TOM O'CONNOR AND NAVEED JAMALI
Russian President Vladimir Putin is seeking an agreement from his U.S. counterpart Joe Biden in order to rein in global cyberwarfare. Moscow sees the effort as critical in stemming an already raging 21st-century digital arms race and avoiding a miscalculation that could spark a conflict between the two top military powers.
Such an inadvertent conflagration becomes especially dangerous in the absence of "red lines" not yet established among nations and non-state actors, who are also quickly honing potentially devastating cyber capabilities.
Putin made note of this latent threat in September, asserting that "one of today's major strategic challenges is the risk of a large-scale confrontation in the digital field," part of remarks referred to Newsweek by the Russian embassy in Washington.
The comment came alongside a four-point plan to establish high-level communication between Washington and Moscow on what Russia refers to as "international information security," including through existing bodies dealing with nuclear and computer readiness, as well as through the establishment of new rules of the road mirroring U.S.-Soviet agreements on avoiding maritime incidents, and mutual "guarantees of non-intervention into internal affairs of each other."
Putin is also seeking is a global agreement on "no-first-strike" regarding communications technologies, another reference to the nuclear technologies that long dominated the discourse on arms control, and still do today.
Contacted regarding the prospect of pursuing such a deal, the State Department referred Newsweek to the White House, which referred to national security adviser Jake Sullivan's assurances that both nuclear and cyber issues would be on the table Wednesday.
Sullivan said Wednesday that nuclear talks remained the "starting point" for bilateral discussions, and "whether additional elements get added to strategic stability talks in the realm of space or cyber or other areas, that's something to be determined as we go forward."
But as the U.S. continues to prove vulnerable to ransomware attacks from shadowy groups believed to be operating out of Russia or other former Soviet bloc countries, those with experience in advising the White House on challenges from the region urge Biden to take the opportunity to send a message.
"What I want is for Biden to very clearly explain what the risk is to Vladimir Putin, that we are not going to back down if we are attacked by Russia," Evelyn Farkas, who served as deputy assistant secretary of defense for Russia, Ukraine and Eurasia, "and we're going to be the ones that decide what a 'cyber Pearl Harbor' is, which means Russia doesn't control the escalation dynamic."
Members of the U.S. Cyber Command are seen at headquarters in this undated photo released by the Pentagon.PETTY OFFICER 1ST CLASS SAMUEL SOUVANNASON/U.S. NAVYFor generations, December 7, 1941 was a date that lived "in infamy," a catalyst for the U.S. entry into the largest war known to mankind. Nearly seven decades later, 9/11 showcased in even deadlier terms a new kind of threat that could strike with little warning, dragging the U.S. into a conflict it is still waging today across the globe.
The threat in the cyber realm has yet to emerge clearly into the open, but recent events suggest how quickly and quietly events could escalate. Just in the past year, this has been demonstrated by mass infiltrations like last year's SolarWinds hack. This was followed by a pair of major ransomware attacks, one that prompted a panic over a fuel shortage as the nation's largest gas pipeline shut down, and another that disrupted the food supply chain as U.S. operations of the world's largest beef supplier were forced to close.
Both the companies behind Colonial Pipeline and JBS USA paid multimillion-dollar ransoms in cryptocurrency, a controversial idea that defies the traditional U.S. government stance of not giving into the demands of "terrorists."
But it's hard to imagine another way private companies could react as long as they remain helpless to such a cyber onslaught from abroad. Potential victims of such attacks, likely to multiply in severity and scope if left unregulated, also seek answers.
"I mean, imagine if you're a healthcare system, you're going to have people dying," J.D. Cook, a former senior CIA official, told Newsweek. "My mom's taking chemo, chemo, all of that other stuff is computerized. You think I care about that principle of you not paying a ransom if my mom dies? If my mom dies because of a ransomware attack, it'll hit home."
While he said such analogies as Pearl Harbor were tantalizing to a public growing increasingly aware of the effects that such cyber capabilities could have on their lives, he urged those tasked with crafting strategy on the issue to just "go and do something, you need to do something and do it tomorrow."
Another relevant historical analogy is that of the 1962 Cuban Missile Crisis, which had less to do with the communist-led island 90 miles off of Florida and more with two superpowers testing how close to each other's territory they could position nuclear-capable weapons.
"We almost went to nuclear war," Raj Shah, chairman of the cybersecurity insurance firm Resilience, told Newsweek.
