For many years, the Kremlin has been engaged in a cyberwar against the west, however, this essay will focus only on Russian actions against the United States. Kremlin aggression against NATO will be discussed in an upcoming paper.
Recently, this onslaught against America has intensified, with multiple systems breaches and major disinformation campaigns. 2014 was definitely a pivotal year. According to a report released by The Center for American Progress in 2018:
Despite Russia’s history of interference, however, it is apparent that in 2014, Russia launched a distinct and multifaceted campaign to undermine and influence the American democratic process. The goals of this campaign are clear:
- To sow political and social discord in the United States.
- To undermine and challenge the American and Western democratic system as a model to emulate for transitioning democracies; and
- To foster ties and support among powerful voices within the party that Russian hawks have traditionally dominated, with the aim to soften that party’s stance.
The cyber-attacks committed against the United States during the runup to the U.S. presidential election in 2016 is perhaps the most glaring example of Kremlin cyberwarfare. Interestingly, Russia actually sees itself as the victim in all of these cyber-attacks. The Kremlin sincerely believes it is only doing what is necessary to defend itself against the constant and unrelenting threat of encirclement and invasion by the evil forces of the west. In short: Russian leaders have always believed they must attack and defeat the west before the west attacks and defeats Russia. They will defend the Motherland against all enemies, even if no real enemies exist and have to be invented. It is just that simple. That belief has not changed in hundreds of years, and shows no sign of changing anytime soon. This will come as no surprise to Kremlin watchers at western military and intelligence agencies, as it informs all Russian foreign policy, as well as most military and intelligence strategic planning.
According to a 2019 Rand study, “As reported by DHS and the FBI, the Russian government has executed deliberate intrusions into U.S. CI (critical infrastructure) since at least 2011. These systems have not only included government entities and energy infrastructure but also commercial facilities, water resource plants and aviation institutions.” Even though we are rendered almost numb from the unrelenting daily barrage of horrific news relating to the international Covid-19 pandemic, as well as the accompanying economic meltdown, the fact that a hostile foreign power has launched multiple cyber-attacks against U.S. critical infrastructure is still difficult for me to comprehend without feeling intense anger. It is difficult enough for me to comprehend the attacks themself, but it is perhaps even more difficult for me to comprehend our lack of response to such a serious breach of our national sovereignty. That is just totally unacceptable.
The RAND study went into even greater detail on the Russian GRU cyber unit. “Deep within Russia’s cyberwarfare apparatus is an organization known as Unit 26165. The unit is a specialized group within the GRU’s signals intelligence arm. The organization is dedicated to actively targeting military, political, governmental, and non-governmental organizations with “spear-phishing” emails and other computer intrusion attacks. Agents in Unit 26165 have operated internationally, conducting hacking operations through methods such as onsite attacks against the Wi-Fi networks of target organizations.”
As the RAND study points out, the GRU is set up as a fully functioning, multi-pronged, offensive cyber-warfare unit capable of conducting a wide range of specialized international missions. It should be noted that GRU Unit 26165 is the unit specifically named in the Muller report as the one that hacked into the DNC server system in 2016. Many believe it was that action and a subsequent GRU disinformation campaign that may have influenced the election and allowed Donald Trump to win in November. Trump has vigorously denied any collusion with the Russian government during his presidential campaign.
If these cyber-attacks against the U.S. can be so clearly traced back to Russian military intelligence (GRU), then why does the United States tolerate such actions and not declare war on Russia, or at least retaliate in like fashion, if not with their own cyber-attacks, then with an actual military response? Aside from the obvious diplomatic and economic catastrophes that would immediately ensue (as well the threat of nuclear war), another possible reason the U.S. has not launched any serious retaliatory strikes against Russia may be the mistaken judgement (in my opinion) that if these cyber-attacks have not actually damaged or destroyed any critical infrastructure, they have not violated international law. Therefore, any overt retaliatory action might itself be construed as an unfounded violation of international law.
Russia (as well as China, North Korea, and Iran) have launched several serious cyber-attacks against U.S. federal, state, local and private critical infrastructure systems for at least the past nine years. These intrusions were probing attacks meant to test system defenses in preparation for launching an all-out denial of service attack(DoS) in the future. Once the system defenses were known, it would then be easy to shut them down and disrupt service for an extended period of time. If these attacks were launched against critical services such as municipal water, electricity, banking, Internet or gas systems, the results would be catastrophic.
As has already been stated, these attacks were digital probes meant to recon our cyber defenses in order to facilitate future denial of service attacks. In other words, Russia was prepping the cyber battlefield for war with the United States. The fact that the combat theater of operations was digital rather than three dimensional is of absolutely no importance in this context. A hostile force had breached our defenses and was preparing to launch an attack on critical infrastructure of the United States of America. That hostile force must be stopped and met with an equal or superior response so as to deny him the motivation and ability to conduct future offensive operations against the United States or our allies. To do otherwise is to invite further aggressive actions against our nation and those of our allies.
Author
-
Retired U.S. Army Counterintelligence Special Agent. He served in Iraq as a team leader of a tactical Human Intelligence Team (THT). Prior to his deployment to Iraq, David was an instructor at the reserve U.S. Army Counterintelligence Special Agent course. He has published four novels for Grand Central Publishing and is currently finishing a memoir of his experience in Iraq. David has also written articles for Vanity Fair, Salon.com, The American Prospect and The Washington Monthly.
View all posts