Main Image Credit Breaking the circuit: Western electronics have been found in significant quantities in Russian military systems. Image: Thicha / Adobe Stock
RUSI’s Silicon Lifeline investigation highlights the challenges of industry outreach and building private-public partnerships to ensure export controls bite.
RUSI’s Open Source Intelligence and Analysis Research Group recently released a report that delved into Russia’s procurement of Western technology – namely defence and dual-use electronics – to sustain its war machine and military operations in Ukraine. While some earlier reports had shown Russia’s use of these foreign-sourced items, no research thus far has shown such widespread reliance on these imported electronics in such a range of Russian systems abandoned or destroyed on the battlefields of Ukraine.
Russia’s seeming dependency on Western electronics raises important policy questions – particularly for the implementation of the 2014 arms and 2022 dual-use goods embargoes on Russia. How can Western governments best counter Russian procurement networks? Are there ways that export controls can be better implemented, and exporters better informed of the risks? And what can exporters themselves do to mitigate against the diversion of their products? These are all challenging questions, and ones that have frequently raised their heads throughout the Cold War and since.
This commentary considers the importance of the Silicon Lifeline data, the nature of Russia’s procurement efforts, and what can be done to counter them. It argues that although there are clearly some steps that can be taken to raise industry awareness and to build resilience to counter suspicious enquiries, unfortunately the advantage is often with those running the illicit procurement networks rather than those seeking to counter them.
A Treasure Trove of Information
In the field of arms embargoes – and the export controls and other measures used to implement them – there are often limited opportunities to see inside the adversary state’s weapons systems. The ratio between indigenous technology, foreign assistance and procured items, as well as a sanctioned state’s ability to design its own systems or rely on stolen or gifted designs, is often unclear. These systems largely remain a black box to those outside of the embargoed state’s defence industrial complex.
Any insights into this black box are hugely valuable – both for understanding the specific sanctioned state’s weapons and industrial base, and for understanding the effectiveness of export controls. Opportunities affording insights, however, tend to be rare: a Soviet submarine fished off the seabed in the mid-1970s in an audacious undercover operation; a Soviet Mig-25 flown by a defecting pilot to Japan in the late 1970s; or more recently North Korean and Iranian missile wreckage recovered from the seabed and around Riyadh airport, respectively. It is even rarer that this type of information, or analysis involving it, makes it into the public domain.
Silicon Lifeline provides an unusual level of insight into a range of systems, fielded in the present day by a major strategic competitor of the West – one that is the reason for the existence of the NATO alliance. Information of this significance and scope is comparable to that obtained by UN inspectors crawling all over Iraq’s weapons programmes in the 1990s after the Gulf War, or that which Western powers were able to gain from the East German equipment incorporated into a united German military in the early 1990s, or that acquired from former Eastern Bloc states which joined NATO in the 2000s.
Russia’s Procurement Networks
When considering the networks outlined in the report, it is worth distinguishing between the two ends of a wide-ranging spectrum of actors: Russian operatives and those under their direction based overseas, and naïve and unwitting exporters targeted for their technologies. The Russian operatives, as the report notes, have a long history of assertively seeking Western technologies during the Cold War.
Although there are clearly some steps that can be taken, unfortunately the advantage is often with those running the illicit procurement networks rather than those seeking to counter them
The KGB and other intelligence organisations have long been involved in illicit procurement and technological espionage, with intelligence operatives having many of the skills needed to run these types of operations. These networks can be nimble and are able to adapt quickly. They work transnationally utilising ‘third country hubs’ to obscure the Russian end user, and to alleviate industry concern. As has been shown in recent years, however, Russian intelligence operations can also be far from competently run.
The government bureaucracies seeking to counter these networks are less nimble, and often struggle to keep up with rapidly changing entities, aliases and modi operandi. Collaborating, investigating and acting against these networks across state borders adds an extra element of complication – particularly when states place different priorities on the enforcement of sanctions and export controls and countering the Russian threat.
Getting to these aspects of the procurement networks – the Russian procurement operatives and the middlemen in third-country jurisdictions – is challenging. This is particularly the case when many lie outside of friendly jurisdictions willing to collaborate on enforcement operations. Acting against intelligence networks often results in reciprocal action. The US has developed an extraterritorial toolset that it has used to counter WMD procurement agents and other malfeasants overseas, albeit with angry responses and pushback from some jurisdictions.
Strengthened Export Controls?
The witting aspects of Russia’s networks described above are only interested in export controls in terms of understanding how to circumvent them. However, to counter unwitting technological leakage, as the report notes, there is a role for strengthening these tools. As governments digest the dataset behind the report, technical analysts in various government departments will spend time thinking about whether and where controls could be tightened. Indeed, in the UK an inquiry was already launched to this end.
