The Russian GRU has never truly prioritized operational security in its intelligence efforts. Mission success, rather than secrecy, has always been its priority, and in turn makes the GRU inherently aggressive. This preference lies in the GRU’s existence as a military organization, where the Russian military prioritizes mission success over anything else. In the last 5 years alone, the GRU’s efforts in Crimea, the Donbas, the 2016 American presidential election, and Novichok assassination attempts in England have been exposed through journalists rather than Five Eyes (FVEY) intelligence efforts and represent aggressive actions through the lense of intelligence operations. The GRU’s actions have implications for the inner workings of Russian intelligence services.
In March 2018, Russian GRU operatives attempted to assassinate a GRU defector and his daughter with the potent nerve agent Novichok in Salisbury, England. The fact that GRU’s involvement was exposed introduces a conundrum for GRU leadership. On one hand, targeting individuals in traditionally otherwise “safe” areas, the GRU aims to deter potential defectors and make the recruitment pitch for FVEY officers more difficult, as potential assets have less faith their handlers can protect them. The attack on Western soil serves as a fear tactic for other Russian dissidents. On the other hand, such a brazen action with easy attribution to GRU officers led to a widespread effort confronting Russian intelligence abroad. Putin, the former intelligence officer and Chekist aficionado, hates nothing more than substantial degradation of intelligence operations due to sloppiness. On top of that, sanctions issued in response to the Novichok operation will continue to tighten the noose around Russia’s economy and further hamper Russia’s ability to innovate in key technological spaces. Nikolai Patrushev, the director of Russia’s National Security Council and widely understood to be one of Russia’s most powerful men, openly acknowledged that Western sanctions “were creating serious problems” for Russia’s ability to access key technologies. If the U.K. chooses to further punish Russia for its actions, it may use any legal case against the would-be Novichok assassins as justification for an aggressive counterintelligence operation to burn a large segment of the GRU network-furthering angering President Putin.
Furthermore, Special Counsel Mueller’s investigation has revealed the GRU’s involvement in the 2016 presidential election. Specifically, the Mueller indictments hold a surprising level of detail about the GRU’s personnel and operations. Not only are the indictments an astonishing embarrassment for the GRU and have to face Putin’s backlash because of it, the amount of detail revealed in Mueller’s indictments has daunting counterespionage implications. In response, the GRU is forced to figure out how Mueller and the United States know so much. Complicating matters, the GRU does not run its own counterespionage investigations. It must work in conjunction with the FSB’s First Service. The GRU’s main rival, in terms of political influence inside Russia (The FSB), is now likely in charge of a molehunt and review of security policies inside of the GRU’s cyber forces.
Such a development only harms GRU director Korobov. Of Russia’s three intelligence services, the FSB and its director Bortnikov have the closest relationship with President Putin and National Security Council Director Patrushev. SVR director Naryshkin has aligned himself with Bortnikov to further his own standing and to isolate the GRU. This kind of politicking is standard in Russia’s hyper competitive intelligence culture. In terms of Kremlin relationships, GRU and Korobov exist on an Island with their only companion being the Minister of Defense, Sergei Shoigu-who has limited and diminishing influence himself. Mr. Korobov finds himself in an increasingly precarious political position.
GRU’s failures in the 2016 election and the Novichok assassination attempt build upon previous failures, such as the MH17 shoot-down and the undeniable cooperation of GRU officers with Syrian forces. This degrades the goodwill and prestige that the GRU had built inside the Kremlin after its achievements in Crimea and the Donbas war. Moving forward, the GRU and Korobov himself will pursue one of two strategies. First, the GRU can restrain itself. With this approach the organization will increase its operational security and reduce its aggressive posture to conduct its routine tasks while headlines surrounding its activity, domestic political pressures, and the likely molehunt by the FSB, culminate and reduce the scrutiny placed on it. Alternatively, and more likely than the first option, the GRU will embrace the competitive culture of Russian intelligence and pursue additional operations to support Russian national objectives in order to impress and win good graces of Kremlin leadership. This will result in heightened GRU activity across its targeted mission areas. FVEY agencies will see additional activity from the GRU in Ukraine, Syria, influence operations, and computer network exploitation. It would be wise to anticipate potential activity and devot intelligence resources to collecting on GRU activity. In the case of influence operations and cyber operations, the United States and its allies should take precautionary measures to shore up network defenses and make prudent disclosures of influence operations to reduce their effectiveness. Korobov’s GRU will go down swinging.