United States intelligence agencies have listed cyber-attacks as the top threat to American national security, ahead of terrorism. These threats are increasing in sophistication, scale, frequency, and severity of impact.
Also, the range of actors, attack methods, targeted systems, and victims are expanding. In February 2015, James Clapper, the Director of National Intelligence in the United States, announced that the estimation of the Russian cyber threat had been elevated, pushing Russia to the number one spot on the list of countries which pose the greatest danger to the United States.
Since the collapse of the Soviet Union, Russia has faced political, military, and economic challenges which it worried could mean that its national interests could be ignored by other powers. In order to protect their interests defensively, and free up their offensive capabilities for deployment elsewhere, Russia and China signed an agreement in April 2015 vowing not to attack each other, while also agreeing to share intelligence and software and cooperate in law enforcement and investigations. This is a direct challenge to the United States because not only are Russia and China working together to get ahead in the energy race but this agreement meant they were now trying to combine their capacities in the digital world.
China and Russia, by far, have the most sophisticated cyber capabilities in the world. The offensive cyber capabilities of each individual country was a threat already to the United States but if they now work together in earnest the United States could be facing an unprecedented cyber danger. According to senior military officials, Russia’s Ministry of Defense is establishing its own cyber command that will be responsible for conducting offensive cyber activities such as propaganda operations and inserting malware into enemy command and control systems. A specialized branch for computer network operations is also being established by Russia’s armed forces. Computer security studies claim that unspecified Russian cyber actors are developing ways to access industrial control systems remotely. Industrial control systems manage critical infrastructures such as electrical power grids, urban mass-transit systems, air-traffic control, and oil and gas distribution networks. “These unspecified Russian actors have successfully compromised the product supply chains of three ICS vendors so that customers download exploitative malware directly from the vendors’ websites along with routine software updates.”
Russia was one of the first nations to move assertively into the cyber sphere. In 1998, long before most nations even began thinking about cyber-security, the Kremlin-backed “Directorate K”, a government agency, began operations to monitor and defend against hackers and spammers. However, in recent years Directorate K has taken on a more offensive role in the digital sphere. Russia has been cyber-probing the United States for many years. In 1999, it was discovered that the Moonlight Maze virus had been stealing information from the Department of Defense, Department of Energy, NASA, and military contractors for two years.
In early 2015, Russian hackers were able to access an unclassified server belonging to the United States Department of State. Through this they were able to penetrate sensitive areas of the White House computer system and access information such as the real-time non-public details of President Barack Obama’s schedule. The FBI, Secret Service, and other United States intelligence agencies were all involved in investigating the breach and said that it was the most sophisticated attack ever launched against an American governmental system. The breach was pinpointed to hackers working for the Russian government based on “tell-tale codes and other markers,” even though the intrusion was routed through computers all around the globe. The attack was believed to have begun with a phishing email launched using a State Department email account that the hackers had previously stolen.
China has also recently increased the amount of time, manpower, resources and money spent on cyber espionage. China’s People’s Liberation Army (PLA) includes a special bureau within its intelligence community specifically managed for cyber espionage. The PLA, according to recent intelligence reports, is not only capable of advanced surveillance and collection but also possesses malware that could take down foreign electricity and water grids. However, it seems that China so far has only been motivated to commit financial and economic espionage, rather than any outright physical infrastructure attacks. Nevertheless, the United States has been getting compromised by China for many years. “It is estimated that in the last few years, Chinese hackers have attempted attacks on 2,000 companies, universities, and government agencies in the United States.” In 2003, China launched Titan Rain against United States military and government agencies. Titan Rain targeted US defense networks in an attempt to obtain confidential national security information. While no information was reported as stolen, it was considered to be one of the largest attacks in cyber espionage history. Titan Rain is particularly unnerving because the attack was meant to be completed in as little as 20 minutes and was able to target high-profile agencies such as NASA, the US Army Information Systems Engineering Command, the Defense Information Systems Agency, the Naval Ocean Systems Center, and the US Army Space and Strategic Defense Installation simultaneously in one day.
These cyber threats from Russia and China were always a major concern for the United States because they undermined American economic competitiveness and at least tried to compromise national security interests. As of now, a “cyber armageddon” may not be a high risk but low to moderate-level attacks over time could pose serious financial and security risks to the United States. Especially if this supposed cyber alliance ever truly takes root and begins to create new innovative cyber strategies for attacks. “In the United States alone, the value of the information that is compromised due to international hacking is somewhere between 25 billion to 100 billion dollars annually.” With Russia’s tactics of using cyber-attacks to block any and all communications from within a nation-state and China’s habit of economic and financial cyber-attacks, the two countries combining could be a perfect storm of political and economic havoc that may not yet have the United States’ proper attention and deterrence capacity.