Strengthening controls is a challenging endeavour for a variety of reasons. The technologies that Russia is seeking – largely electronic components – are what are described as dual-use technologies, having both potential civilian and military uses. While military-grade electronics – those that are resistant to heat, shock and vibration – are optimal for military applications, civilian equivalents can sometimes be substituted and just fail more often, allowing procurement agents to shop below the control thresholds.
Beyond the nature of the widgets themselves, export controls are essentially about balancing economics and security. Altering controls is likely to be considered in government departments along the lines of ‘what will this cost us in terms of legitimate business?’ and ‘what security benefit will this add?’ For controls to be effective, any changes have to be well communicated to industry, as well as possible to comply with. There may be places where controls can indeed be tightened, and some announcements over the coming months are likely.
The Naïve and Unwitting Businesses Targeted
Of the Western entities listed in the report, or more broadly found to have contributed to Russia’s war machine, many will have been unwittingly targeted, or implicated due to naïve practices. Some will likely receive – or have already received – visits by enforcement or intelligence agencies. Different countries approach this in different ways, with some like the US much more assertive in their export control enforcement efforts, and others taking very limited interest.
Outreach to industry is key, both to ensure compliance with the controls and to facilitate industry going beyond-compliance where necessary to prevent illicit trade
These visits will often involve combing through their order book to identify further procurement attempts, as well as discussions about avoiding being targeted and how to identify suspicious enquiries. These discussions when things have gone wrong can be a scary experience, but also often help to set a firm on the path to taking illicit trade more seriously. Beyond the risk of fines and imprisonment for breaching export controls, firms supplying the defence and aerospace sector are often particularly cognisant of the risks of being blacklisted and losing access to these markets.
The specific challenges faced by the electronics industry are worth mentioning. Some firms that make very sensitive technologies – particularly working in the very specialised defence and nuclear sectors – will make a limited number of sales a year. Clients are often repeat customers, and well known to the supplier. Many electronics exporters sell at high volume to a huge range of customers. The majority of business likely comprises off-the-shelf components, with the largest distributors offering hundreds of thousands of products, and tens of thousands of new products a year. Understanding the control rating for these products is possible, and necessary for compliance; but a key part of preventing illicit sales will be understanding the end user, which is difficult with so many changing customers.
What Can be Done? Outreach to the Private Sector
Outreach to industry is key, both to ensure compliance with the controls and to facilitate industry going beyond-compliance where necessary to prevent illicit trade. Going beyond-compliance is sometimes necessary since companies can comply with the controls and still have their goods end up in military programmes. There is some room for ambiguity in the controls because ‘catch-all’ or ‘military end-use’ controls require exporters to apply for a license for non-controlled goods in certain circumstances – for example, if they ‘are aware’, ‘know’ or ‘suspect’ that goods may be destined for military end uses.
Some lists are available to screen customers against – for example, the UN, US, EU and UK sanctions lists – although few of these are designed for exporters rather than financial service providers. There are also often clear limits to a list-based approach, with lists updated infrequently and perhaps viewed by some as providing a safe harbour (‘if the customer is not on the list, it is OK!’).
Industry’s enhanced due diligence – a requirement more routinely codified and practiced in the financial services industry – can be crucial in uncovering which enquiries are suspicious. Basic Google searches of entities, unique identifiers like phone numbers and addresses, and even searching consignment addresses on Google Street View may help enhance certainty. Also, communication between sales departments and technical staff can help to ensure goods requested are appropriate for the stated end uses. All this can take time and resources to get right, and these are not in abundance in small exporting companies.
Red flag indicators have been created by the US government to help exporters in this regard. Governments also tend to provide compliance training, alongside consultancies and sometimes nongovernmental organisations. The key question is how to reach those companies that neither have a bad experience, nor willingly attend these trainings and use other resources. How can a broader resilience best be built to prevent Western companies from contributing to Putin’s war machine?
The Silicon Lifeline report provides new data and novel answers to questions around the technological support for Putin’s war. It also raises further intriguing questions about the technological dependency of the Russian war machine. Steps can clearly be taken to help to break the circuits – the illicit networks – circumventing the West’s arms embargo. As this cat and mouse game continues, industry needs to be central to these efforts.
The views expressed in this Commentary are the author’s, and do not represent those of RUSI or any other institution.
Have an idea for a Commentary you’d like to write for us? Send a short pitch to firstname.lastname@example.org and we’ll get back to you if it fits into our research interests. Full guidelines for contributors can be found here.
Read the Special Report
Dr Daniel Salisbury
RUSI Associate Fellow - Expert in nuclear security and open source intelligence