World media and politics keep silent – but this does not change the situation is increasingly similar to Russian hybrid war efforts against Ukraine in spring/early summer 2014.
See an analysis of the situation from Aldrimer:
ANALYSIS: Analysts with the Military Intelligence and Security Service (MUST) and the Swedish security service Säpo believe the country is under continuous and increasingly serious hybrid warfare attack from Russia. Swedish officials fear the worst is yet to come.
By KJETIL STORMARK /firstname.lastname@example.org
An intense effort is underway to uncover technical traces after recent serious incidents. The goal is to determine whether Russia is behind what is – in part or in full – considered to be deliberate attacks.
Almost every day, Sweden faces serious cyber attacks. Swedish officials believe Russia is behind many of them, although most are never made public. However, recent days, weeks and months have brought a striking increase in attacks on Norway’s neighbour.
- Two TV and communication masts were sabotaged. A third mast fell down and an unknown object at a fourth sparked off a bomb alert. Communication masts are important elements in Sweden’s emergency information system for the civilian population. Swedish police believe foreign powers may be behind the attacks. Russia is the only country seen as having both the capacity and the will to target Sweden.
- Public broadcaster Radio Sweden was hacked Wednesday, when a fake news report about a supposed ‘terror attack’ on Stockholm Arlanda Airport was posted on social media. There was no attack.
Major Swedish news media faced a coordinated Distributed Denial of Service (DDoS) network attack as recently as 19 March that is also believed traceable to Russia.
There were more incidents on Thursday (19 May):
- Air traffic control systems for Stockholm and large parts of Sweden went down at about 11 a.m. The Swedish Civil Aviation Administration told Swedish news media that the problems were due to «a data communication error.» Infrastructure Minister Anna Johansson told the Swedish news agency TT on Thursday that the exact cause of the problem had yet to be determined and was under investigation.
- Swedish State Railway SJ’s ticketing system suffered major glitches, making it impossible to buy tickets on line for an extended period.
It is unknown whether these events were in fact Russian cyber attacks. But the number of attacks from Russia are now so high that it keeps Sweden on its toes. In recent days, there have been a series of other serious incidents that have not yet become public knowledge, sources tell Aldrimer.no.
Behind closed doors there is a strong concern that several or all of these events are not random. Sweden already has strong circumstantial evidence and other information suggesting that these incidents are part of Russia’s increasingly brazen hybrid warfare forays against Sweden. Respected experts in the Military Intelligence and Security Service (MUST) and the Swedish security service Säpo believe, according to a variety of sources, that Russia is behind several or all of the incidents.
At the moment, the public does not know the real strength of Swedish forensic evidence. Fear of an escalation could also result in the outside world never finding out. The same concerns could cause officials to go on the offensive or seek to quash information because of this report by aldrimer.no. The current stance in NATO as well as in Sweden and Finland, which are not members of the Western military alliance, is for officialdom and national governments to curb escalation by hiding as many serious incidents as possible. The idea is that transparency could lead to a public outcry for countermeasures against Russia, which, according to the prevailing doctrine, could spin the situation out of control.
In what could be in accordance with such a strategy, Swedish authorities issued a statement Friday stating the events the last few days are unrelated. However, experts tell Aldrimer.no, the statement is probably closely linked to what the country feels it currently is able to legally prove. What intelligence it has and what the intel analysis might show, is a different matter alltogether. Intel source protection might also be a significant factor in what the country can and/or is able to share with the public.
However, the strategy of deflection is probably unwise, some analysts say, in the face of a Russia that is known for constantly flexing its military muscle and testing the limits of what it can get away with. There is also disagreement on the national government level in several countries, including Norway, about this the silent approach.
Russia has developed sophisticated methods for hybrid warfare, also called non-linear or ambiguous warfare, under the so-called Gerasimov Doctrine (named aftefor chief of the Russian General Staff Valery Gerasimov). Through various means, without Russia openly being behind them, the country seeks to seize the advantage without the burden of conventional military action. Cyber attacks, extortion, kidnapping, information operations, coercive diplomacy, attempting to create conflicts that may give the military room to manoeuvre, harassment and manipulation of social media are just some of the tools.
Unless it faces clear, tough countermeasures, Russia will continue to test the limits to see how far the country can push without suffering significant consequences. In this context, Sweden emerges as a country Russia feels confident in bullying. Neutral Sweden is not a NATO member. At the same time, Russia seeks to remind Sweden not to meddle in an on-going turf battle between Russia and NATO over military superiority in the Baltic Sea.
Sweden cannot exclude the possibility that recent events could be the prelude to more uncomfortable and difficult situations. The question is what the real Russian goal and endgame might be, and how it might be achieved. In limited military scenarios, Sweden fears that its island of Gotland might be vulnerable. That concern is underscored by Swedish-Finnish naval and land exercise SWEFINEX underway this week on and around these the strategically important Baltic Sea islands. There is also a large NATO and Russian military presence monitoring the exercise. In June, NATO and partners are holding the BALTOPS 2016 exercise in the Baltic Sea, with around 35 warships and 70 warplanes.
