On Tuesday, an intelligence officer from the US warned that Russia is yet to unleash its full cyber capacity on the United States. Admiral Mike Rogers, who heads the US Cyber Command and the National Security Agency, says that although China has been behind a major chunk of cyber attacks on US targets but is confident that Russia has even more enhanced capabilities in this arena. However, the only reason that Russia has not entered this new form of warfare is because it has chosen not to.
Earlier this year, James Clapper, the Director of National Intelligence claimed that a Russian cyber threat is more severe than initially thought. This comes as quite a development considering the fact that most of the intelligence officials have been more vocal about Chinese cyber capabilities. In the last few months, Chinese hackers have hacked into various public and private US targets with an attack on the Office of Personnel Management being the most notable one. That was the largest security breach in US history and resulted in the theft of more than 20 million classified personnel files.
However, this attack would be nothing considering the attacks Russia can carry out at free will. Intelligence officials believe that Russia boasts a central cyber command infrastructure which is similar to that of the US. In past, Russian hackers have hacked into unclassified servers in the State Department, Defense Department and the White House.
Clapper says that although US is well prepared for a large scale attack to destroy US infrastructure, chances of such an even occurring are very slim since most of the hacking incidents in recent memory have been low to moderate level attacks. However, such attacks do affect America’s economic competitiveness and national security.
Chairman Sen. John McCain, R-Ariz., attributed America’s diminished cyberdefenses to the lack of a policy on deterrence. “Our adversaries view our response … as timid and ineffectual. Put simply, the problem is a lack of deterrence. The administration has not demonstrated to our adversaries that the consequence of continued cyberattacks against us outweigh the benefit.”
However, one cannot rule out the cyber threat Russia poses to key US civilian and military structures. A report published earlier this year claimed that Russia is one of the most sophisticated nation-state actors in the cyber arena and has cyber capabilities that can wreak havoc on any country’s military and civilian structures.
Russia’s Ministry of Defense already has an established cyber command and its Cyber Warrior program is one of the most complex structures in the game today. In addition to this, US intelligence agencies have known for quite some time that Moscow has a much more advanced cyber program than China and employs more sophisticated and stealthier methods when it comes to infiltrating enemy targets.
Jeffrey Carr, who heads the web security firm Taia Global, says that Chinese cyber threat has been overhyped and went on to claim that Russia has been “more active than any other country in the world in terms of combining cyber-attacks, or cyber operations with physical operations.”
A multi-faceted cyber program
Indeed the Russia-Georgia war of 2008 is a perfect example of the right combination of kinetic and cyber operation. That war was the first ever practical application of a doctrine that if becomes common, threatens to change the whole picture of warfare – both conventional and unconventional.
The distributed denial of services (DDoS) attacks on Georgia rendered critical websites and civilian and military structures in the country incapable of activity. The DDoS attacks on Georgian government websites began two weeks before the kinetic Russian invasion. In short, it was a well-executed cyber-attack policy on Russia’s part that made the ground ready for the Russian troops before they crossed the Georgian border.
Although most of the commentators on cyber threats that the United States faces today are completely fixated on China, Russian cyber capabilities are being completely ignored. One has to realize that the Russian cyber-warfare program is a complex motley crew-like organism that is government sponsored but in an indirect manner. This complex organism has now integrated perfectly with the state’s military doctrine. What’s even more shuddering to think is the fact that this program keeps evolving on a regular basis which makes it even harder to detect.
One of the most prominent and unique features of the Russian cyber program is that it relies extensively on youth groups such as the Kremlin-controlled Nashi and multiple cyber-criminal syndicates in particular the Russian Business Network (RBN). The cyber-criminal industry in Russia is thriving at the moment which makes it easier for the government to hire talent that can shore up its cyber warrior program.
Moreover, the fact that Russia has been very steadfast in refusing to sign the European Convention on Cybercrime means that it is not bound to put a lid on its cyber adventure.
China not the biggest cyber threat
With its capabilities and its intent, Russia is a major cyber challenge to the United States at this point in time. Although China has been in the news for all the wrong reasons regarding its cyber program, it is the Russian program that should be considered as a bigger threat because unlike China, Russian infiltration is rarely caught which makes it a very deadly cyber power.
China may be taken as the ultimate ‘cyber bully’ but Russia on the other hand, is not your average cyber power. Rather than going about its business in a maverick way, the Russian cyber program and the decision makers associated with it, are willing to play the long game where a systematic approach is being used in a bid to create confusion and uncertainty.
According to another report, Russia has a very professional outlook to its cyber program where around twelve institutes provide top notch instruction to the graduates in dual use of information security and electronic warfare technologies. After graduation, these students usually end up joining the Security services and Ministry of Defense where they play a crucial part in the offensive and defensive operations.
US negligence on how far Russia has come in the cyber arena makes it hard to estimate the current cyber capabilities that Moscow boasts which makes the overall program all the more threatening than it already is.
When it came to the Chinese cyber threat, US chose to make a reactive policy because it never expected Beijing to be this aggressive and deadly in its use of cyberwarfare. However, Washington cannot afford to miscalculate and underestimate Russian cyber capabilities since Moscow has already shown the world that when it comes to mixing cyber and kinetic warfare, it is clearly on top of the food chain.