The standoff that brought the world to the brink barely avoided a potentially apocalyptic exchange between Washington and Moscow. It did, however, pave the way for landmark treaties that would ultimately reverse the then-untethered buildup and deployment of nuclear weapons.
Shah said it is now time for the U.S. to express what red lines look like in the cyber realm, and then back it up with a staunch deterrence capable of enforcing them.
"We have to be open about it, and we have to be able to communicate what those lines are, and then defend them so there's not a miscalculation on the other way," he said. "But I think the status quo of our pipelines going down every week is not tenable."
While the Biden administration has not directly blamed the Kremlin for the incidents, U.S. officials have called on Russian counterparts to hold those behind the attack accountable. Putin said during an interview with the Rossiya-1 outlet that he would agree to the extradition of those arrested in Russia if the U.S. does the same, something Biden has vowed to reciprocate in the event such attacks were launched from U.S. soil.
He called Putin's similar assurance "potentially a good sign and progress."
But as the leaders of two nations who dominated the premier geopolitical competition of the late 20th century take the stage Wednesday, the U.S. has once again pulled ahead of its rival in developing current and future capabilities leveraged on new battlefields, the likes of which the world has never seen.
"Domains of competition, it's not strictly military anymore," Mike Madsen, who serves as Director of Strategic Engagement for the Pentagon's Defense Innovation Unit, told Newsweek. "It's economic, it's social, it's all these different things. We talked about air superiority and air supremacy, and there's a day when there's going to be concepts of cyber curiosity and cyber supremacy in a domain of competition."
He said that domain is already becoming a reality, of concern not only to Pentagon planners, but one that can and has affected the everyday U.S. citizen.
"In this era of Great Power competition, the technology race is the most important front," Madsen said. "It is critical that DoD not only attract the best emerging commercial technology and talent by lowering the barriers to entry, but to integrate this technology into our systems."
He noted that national security issues have expanded beyond the traditional military parameters.
Our nation's security today is no longer limited to military strength but it also relies on our economic health," Madsen said, "and we need to leverage our asymmetric advantage of the serial entrepreneurship of technology ecosystem which birthed Silicon Valley, where the triad of government, academia and industry work together."
As such, the U.S. has invested heavily in its own cyber capabilities, seeking to outpace Russia and other competitors to achieve and maintain what's known as a Qualitative Military Edge (QME) using both public and private assets.
"Achieving QME is an endless effort that requires constant innovation and commitment to gain advantages over adversaries, technically and tactically," Amyn Gilani, chief growth officer at CounterCraft, a cybersecurity firm that sets out to thwart virtual threats such as ransomware attacks, told Newsweek.
Doing so, he argues, takes the efforts of both public sector entities such as DIU and private institutions like his own.
"This is why it is essential for the federal government to collaborate with the most innovative technology companies to achieve cyberspace superiority," said Gilanie, a former U.S. Air Force intelligence analyst who supported projects at U.S. Cyber Command, the National Security Agency and Department of Homeland Security. "It is essential that the federal government leverage the private sector to fulfill technology needs and prototype solutions to fine-tune customers' needs."
As public-private partnerships have helped enhance the country's cyber capabilities in a similar way it's fueled innovation among more conventional arms, the U.S. has also turned to its existing alliances abroad to tackle foreign foes in the digital domain. The foremost of these coalitions is the 30-state NATO, which in 2019 added discussions of cyber attacks to the admissibility of Article 5—collective defense.
Contacted by Newsweek, a NATO spokesperson referred to discussions that took place among the alliance as Biden visited Europe over the weekend.
"Reaffirming NATO's defensive mandate, the Alliance is determined to employ the full range of capabilities at all times to actively deter, defend against, and counter the full spectrum of cyber threats, including those conducted as part of hybrid campaigns, in accordance with international law," a joint statement issued Monday by the heads of NATO states. "We reaffirm that a decision as to when a cyber attack would lead to the invocation of Article 5 would be taken by the North Atlantic Council on a case-by-case basis."
If serious enough, NATO members agreed that "the impact of significant malicious cumulative cyber activities might, in certain circumstances, be considered as amounting to an armed attack."
The statement said NATO would intensify its focus in the cyber realm, including "sharing concerns about malicious cyber activities, and exchanging national approaches and responses, as well as considering possible collective responses."
"If necessary, we will impose costs on those who harm us," the statement added. "Our response need not be restricted to the cyber domain."