Recent events in Sweden have lead to a variety of crisis meetings in the Swedish government as the leadership seeks to find out what has happened and prepare for potential new twists and turns. Recent events also have a prehistory.
Early last November, Swedish authorities – either via MUST or the National Defence Radio Establishment (FRA) – alerted NATO to a serious cyber attack that was underway against the country. International power company Vattenfall was named in an urgent message to NATO as a possible target for the attack. An Advanced Persistent Threat (APT) hacker group with links to Russia was mentioned in Sweden’s reports to NATO. APT groups are capable of the most advanced, stealthy and continuous hacker attacks, often against a single, specific target. The APT group had previously carried out missions for the Russian Main Intelligence Directorate GRU.
At the same time as Sweden reported the serious cyber attack to NATO, the country experienced air traffic control problems that were similar to those that crippled traffic this week. The Swedish Civil Aviation Administration said a solar storm was the reason for the disruption of the Swedish air traffic control computer systems.
Read more: Sweden issued cyber attack alert
As Sweden was reporting on-going cyber attacks to NATO, the alliance also detected jamming of various communication channels for air traffic in the Baltic Sea region. The signals were traced to a new communications mast that Russia set up in its military enclave of Kaliningrad, south of Lithuania.
Just a few days after those incidents in Sweden and the Baltic Sea, hackers launched attacks on power companies in Ukraine. The first of at least three attacks occurred on 15 November, and was a major one, on a scale with a later 15 December attack. A third attack took place on 23 December that was smaller than the previous two, but drew the attention of the Western news media. The hackers switched off electrical power for several hundred thousand households during the depths of cold winter in Ukraine.
According to NATO sources, Russian special forces also attacked key points in Ukrainian power grid in tandem with and in support of those cyber attacks.
Read more: Vattenfall possible cyber target
That method of operation has clear similarities to recent incidents in Sweden, sources tell aldrimer.no.
Analysing events in Sweden easily shows how they could fit into a military plan of operation. In any military conflict, an advantage could be gained by controlling or crippling: 1) Power, 2) Transport (rail/aviation/shipping/roads), 3) Command and Control (telecoms, military and civilian communication, emergency information systems and hostile weapons systems), 4) News and public information platforms, 5) Water and Food supplies. An edge could also be gained in causing chaos and confusion, leaving the defenders unable to consider options before it was too late.
Russia appears to have already tested vulnerability and ability to reduce functionality for the first four categories in Sweden. In recent years, Russia has developed superior electronic warfare (EW) capabilities, which is a major concern for NATO. Russia appears to have the upper hand over the United States, NATO’s most important member, when it comes to electronic warfare. Experts say many US weapons systems are extremely vulnerable to Russia EW systems.
Russia has adopted a highly aggressive line in the Baltic Sea, as aldrimer.no has reported in several articles, including those about a secret NATO special forces exercise in Estonia in April 2015. Russia responded with an iron fist of intelligence prowess. Among other things, aldrimer.no reported that the Estonian Internal Security Services KAPO informed NATO that Russian special forces were believed to have operated within the Estonian territory at the time.
Those revelations drew a lot of attention in Estonia and led to intense efforts to dismiss the claims as absurd by Estonia’s prime minister and various levels of the Estonian government. But none of them managed to pinpoint any factual errors in aldrimer.no’s reporting on the issue.
Read more: War of nerves between Russia and NATO
Read more: – Russian special forces inside Estonia
Read more: Russian diplomats catalogue bridges
Now the stage is set for a serious tug-of-war in Sweden over which government agency is to take the lead in handling this troubling situation. If a foreign power is behind the attacks, Swedish police might not be the most natural agency to handle the threat. One Swedish source points to the country’s so-called IKFN Ordinance, which makes Swedish Defence Forces responsible for identifying and responding to any violation of Sweden’s sovereignty. Paragraph 3 of that law says the defence force ‘shall’ immediately step in to repel any violation of Swedish sovereignty. Sweden delegates this responsibility to the defence forces, giving it an independent mandate to react immediately without any political approval process. But in the face of Russian hybrid warfare, it may become increasingly difficult to say what actually constitutes an infringement of Sweden’s sovereignty.
In the event of further escalation, such as if Sweden experiences more dramatic incidents in the near future, a discussion on whether this is a military or a civilian task could also be triggered. Swedish experts, speaking on the condition on anonymity, said under international law, the country is already facing what could be called ‘warlike’ acts. But Sweden knows it could never emerge unscathed from a direct conflict with much larger Russia. Nor is there anything to gain from a direct confrontation with Russia in full public view. However, simply turning the other cheek could result in Sweden having to endure harder and harder slaps. As before, Russia will continue to see how far it can push things. The Swedish government is facing a difficult balancing act.