 million credit card numbers over eight years, making the scheme the largest cyber-heist in the U.S. to date. We know Russian government-sponsored hackers stole proprietary information and strategically leak it online during the 2016 presidential campaign and that Russian cybercriminals breached election-related computer systems in at least 21 states.

Russian hackers have the capability to do damage beyond the financial and political arenas. They can access critical infrastructure like power and nuclear plants. In December 2016, The Washington Post reported Russian hackers got into a computer at Burlington Electric in Vermont. While the hackers did not disrupt operations and the affected laptop was not connected to the grid, the breach showed the true vulnerability of our nation’s electrical systems.

On December 23, 2015, a sophisticated, well-coordinated attack that experts attribute to Russian hackers took down a Ukrainian power grid, leaving close to 250,000 people without electricity. More recently, the computer-security firm Symantec warned that a cyber espionage group called Dragonfly had reemerged and was behind cyber breaches at about 100 power companies and nuclear plant operators since the beginning of 2017. Half of those were in the United States. Experts have linked Dragonfly to Russia in the past and suspect it is the same group that hacked Ukraine in 2015.

On August 22, 2017, President Trump’s cybersecurity coordinator Rob Joyce told CBS News the United States’ cybersecurity defense force is understaffed by about 300,000. He also shared that the federal government will not use Kaspersky Lab products and warned the general public should avoid them as well. Kaspersky Lab is a Moscow-based cybersecurity company that U.S. officials believe has ties to the Kremlin and Russian intelligence. The company denies ties to the government, but it is registered with the FSB, Russia’s Federal Security Service (formerly KGB).

On September 13 2017, the U.S. Department of Homeland Security officially banned federal use of Kaspersky software:

“The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks. The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”

Read the full announcement.


Europe’s reliance on Russia’s oil and natural gas reserves, as well as its nuclear power expertise, presents some opportunity for Putin to manipulate the flow of these resources if it suits his political needs. He has done this to some effect over the last two decades, punishing Ukraine and persuading the Balkans, Germany, Italy, and other countries in Central Europe to take a friendlier stance towards Moscow. But because oil and gas make up 70% of Russia’s export income and alternative fuels and renewables are growing in popularity, playing with energy distribution is no longer Putin’s most powerful tool.


When Hermitage Capital CEO Bill Browder testified before the Senate Judiciary Committee on July 27, 2017, he placed Vladimir Putin’s personal net worth at an estimated $200 billion. He also explained how Putin controls the oligarchs who hold his money for him. With several large national banks, utilities, and corporations under state control or run by Putin loyalists, Graff writes, “These ties between Russian officials, oligarchs, and commercial enterprises make it hard to separate out business, politics, and espionage.” Money can buy foreign pro-Kremlin politicians, movements, press, investigators, and spies. It also can finance operations like “troll farms” where hundreds of workers create and operate fake accounts designed to overwhelm social media networks with false information and seed doubt in democratic leaders and institutions by exploiting open communication.


The Putin regime has a well-documented history of silencing dissent though human rights abuses, violence, and even murder.

As Clint Watts, a counterterrorism and active measures expert, explained in his testimony before the Senate Intelligence Committee on March 30, 2017, one good way for the U.S. to track Russia’s influence is to “follow the trail of dead Russians.”

Eight high-profile Russians have died since the November 8, 2016 U.S. presidential election, and that’s just a fraction of the story. Read more here.


Graff defines kompromat as “compromising material of a financial, sexual, or health-related nature that can coerce covert cooperation—or silence critics.” Russia operatives so often use seduction and blackmail that high-profile visitors and journalists are warned in advance of travel to be aware of alluring offers.

When the Christopher Steele dossier emerged in January 2017 alleging the Russians had compromising personal and financial information on President-elect Trump, the assertion was credible enough to share with President Obama and Trump because, in part, intelligence officials knew kompromat was a favorite, time-tested Russian tool of the trade.


Good old-fashioned Russian spying – the kind that makes for standard cinema fare – is alive and well in the United States. In 2010, the FBI arrested 10 Russian Foreign Intelligence Service (SVR) operatives who had been living seemingly normal lives in the United States for more than a decade. Dubbed Operation Ghost Stories, the fascinating high-profile case inspired the popular FX television show The Americans.

More recently – on April 5, 2017 – U.S. officials deported convicted Russian spy Evgeny Buryakov, who had been working as a self-described Deputy Representative at Vnesheconombank (VEB) in New York City before his arrest in January 2015. Former United States Attorney for the Southern District of New York Preet Bharara said at the time the charges against Buryokav and two others showed that “more than two decades after the presumptive end of the Cold War, Russian spies continue to seek to operate in our midst under cover of secrecy.”


While most of Russia’s tactical operations are employed on the sly, Putin and his supporters are not averse to using traditional diplomatic relations to woo foreign allies. For instance, Graff notes Putin has managed to cultivate support from both far-right British politician Nigel Farage and far-left U.S. Green Party candidate Jill Stein by appealing to a shared anti-globalization foreign policy stance. He has forged a relationship with actor Steven Seagal over a shared love of martial arts, granted Russian citizenship to French actor Gerard Depardieu so he could evade taxes in 2013, curried such favor with U.S. Representative Dana Rohrabacher (R-CA) that Rohrabacher’s earned the nickname “Putin’s favorite congressman,” and handed former German Chancellor Gerhard Schroeder lucrative positions with Gazprom, an energy arm of the Russian state, and Rosneft, the Kremlin-owned oil company.