This combination of pictures created shows then-Democratic presidential candidate Joe Biden—now president—during a speech in Darby, Pennsylvania, on June 17, 2020 and Russian President Vladimir Putin delivering a speech at the Novo-Ogaryovo state residence outside Moscow on January 31, 2018. Biden is set to follow in the path of his predecessors in attempting an early reset in U.S.-Russia relations, but issues straining ties between the two powers have only multiplied in recent years.JIM WATSON/GRIGORY DUKOR/AFP/GETTY IMAGESThe prospect of a "physical" attack in response to cyberattacks already has a real-life precedent. The U.S. has already targeted the cyber capabilities of the Islamic State militant group (ISIS) in operations, with an August 2015 airstrike that killed jihadi hacker Junaid Hussain in the de facto caliphate capital of Raqqa, Syria.
But the first known example of an immediate, kinetic reaction came nearly four years later elsewhere in the Middle East.
In May 2019, the Israel Defense Forces reported that they "thwarted an attempted Hamas cyber offensive against Israeli targets" by conducting an airstrike on an alleged headquarters in the Palestinian-controlled Gaza Strip. Israeli forces similarly targeted Hamas cyber stations during last month's 11-day war with Hamas and allied Palestinian factions in Gaza.
Though the fallout from both operations remained relatively contained, how such a response would play out on the state-versus-state level remains anyone's guess. In the meantime, the U.S. and Russia were already playing a murky game behind smokescreens of code.
U.S. Cyber Command partners with foreign governments on missions known as "hunt forward operations," in which "defensive cyber teams are invited by other nations to gather insights from their government networks on adversary behavior," a U.S. Cyber Command spokesperson told Newsweek.
"These operations are one part of our 'defend forward' strategy—where we see what our adversaries are doing, and share with our partners in the homeland to bolster defense," the spokesperson said.
In one such mission targeting Russia's alleged cyber activities, U.S. forces "discovered and disclosed new malware associated with the SolarWinds incident, and then provided key mitigation of the malware, attributed to Russian intelligence SVR."
"When we disclose adversary malware used to conduct espionage; we not only harden our own networks, inoculate more broadly and improve collective cybersecurity," the spokesperson said, "but we also impose costs disrupting adversaries time, money, and access."
The concept of "defense forward" is the broader cyber strategy that includes what's known as "persistent engagement."
U.S. Cyber Tools Turned Against Americans, Limiting Biden's Russia Options
"The Department is continuously defending itself from malicious activity and, more broadly, defending the country from significant malicious actions through persistent engagement," a Pentagon spokesperson told Newsweek. "Our persistent engagement activity generates insights that are shared with Federal and private sector partners, making us all more secure. The President may direct the Department to conduct additional cyber operations when he deems them necessary."
As NATO's joint communique asserted, the Biden administration has considered a range of options in response to major cyberattacks.
"The way that I've consistently characterized our response when it came to SolarWinds and to other cyberattacks of that scope and scale is that we are prepared to take responsive actions that are seen and unseen," Sullivan told reporters Sunday, "and I'll leave it at that."
Russian officials have raised concerns regarding such statements and, in an NBC News interview aired that same day, even Putin appeared to fret.
"What people can be afraid of in America, the very same thing can be a danger to us," Putin said. "The U.S. is a high-tech country, NATO has declared cyberspace an area of combat. That means they are planning something; they are preparing something so, obviously, this cannot but worry us."
Both the U.S. and Russia have clearly asserted their right to wage cyber operations both offensively and defensively in the modern era. Until cyber boundaries are set, however, it remains difficult for foes to know when they've crossed them.
Until cyber boundaries are set, however, it remains difficult for foes to know when they've crossed them.
"We need to find what the red lines are, this continues to escalate, and we can't allow it to escalate," Shawn Henry, president and chief security officer of cybersecurity company CrowdStrike, told Newsweek. "It's the exact reason we had nuclear arms talks, because we realize things couldn't continue to escalate, they couldn't spiral out of control. We couldn't worry about an adversary launching a weapon mistakenly because we know what the response would be."
The former FBI executive assistant director said now is the time for dialogue to avoid a catastrophic cyber event, one that could trigger a response that would have not only immediate but generational consequences.
"It takes us back to that exact point in the conversation where nation-states need to sit down and define what the red lines are," Henry said, "and what the responses are going to be says there's no misinterpretation, there's no misunderstanding."
No comments:
Post a Comment