The Ploonge Global Affairs Project examines the increasingly intertwined relationship between the technology industry and global politics.
As Russian troops prepare to re-invade Ukraine, much attention has been focused in recent days on how to prevent the conflict from escalating. Recent (and likely ongoing) escalations of cyberattacks in Ukraine suggest that this conflict will unfortunately be severe in the digital realm. And unlike a ground invasion, the US government warned that the digital conflict zone could expand to include the United States as well. Years of Russian cyber probing and “preparing the environment” could culminate in significant and potentially destructive attacks against US private sector interests in the coming weeks and months.
If that level of vulnerability seems intolerable, well – it should. But how did we get here? And what are the necessary moves to avoid disaster? To begin with, it is critical to understand how President Vladimir Putin experimented with 21st century technical methods to contribute to achieving his long-held vision for Russia.
Past as cybernetic prologue
Russia’s motives are quite conventional. In April 2005, Putin called the fall of the Soviet Union “the greatest geopolitical catastrophe of the century” and “a real tragedy… for the Russian people”. This core belief has guided much of Russia’s actions since then. Today, unfortunately, the drums of war are beating loudly in Europe as Putin seeks to forcibly return more of Russia’s periphery back into formal control and repel the perceived Western invasion.
While there are several factors that explain why Russia has chosen now as the time to step up its aggression against Ukraine – and assert itself in Europe more broadly – its asymmetric capabilities in areas such as cyber certainly give it a broader set of tools to fight back. shape the results. in your favor.
Russia’s geopolitical position – with a declining population base and a dire economic situation – prompts its leadership to find ways to reassert itself on the global stage. Russian leaders know they can’t compete conventionally, so they turn to asymmetric tools that are more easily accessible and, as it turns out, immensely powerful and effective. Their disinformation campaigns have greatly contributed to pre-existing social rifts here in the United States, exacerbating our fragmented politics according to standard Russian intelligence practices. Indeed, the Russian leadership likely sees an opportunity with the West distracted by the COVID pandemic and the domestic turmoil it sometimes helps to sow.
But Putin’s long embrace of asymmetrical methods means Russia has been preparing for this moment for years. There is a familiarity with these activities: old Soviet-era media and tools that have taken on a new face through the manipulation of 21st century digital tools and vulnerabilities. And in recent years, it has used Ukraine, Libya, the Central African Republic, Syria and other contested spaces as “testing grounds” for its harmful information operations and cyber capabilities.
The bear gets prickly
Today, Russian actors have deployed a vast array of techniques to “active measures” to confuse, sow doubts and delegitimize basic democratic institutions. The mercenaries and clandestine agents that Russia is deploying in Ukraine have honed their skills in hybrid battlespaces abroad, using a mixture of deception and kinetic action, deftly mixed with negated influence operations and offensive cyber actions.
In cyberspace, Russia excused itself from its then-unprecedented 2007 cyberattack on Estonia and later Not Petya style cyberattacks, which targeted Ukrainian public services, ministries, banks and journalists, which turned into one of the costliest cyberattacks in history to date. Russian intelligence services found hack in the US critical infrastructure systems for some time as well – still, to date, with no significant kinetic or deleterious impact or actions (unlike Ukraine and elsewhere, as detailed in books such as Andy Greenberg’s sand worm). They have tested the reactions of the United States and its allies, learned what they can do, and are pushing harder and harder as NATO countries debate what to do with Ukraine.
In short, Russia has done its recon and probably put in pre-installed tools that it might want to use against countries like the United States on a rainy day. That day may come soon.
When the war in Europe hits American networks
As Russia increases its aggression against Ukraine, the United States threatens a “devastating” economic response as part of escalating (as nations methodically raise the stakes in hopes of deterring an adversary in a conflict) toward an increasingly escalating scale. increasingly dangerous and probably violent resolution. What is often left unsaid is that Russian cyber capabilities are attempts at their own form of deterrence. These preparatory activities that Russia has engaged in over the years, as noted above, would allow these cyber eggs to hatch – and the consequences back home here in America.
The US government has explicitly and widely warned that Russia may attack US private industry in response to these potentially severe US sanctions. It is highly unlikely, knowing the sophistication of Russian actors in this space, that these attacks will be brazen, or even immediate. While they can be sloppy and inaccurate at times (see NotPetya), their features will likely allow them to intrude on our critical infrastructure and the private sector through supply chain attacks and other indirect and difficult to assign means. In the meantime, businesses and service providers may face significant damage and deleterious downtime. If the past has been a nuisance, the short term portends a potentially far greater negative economic impact as Putin and his oligarchs continue to press their long-running agenda.
The hope remains that Russia will not continue to escalate its aggression and, in fact, will find ways out by avoiding these various scenarios. We should all hope that none of this happens. However, it is prudent, indeed overdue at this point, for the industry to ensure that it takes appropriate steps to protect itself from what we must now consider a potentially highly likely attack – duplicate multi-factor authentication, segment networks, maintain backups, game response plans. crisis and closing access only to those in real need. What is happening in Ukraine seems a world apart, but with a few clicks, the impact could end right here at home.