6 January 2016

Moscow’s Cyber Buildup

https://www.thecipherbrief.com/article/moscow%E2%80%99s-cyber-buildup
January 3, 2016 | Luke Penn-Hall

The legacy of the Cold War has left many enduring images in the minds of most Americans, images that are usually associated with Russia and its nuclear arsenal. But a key threat, from what many believe is the new Cold War, could very well be from Russian hackers. When listing countries with the most sophisticated and mature cyber-capabilities, Russia is usually right after the United States and right before China Russia has not been involved in many high profile, OPM-style cyber attacks, ones that are usually linked to China or Iran, but Russia has earned its place as one of the most effective cyber-entities in the world.

Russian hackers made headlines in 2015 by reportedly breaching unclassified systems at both the State Department and the White House. Russia is also consolidating control over its cyber-forces through an organization similar to the U.S. Cyber Command, an indication that perfecting command and control over cyber-operations has become a Russian priority. The 2015 Worldwide Threat Assessment of the U.S. Intelligence Community concluded that Russia is a greater threat than China in the cyber-domain, and there are indications that Russia is gaining the ability to remotely access industrial control systems. Given those systems are an integral part of American critical infrastructure, that ability represents a significant and growing threat.

Arguably the most worrying aspect of the Russian cyber-buildup is their willingness to use cyber attacks to support conventional military operations. This type of joint attack, called “hybrid warfare,” was used to great effect in Ukraine. Hybrid warfare refers to military operations that blend cyber-operations and propaganda with the use of conventional military forces. Thus far, Russia is the only nation to have successfully mixed cyber and conventional forces in this way.

Outside of the military sphere, there have been other serious cyber attacks that are believed to have been Russian in origin. The largest example of this occurred in 2007, when a series of cyber-attacks paralyzed Estonia’s cyber-infrastructure, with the main targets being government, finance, and the media. Estonia is a NATO member and one of the most networked and Internet-dependent countries in the world. The cyber attacks were able to significantly damage the Estonian economy without prompting a NATO response. These attacks further demonstrate a willingness to use destructive cyber-tools.

Russia’s established and growing expertise in the cyber arena has the potential to become a significantly larger problem. The crux of the issue is that Russia appears to be more willing than the United States to use cyber-weapons to achieve limited goals. There are parallels to how the Soviet Union on one side, and the U.S. and its allies on the other side, pursued nuclear deterrence during the Cold War. While NATO viewed nuclear weapons primarily as strategic assets, Soviet military planners intended to use tactical nuclear weapons in the event of an open conflict. Essentially, the Soviet Union was willing to use smaller nukes to achieve limited objectives, whereas NATO only saw nuclear weapons as part of a total war-type scenario. It seems like a similar logic may pertain to cyberspace as well, but this time, with Russian cyber weapons that may lead to a different kind of mass destruction.

Luke Penn-Hall is the Cyber and Technology Producer at The Cipher Brief.

No comments: