With the swift progress in information and communication technologies in the late 20th – early 21st century, both private and governmental actors came to rely heavily on digital infrastructures in their activities. However, while the digital revolution facilitated information exchange, it also brought challenges along with benefits. Any information shared through digital networks is potentially vulnerable to malicious actors who can access and use it for a range of illicit purposes. Such cyber actors may often be funded and otherwise supported by sovereign states, adding a political dimension to the issue of cybersecurity. Russia is one of the countries strongly associated with malicious cyber activity against foreign targets. The examples are its cyberattacks against Estonia and Georgia in 2006 and 2008, respectively, and the alleged involvement in the 2016 presidential elections in the United States. It begs a legitimate question of whether Russian cyber warfare against American targets will escalate in the foreseeable future. Most likely, Russian cyber actors will continue to penetrate critical US companies to exploit sensitive information about their communication and financial infrastructure due to the advantages of offensive strategy and limited usefulness of security measures.
One reason why Russian cyber actors are likely to continue their attempts to infiltrate American targets is the simple fact that, in contemporary cyber warfare, the offense has a considerable advantage over the defense. On the one hand, cyberattacks are not costly for malicious actors since they do not require numerous staffing or extensive financial resources to launch (Taddeo, 2017). Moreover, they are not risky for those who perform them due to both the anonymity of cyber actors and the fact that, when sponsored by a state and residing in it, they can rely on its protection (Taddeo, 2017). At the same time, any complex digital system is bound to have vulnerabilities that can be exploited for a malicious purpose, such as gathering information about communication and financial infrastructure (Taddeo, 2017). Finding and fixing these deficiencies is a lengthy and time-consuming process, especially since the defending side needs to fix all of them while the attacker only needs to find one. As a result, the current dynamic of cyber warfare naturally favors offense over defense, and there is no reason for Russian or any other actors to stop their attacks.
Yet another factor that increases the likelihood of Russian cyber-attacks against American targets in the foreseeable future is the dynamic of state-sponsored warfare that emerges from the considerations described in the previous paragraph. As mentioned above, offense currently has the upper hand over defense, meaning that the objective dynamic of the struggle favors energetic offensive strategies. With this in mind, all cyber actors, including the Russian ones, have a strong incentive to launch their attacks pre-emptively to avert possible retaliation or divert the opposing side’s resources. This dynamic leads to the situation where cyber warfare consistently and continuously escalates, especially when it is sponsored or encouraged by state actors (Taddeo, 2017). Moreover, state actors tend to be secretive about their red lines – that is, the limits the action beyond which will elicit a disproportional response (Taddeo, 2017). As a result, there is no identifiable threshold to limit the activities of malicious cyber actors. This, in turn, leads to the situation when cyber actors prefer to continuously escalate their attacks, and this estimation fully applies to Russian attacks against American targets.
One may object that the new approaches to the problem, such as the increased political cooperation between the nations that are likely to be targeted, can thwart Russian attacks and decrease their intensity. While state actors have been unable to efficiently address the problem of cyberattacks so far, some scholars hold that reinvigorated international cooperation in this respect may be the crucial step forward. One example of such an approach is the “Declaration on Responsible States Behaviour in Cyberspace” adopted by the foreign ministers of the G7 country in 2017. This document stresses the necessity of information sharing based on trust and transparency between the signing states (Taddeo, 2017). The researchers who support this approach as the way to address the threat globally and minimize the risks argue that such agreements have the real potential to curb and prevent cyberattacks. One example they offer is that the 2017 WannaCry ransomware attack could have been prevented if the already known vulnerability that enabled it had been disclosed sooner (Taddeo, 2017). Thus, one may claim that information sharing through political channels may actually decrease the intensity of Russian cyberattacks.
However, this objection is not well-founded because it lacks a basis in the currently existing international frameworks and does not address any of the premises discussed above. First and foremost, the existing international agreements on cyber-security are exclusively voluntary (Taddeo, 2017). Consequently, they have no binding clauses obligating the signing states to actually share information about the vulnerabilities discovered. Apart from that, even if there was a binding international framework of information sharing in place, it would still do nothing to change the causes described in the first two paragraphs. The defense would still be reactive and in need of addressing all vulnerabilities, and the offense would still have an advantage and only need one identified vulnerability to proceed with an attack. The resulting preference for offensive strategies over defensive ones and the resulting tendency to continuously escalate cyber warfare would not disappear either. While international agreements –even the currently nonexistent binding ones – have a potential for slightly improving cyber defenses, they are unlikely to become a game-changer that reshapes the existing dynamic of cyber warfare. Therefore, attacks are likely to continue and escalate despite political developments in cybersecurity.
As one can see, Russian cyber actors will most likely continue their attempts to infiltrate targets in the United States to obtain sensitive information about the nation’s financial and communication infrastructures. One reason why it is almost a certainty is that the current dynamic of cyber warfare strongly favors offense over defense both because of the relatively low costs of attacks as compared to defensive measures. Another reason closely connected to that is that the existing situation prompts cyber actors to launch pre-emptive attacks in order to dismantle the enemy before it can strike at them. Some may argue that a renewed political framework for the international sharing of information on cybersecurity can thwart the new attempts at cyberattacks. However, there are currently no binding agreements of that nature, and even if there were, they would not change the fundamental dynamic of contemporary cyber warfare as described above. With this in mind, there is every reason for Russian cyber actors to continue their attacks against American targets and no feasible reason to limit rather than escalate their activities in the foreseeable future.
Reference
Taddeo, M. (2017). Deterrence by norms to stop interstate cyber attacks. Minds and Machines, 27(3), 387-392. Web.