Site icon CTIN

From Ballots to Bank Accounts: How Russia is Disrupting Western Democracies and Economies

Earth sunrise North America with light clouds

Russia’s hybrid warfare approach has been elevated to new levels in their last gasps from the failures of the Ukraine campaign. They have accelerated their use of information operations against NATO and Western country targets in their recent strategies. These include an adoption of a de-dollarization strategy, continued implicit support of cybercriminal networks targeting Western country critical infrastructure with ransomware, and ongoing election interference operations in Europe and the US to manipulate public opinion. This article will outline some of the most recent and egregious efforts by Russia and its proxies (including cybercriminal gangs) to promote this agenda.

Blockchain Based Central Currency

Russia’s digital ruble, a central bank digital currency (CBDC), is being developed as a strategic tool to mitigate the impact of Western sanctions and reduce the country’s reliance on the US dollar. This initiative is part of Russia’s broader de-dollarization efforts, which have been accelerated due to the financial restrictions imposed following its invasion of Ukraine.

Motivations for the Digital Ruble


Sanctions Evasion

Economic and Political Objectives

Economic Resilience

Political Control

  • Strengthening Economic Control: The digital ruble allows the Russian government to closely monitor and regulate digital transactions, helping combat tax evasion and ensuring compliance with national financial regulations[1].
  • Potential for Social Control: There are concerns that the digital ruble could be used as a tool for increased surveillance and control over citizens, as it enables the government to track all transactions.

Cybercriminal Activity

The Russian government has a well-documented history of turning a blind eye to cybercriminal activities as long as these activities do not target Russian businesses or interests. This tacit approval allows cybercriminals to operate with relative impunity, provided they adhere to certain unspoken rules.

Non-Prosecution of Domestic Targets

Implicit Permission to Cybercriminal Gangs and Financial Expectations

The Eldorado ransomware group exemplifies the cozy relationship between the Kremlin and cybercriminal gangs. This group has quickly risen to prominence by developing sophisticated ransomware that targets both Windows and Linux systems, causing significant damage to its victims’ data and business operations.

Operational Tactics of Ransomware Gangs

The cybercriminal market in Russia thrives under the implicit protection and support of the Kremlin. By allowing cybercriminals to operate freely as long as they do not target Russian interests, the government not only benefits financially but also leverages these activities for strategic advantages. The Eldorado ransomware gang is a prime example of this symbiotic relationship, highlighting the complex interplay between state interests and cybercriminal operations.

Information Operations

Russian foreign information manipulation and influence (FIMI) operations have become increasingly sophisticated and pervasive, targeting both Europe and the United States. The following are key elements of these operations:

Vast Multimedia Influence Apparatus

Use of Generative AI

Targeted Narratives

Hybrid Campaigns

Strategic Use of Social Media and Fake Websites

Importance for US Policymakers

Russian FIMI operations pose a significant threat to the integrity of democratic elections by spreading disinformation and creating confusion among voters. Maintaining public trust in the electoral process is crucial. Disinformation campaigns can erode this trust, leading to decreased voter confidence and participation. Policymakers need to develop strategies to counteract the spread of false information and ensure that the public has access to accurate and reliable information. Increasing public awareness and digital literacy can help citizens recognize and resist disinformation.

Ensuring National Security Against Foreign Influence

Regulatory and Policy Measures

Technological and Cybersecurity Measures

Russian FIMI operations represent a multifaceted threat that requires a comprehensive and coordinated response from US policymakers. By addressing these key elements and implementing robust countermeasures, the US can better protect its democratic institutions and maintain public trust in the electoral process.

Communications Interference in Europe

Russia has been systematically interfering with satellite communications as part of its hybrid warfare strategy. This interference has affected GPS signals, television channels, and other critical satellite services across Europe. The United Nations’ International Telecommunication Union (ITU) has condemned these actions, highlighting their impact on navigation, air traffic control, and media broadcasts.

Hybrid Warfare Tactics

Russia’s interference with satellite communications is a component of its broader hybrid warfare tactics, which combine conventional and unconventional methods to undermine adversaries. These tactics include:

Implications for Western Civilization

Strategic Disruption

Psychological and Economic Impact

Testing and Preparing for Future Conflicts


Russia’s systematic hacking and FIMI campaigns coupled with de-dollarization and interference with satellite communications are all strategic components of its broader hybrid warfare tactics aimed at undermining Western civilization. By disrupting critical infrastructure, spreading disinformation, and testing NATO’s defenses, Russia seeks to exploit vulnerabilities and create divisions within Western societies. The implications of these actions are profound, affecting economic and political stability, navigation safety, and public trust, while preparing the ground for potential future conflicts.

MastodonLinkedInRedditBloggerSlashdotEvernoteDiggPinterestTumblrTelegramSnapchatWhatsAppMessengerXFacebookCopy LinkEmailPrintShare
author avatar
RJG CTIN President & Co-Founder
Jane Ginn As the co-founder of the Cyber Threat Intelligence Network (CTIN), a consultancy with partners in Europe, Ms. Ginn has been pivotal in the development of the STIX international standard for modeling and sharing threat intelligence. She currently serves as the Secretary of the OASIS Threat Actor Context Technical Committee, contributing to the creation of a semantic technology ontology for cyber threat actor analysis. Her efforts in this area and her earlier work with the Cyber Threat Intelligence (CTI) TC earned her the 2020 Distinguished Contributor award from OASIS. In public service, she advised five Secretaries of the US Department of Commerce on international trade issues from 1994 to 2001 and served on the Washington District Export Council for five years. In the EU, she was an appointed member of the European Union's ENISA Threat Landscape Stakeholders' Group for four years. A world traveler and amateur photojournalist, she has visited over 50 countries, further enriching her global outlook and professional insights. Follow me on LinkedIn:
Exit mobile version