The Cable
The Cable goes inside the foreign policy machine, from Foggy Bottom to Turtle Bay, the White House to Embassy Row.

In a Hacked Ukrainian App, a Picture of the Future of War

Russian military intelligence hackers targeted both the DNC and Ukrainian artillery troops.

A Ukrainian serviceman smokes while manning a position near Svitlodarsk, in the Donetsk region, on February 21, 2015. The continued fighting in eastern Ukraine has made a mockery of the West's latest attempts to negotiate a ceasefire but may ultimately pave the way for a more durable peace, say analysts. AFP PHOTO/ ANATOLII STEPANOV        (Photo credit should read ANATOLII STEPANOV/AFP/Getty Images)
A Ukrainian serviceman smokes while manning a position near Svitlodarsk, in the Donetsk region, on February 21, 2015. The continued fighting in eastern Ukraine has made a mockery of the West's latest attempts to negotiate a ceasefire but may ultimately pave the way for a more durable peace, say analysts. AFP PHOTO/ ANATOLII STEPANOV (Photo credit should read ANATOLII STEPANOV/AFP/Getty Images)
A Ukrainian serviceman smokes while manning a position near Svitlodarsk, in the Donetsk region, on February 21, 2015. The continued fighting in eastern Ukraine has made a mockery of the West's latest attempts to negotiate a ceasefire but may ultimately pave the way for a more durable peace, say analysts. AFP PHOTO/ ANATOLII STEPANOV (Photo credit should read ANATOLII STEPANOV/AFP/Getty Images)

Ukrainian artillery forces and the Democratic National Committee have something surprising in common: They were targeted by the same Russian code and spied upon by the same military intelligence unit.

Ukrainian artillery forces and the Democratic National Committee have something surprising in common: They were targeted by the same Russian code and spied upon by the same military intelligence unit.

The finding, contained in a report released Thursday by security firm Crowdstrike, provides additional evidence linking hackers working on behalf of the Russian state — in this case, Russian military intelligence, or GRU — with the 2016 digital break-in at the Democratic headquarters. Emails stolen from Democratic Party servers eventually turned up on WikiLeaks and are a central part of what American intelligence officials describe as an effort by Russia to influence the U.S. election in President-elect Donald Trump’s favor.

Thursday’s report provides a direct line between the information operations carried out against American political organizations, and the ongoing armed conflict in eastern Ukraine. It illustrates how hacking represents not just a tool used in propaganda operations but in traditional military engagements.

According to Crowdstrike, a hacking group known Fancy Bear attempted to spy on Ukrainian artillery units by distributing a bogus Android application used for weapons targeting. It is unclear how successful the effort was, but according to the firm, the app had “the potential ability to map out a unit’s composition and hierarchy, determine their plans, and even triangulate their approximate location.”

The app in question allowed Ukrainian military forces to more quickly pinpoint their targets and was distributed to units operating the Soviet-era D-30 towed howitzer. Russian hackers distributed their version of the app on social media forums popular among Ukrainian service members. Ukrainian troops operating the D-30 suffered above-average casualty rates, and Crowdstrike speculates that this may have been as a result of being tracked by the malicious app.

In the video below, Ukrainian forces use the application in the field.

Yaroslav Sherstuk, the creator of the application, has denounced the Crowdstrike report on social media, calling it “rotten information,” and said that he tightly controlled its distribution.

The military impact of the application is difficult to assess, but its discovery by Crowdstrike provides a fascinating insight into the operation of Russian military intelligence. Both the Ukrainian app and the DNC break-in relied on a malware strain known as X-Agent. Its presence in both operations illustrates the variety of functions taken on by the Russian military intelligence force — from a pure digital break-in, to a sophisticated propaganda operation, to traditional military intelligence activities, all of which are carried out in cyberspace.

By leveraging a mobile application for military purposes, Crowdstrike argued that Russian forces are delivering on what Moscow’s military thinkers describe as the “the practical application of full-spectrum combat.”

“As a part of full-spectrum operations in Ukraine, Russia-based adversaries have leveraged malware on the battlefield, in the civil sector, and against critical infrastructure,” Crowdstrike wrote in its report. “They have also engaged in aggressive information operations in the media. In relation to this broader picture of Russian computer operations, the approach to targeting mobile smartphone and tablet devices in order to gain strategic insight into communications is a tactic that cannot be disregarded.”

In the aftermath of Russian efforts to tilt the election in Trump’s favor, American officials are carrying out a painful examination of just what went wrong. The White House has commissioned a review of attempts to influence recent presidential elections, and there are growing calls on both sides of the aisle on Capitol Hill for an investigation into the attacks on the DNC and other political organizations.

Trump has denounced these inquiries — which aim to more fully understand Russia’s meddling in the election — as an attempt by Democrats to undermine his legitimacy. But American intelligence officials have said in public statements and a series of leaks that they are in possession of hard evidence linking the cyber-interference to senior Russian officials, including Russian President Vladimir Putin. Firms such as Crowdstrike, which investigated the DNC breach, have presented public evidence linking Russia to a campaign of hacking into email accounts and publishing the purloined evidence.

But that hasn’t stopped Trump from rejecting their findings. He has compared the intelligence assessment about Russia’s intervention on his behalf to false claims about Saddam Hussein’s weapons of mass destruction ahead of the 2003 invasion of Iraq.

Regardless of Trump’s refusal to face up to the evidence, 2016 has now provided a fascinating case study on the cutting edge of information operations and low intensity conflict. In the United States, it includes hacking and publishing the stolen material. In Ukraine, it takes the shape of a bogus artillery-targeting application.

ANATOLII STEPANOV/AFP/Getty Images

Twitter: @EliasGroll

More from Foreign Policy

A photo illustration shows Chinese President Xi Jinping and U.S. President Joe Biden posing on pedestals atop the bipolar world order, with Indian Prime Minister Narendra Modi, European Commission President Ursula von der Leyen, and Russian President Vladamir Putin standing below on a gridded floor.
A photo illustration shows Chinese President Xi Jinping and U.S. President Joe Biden posing on pedestals atop the bipolar world order, with Indian Prime Minister Narendra Modi, European Commission President Ursula von der Leyen, and Russian President Vladamir Putin standing below on a gridded floor.

No, the World Is Not Multipolar

The idea of emerging power centers is popular but wrong—and could lead to serious policy mistakes.

A view from the cockpit shows backlit control panels and two pilots inside a KC-130J aerial refueler en route from Williamtown to Darwin as the sun sets on the horizon.
A view from the cockpit shows backlit control panels and two pilots inside a KC-130J aerial refueler en route from Williamtown to Darwin as the sun sets on the horizon.

America Prepares for a Pacific War With China It Doesn’t Want

Embedded with U.S. forces in the Pacific, I saw the dilemmas of deterrence firsthand.

The Chinese flag is raised during the opening ceremony of the Beijing Winter Olympics at Beijing National Stadium on Feb. 4, 2022.
The Chinese flag is raised during the opening ceremony of the Beijing Winter Olympics at Beijing National Stadium on Feb. 4, 2022.

America Can’t Stop China’s Rise

And it should stop trying.

Ukrainian President Volodymyr Zelensky looks on prior a meeting with European Union leaders in Mariinsky Palace, in Kyiv, on June 16, 2022.
Ukrainian President Volodymyr Zelensky looks on prior a meeting with European Union leaders in Mariinsky Palace, in Kyiv, on June 16, 2022.

The Morality of Ukraine’s War Is Very Murky

The ethical calculations are less clear than you might think.