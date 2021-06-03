A few weeks ago, after a ransomware attack on an East Coast pipeline caused major disruptions, we said businesses and government need to get more serious about protecting electronic infrastructure. This week another attack shut down the Australian operations of one of the world’s largest beef producers. Both attacks are thought to have been carried out by hackers operating in Russia with the protection of the Russian government.
It would be easy, given the international tensions that lie just below the surface right now, to call these attacks actions in a proxy war. It would probably also be overstating things. There is little doubt the Russian government is using its power to protect people who are flaunting international law. But, to this point, there remains a difference between state-protected actors and state actors.
The Biden administration has said it plans to raise this issue with Russian President Vladimir Putin at a summit later this month. But we’re not holding our breath. Post-Soviet Russian governments have long had a high tolerance for criminal enterprises like the ones thought to be behind these attacks, condemning them with a wink and a nudge, if at all.
The problem is serious and there are few easy answers. The criminals carrying out these attacks remain outside the reach of authorities in the countries where the attacks hit. Neither the United States nor Australia have any real hope of being able to apprehend those who committed the attacks without the active cooperation of the Russian government. And anyone who thinks that’s going to happen is kidding themselves.
The reality is that the Russian government is increasingly taking on the character of a criminal enterprise of its own. Witness the attempted assassination of Sergei Skripal, a former spy for Britain who lived in the U.K. That attempt used Novichok, a Russian-made nerve agent. The same weapon was used in a similarly unsuccessful attempt to kill Russian dissident Alexei Navalny. While the Kremlin denies both attacks, the claims are widely rejected by western nations.
Then there’s the alteration of the Russian Federation’s constitution to allow Putin to remain in power long after he would have been required to step down. It’s an end run around a possible repeat of the farcical transition from Putin to Dmitry Medvedev from 2008-2012, during which Putin clearly continued operating as the power behind the scenes.
In short, there is no reason to believe the Russian government will suddenly develop a newfound respect for the law, either its own or that which governs relations between countries. Given all of that, and given the increasingly aggressive actions by hackers in other unfriendly nations, the only responsible course of action is to radically improve our own cyberdefenses.
Such an effort will not be simple. It will not be easy. If this is a race between hackers and targets, it’s clear the hackers already have a considerable lead. Any realistic defense will require the cooperative efforts of the American government and our corporate entities.
It will also require an understanding that this is not, at its heart, a partisan issue as we often understand the term. Those engaged in these attacks care little whether the targets support Democrats or Republicans. They care whether you will pay a ransom. They must be understood as a common enemy, one that is outside the boundaries of our domestic squabbles.
Failure cannot be an option here. The consequences are truly terrifying. A successful attack on critical infrastructure, say the power grid or water systems, could be crippling. We would be fooling ourselves to think such actions aren’t being contemplated.
And, distasteful as it may be, our nation needs to ensure it has parallel abilities to strike back. Such steps cannot be taken lightly. Unlike what we’ve seen in the past several weeks, use of such abilities would be state-sponsored. That’s a line not lightly crossed.
The need for such capabilities is, however, clear. We would be naïve to think the governments protecting these criminal enterprises are not developing their own weaponized versions of malware. Conflicts between nations in the future will inevitably include fronts in cyberspace. Defense as the sole strategy will most likely not be enough.
We cannot depend on luck. And the events of the past month illustrate that the threat is real and increasing. The United States and our allies need a concrete plan for how to deal with it.