Will Russia launch another cyber attack on America?

Political circles in Washington are currently debating how Vladimir Putin might react to a major contraction in the Russian economy and clear signs that Moscow is losing the war in Ukraine. Some posit that a cornered, furious, and near-defeated president might indeed react brutally, shifting the proxy confrontation from a new Cold War front to a cyber battleground, where Russia has a plus great advantage, and launching a massive cyberattack against the United States. . However, several key factors call this thesis into question.

Like Iran and North Korea, Russia is known to be responsible for some of the most aggressive large-scale cyberattacks. However, these cyber tactics have played a rather peripheral role, either supporting conventional warfare or through disinformation campaigns that serve to sow chaos and panic among targeted societies. For the first time, a known state-sponsored attack occurred in 2007 and lasted twenty-two days when the Russian military intelligence unit, the GRU, targeted commercial, government and name system servers. domain names (DNS) and Estonian online banking systems. . The attacks fell into the Denial of Service (DoS) and Distributed Denial of Service (DDoS) categories which include methods such as ping flooding, spam distribution, botnets and phishing emails. In 2008, as part of a Hybrid War amid the occupation of Abkhazia and South Ossetia, Russia defaced Georgian state websites. In 2015, following the annexation of Crimea and the occupation of eastern Ukraine, a GRU proxy group named Sandworm attacked the Ukrainian. electrical network and deprived more than 200,000 people of electricity for six hours. In 2017, the NotPetya malware attack on Ukraine had an unprecedented impact on major Western companies in Europe and the United States such as Mondelez International and Maersk, and even hit back at Russian oil company Rosneft . It paralyzed thousands of networks. The global cost caused by the malware reached $10 billion, encapsulating the largest cyberattack in history. Additionally, just a month ago, Russia unsuccessfully attempted to attack Ukraine’s power grid with advanced malware classified as a windshield wiper. Abroad, a Russian hacking group called FancyBear meddled in the 2015 US presidential campaigns and the 2016 county-level federal elections. At this point, while Russian cyber tactics are common and manifold, they represent a secondary function in the hybrid warfare that Moscow is waging alongside disinformation campaigns and conventional military operations.

Nevertheless, cybersecurity experts speculate on a series of consequences in a worst-case cyber-scenario: Russia could attempt to attack American critical infrastructure, turn off lights, target the operation of ATMs and credit card systems. credit, attacking Amazon’s cloud, disrupting transportation and clean water supplies, and targeting pharmaceutical companies’ manufacturing facilities, power grids, and colonial pipelines. But will such a threat manifest itself?

Not only would a cyber attack on the United States contradict the historically peripheral nature of Russian cyber warfare, but Russia’s cyber capability would be insufficient for the task. In recent years, the West has vastly overestimated Russian military capabilities in conventional warfare. US intelligence agencies have predicted the 2022 war in Ukraine will be the most destructive the European continent has seen since the end of World War II, expecting the fall of Kyiv to come within days. However, the endless war still going on has exposed weaknesses in the Russian armed forces, its military arsenal and its strategic leadership. Russian officials, for their part, underestimated the strength of Ukrainian resistance and the united stance of the international community. Devoting just over 4% of the country’s GDP to the military, the Russian president is mobilizing domestic support for the military budget by articulating the external threat of NATO. In a relatively undigitized society like Russia, lobbying to spend more on e-budgeting would prove less effective. Given this, it seems possible that the West is also overestimating Russian cyber proficiency.

Moreover, Russia is unlikely to carry out a cyberattack against the United States due to fears of retaliation on multiple fronts. Russian society is already suffering the consequences of the war: an economic crisis and the psychological pressure of being considered a global pariah. In the event of a Russian cyber attack, the consequences of US cyber retaliation would first affect the public. Under current conditions, depriving people of water and electricity could spark public discontent on an unprecedented scale. Decades of increasingly authoritarian leadership have undoubtedly spawned public grievances hidden deep within society. At some point, this simmering discontent can escalate into indignation. Putin can ill afford to face further domestic turmoil now.

Current US cyber capabilities could also contribute to the fear of retaliation. Over the past few years, the United States has developed an impressive cyber infrastructure, restructured its governance system, and invested in cyber training and education. As Richard Clarke and Robert Knake point out in their book, The fifth domain, Following the Cold War’s strategy of deterrence and containment, the United States largely refrained from becoming involved in cyber counter activities. If America has long focused on a defensive cyber policy, today the US Cyber ​​Command favors offensive measures. For example, in 2019, the United States successfully targeted Iran’s intelligence service and missile launch system in response to an Iranian strike against a US drone and US tankers. Earlier in 2012, the Stuxnet computer Earthworm, designed in cooperation with Israel, successfully infiltrated nuclear facilities in Iran.

In addition to an offensive preference, a more consolidated governance system and set of regulations have advanced American cybersecurity. A clear division of roles and responsibilities between the Department of Homeland Security and US Cyber ​​Command and relevant leaders has improved the incident reporting and information sharing system. It has facilitated communication within federal agencies and between government, the private sector and the public. US private companies are now spending billions of dollars on cybersecurity, employee training and encrypted channels. The United States also plays a leading role in working with strategic allies on sharing best practices, detecting network vulnerabilities, and promoting cyber hygiene.

International cooperation to this degree is not an asset from which Russia benefits. With the support of research and development projects, expertise and training from NATO’s Cooperative Cyber ​​Defense Center of Excellence, US retaliation for a possible Russian cyberattack could be not only detrimental, but even deeper in as a multilateral response. Based on all of this, the fear of retaliation could indeed prevent Putin from engaging in offensive cyber operations against the United States.

Finally, Putin lost the upper hand by launching a surprise attack. For example, Russia invaded Georgia during the Beijing Olympics in 2008 and Ukraine during the Sochi Winter Olympics in 2014. When Putin went to war with Ukraine in 2022, by the way , immediately after the Beijing Winter Olympics, the West anticipated it. Putin still invaded Ukraine. He is unlikely to act recklessly in this way again, given the failures the Russian military has experienced since the invasion. Moreover, knowing that the United States and European allies have protected themselves, Putin has no reason to strike. Nevertheless, would Putin wait for a better moment? Or reduce a potential attack, for example, by interfering in the US midterm elections in November?

However, that would be misleading., underestimating Russian cyber capabilities or Putin’s mind games and losing vigilance. In 2020, despite denying involvement, Russia blatantly hacked US software company SolarWinds. By installing malware in the company’s updated Orion software program, the attack affected thousands of customers, around 100 companies such as Microsoft and Intel, and some federal agencies such as the Treasury Department, the Pentagon and the Cybersecurity and Infrastructure Security Agency. Cyber ​​experts have called the code used phenomenal. Even more surprisingly, without a proper performance review and investigation, the attack could have easily gone unnoticed. For more than six months, Moscow tracked emails and other traffic of sensitive information. Could there already be similar malware in US networks?

Today, on the brink of a new Cold War, the United States must remain vigilant when it comes to cybersecurity. Although there are significant factors that cast doubt on the likelihood of an imminent Russian cyber-retaliation, the United States should not ignore the potential for malicious activity in the near future. He must keep a sober outlook and not act hastily. In setting long-term priorities, the United States must continue to advance cyber mechanisms that detect sensitive activity like the Solar Winds hack, and invest more in cyber hygiene training and education for government agencies, private companies and the public. He should not neglect to regularly test offline backups, run software updates, report incidents, use multi-factor authentication, block unusable domain IP addresses and assess third-party risks .

While Putin’s intentions are far from clear, his decision to pursue a cyberattack on critical US infrastructure that would instantly shut off electricity or disrupt clean water supplies, the breach could occur in any way unexpected, and soon. Conquered by sanctions and overwhelmed by the bitterness of defeat, Putin could act with fury. The United States and its Western allies must be vigilant and maintain strong lines of communication about any malicious activity. With a strong multilateral front in the West, Russia will have less incentive to engage in cyber warfare.

Comments are closed.