The purpose of Computer Network Operations (CNO) and Electronic Warfare (EW) are, put quite simply, to create and deny access to information. Typically considered tools to interfere with the decision making of leaders, they are being used by the Russians to shape international opinion. Georgian CNO, having been defeated and on the retreat, moved some sites to Google-hosted services. Whether these are in the United States or not is unknown. The question hasn’t been raised so far, perhaps because Google largely operates in its own pseudo-sovereign realm.
The Associated Press is reporting that some Georgian sites (maybe the same sites?) have been moved to U.S. servers:
The website of the president of Georgia, the small nation that is battling Russian forces over a breakaway enclave, was moved to a U.S. hosting facility this weekend after allegedly being attacked by Russian hackers.
The original servers located in the country of Georgia were “flooded and blocked by Russians” over the weekend, Nino Doijashvili, chief executive of Atlanta-based hosting company Tulip Systems Inc., said Monday.
Making this particularly interesting is the question of whether these servers are U.S. sovereign territory. If so, then the Russian hackers, government or not, are attacking the United States. This would be like a foreign national taking refuge inside an American embassy and the local police charging in after them. This is at least the position of some of the U.S. government even if they don’t realize it.
How so, you ask?
Simply put, the U.S. Government is prohibited from engaging discussion boards, blogs, etc. hosted on U.S. servers in part because of the modern interpretation of Smith-Mundt, but not entirely. The concern is the U.S. Government, mostly military as they are the most active in the informational sphere, may influence American citizens by virtue of the fact the server is on American soil regardless of the physical location of the users. So-called “public affairs authority” changes things a bit and permits access, but there remain special considerations for engaging U.S.-based servers.
So, if the U.S. considers U.S.-based servers as the equivalent of U.S. physical territory for the purpose of informational engagement, how is a foreign attack on the same not an incursion against the United States? This dichotomy is going to hurt us sooner than we think.
As I noted earlier, the Georgian dilemma highlights the extreme importance of information in wars among people and the critical requirement to get your side of the story into the information ecosystem. This war of bits and bytes is ultimately a war of perceptions. There is a “tremendous symphony” playing globally right now that involves the government of Russia as well as private sympathizers (e.g. private citizens acting on their own or with encouragement) that is drowning out the Georgians. The Russians cannot have information superiority unless they deny their adversary the ability to communicate, and then they can propagate their message without a counter-narrative, truthful or not. The cyber attacks are muzzling Georgia to prevent opportunities to portray the Russians as anything but “peacekeepers” and “defenders.”
(H/T on the AP article to Jeff Carr)