In February 2015, James Clapper, the Director of National Intelligence in the United States, announced that the appraisal of Russian cyber capability and intention had been elevated, pushing Russia to the number one spot on the list of countries which pose a major cyber-threat to the United States.
China held the number one spot for years because of the frequency of attacks on the United States. However, China’s cyberattacks were financially and economically motivated espionage rather than outright physical infrastructure attacks. Also, even though China’s cyberattacks were more frequent, it is believed Russia has more capabilities but has simply chosen not to use them all yet. Clapper also stated that Russian cyber saboteurs, spies, and thieves are widening their attacks against vulnerable American internet infrastructure, which chips away at US wealth and security over time.
Clapper’s intelligence assessment details how Russian cyber actors are creating new ways to remotely hack into industrial control systems that run electrical power grids, urban mass-transit systems, air-traffic control networks, and oil and gas pipelines. According to private-sector cyber security experts, these actors have been able to successfully compromise the product supply chains of three control system vendors so customers unknowingly downloaded exploitative malware directly from the vendors’ websites along with routine software updates. Russia is seen as an unregulated area as well as a safe haven for the development and spread of malicious codes around the world.
According to senior Russian military officials, its Ministry of Defense is establishing its own cyber command that will be responsible for conducting offensive cyber activities, such as propaganda operations and inserting malware into enemy command and control systems. A specialized branch for computer network operations is also being established by Russia’s armed forces. This is the consequence of a national security legacy, as Russia was one of the first nations to move assertively into the cyber sphere. In 1998, long before most nations even began thinking about cyber-security, the Kremlin established “Directorate K” to begin operations to monitor and defend against hackers and spammers. However, in recent years, Directorate K has taken on a more offensive role in the digital sphere.
Russia has been cyber-attacking the United States for several years. In 1999, it was discovered that the Moonlight Maze virus had been stealing information from the Department of Defense, Department of Energy, NASA, and military contractors for two years. In early 2015, Russia hackers were able to access an unclassified server of the US Department of State. Through this they were able to penetrate sensitive areas of the White House computer system and access information such as the real-time non-public details of President Barack Obama’s schedule. The FBI, the Secret Service, and United States intelligence community overall are all involved in investigating the breach and say that it was one of the most sophisticated attacks ever launched against American governmental computer systems.
Russia was also able to hack into systems at the Pentagon in July 2015. The sophisticated cyberattack affected nearly 4,000 federal employees when it shut down the Pentagon’s unclassified email system for the Joint Staff for nearly two weeks. The attack was carried out through the use of encrypted accounts on social media and officials at the Department of Defense stated that the attack involved “new and unseen approaches into the network.” Fortunately, only unclassified accounts and emails were involved so no classified information was accessed or taken from the network.
These cyberattack threats from Russia are a major concern for the United States because they undermine United States economic competitiveness and its fundamental belief in maintaining the secrecy of national security information. As of now, a “cyber armageddon” is not a high risk, but low to moderate-level attacks over time could pose serious financial security risks to the United States. In the US alone, international hacking has cost, on average, between 25 billion to 100 billion dollars annually. In 2008, cyber espionage, including industrial espionage, intellectual property theft, and theft of trade secrets caused the loss of more than one trillion dollars worldwide, with Russia always being cited as one of the main perpetrators. Russia’s tactics of using cyber-attacks to block any and all communications from within a nation-state and its ever increasing innovative capabilities could have a significant negative impact on United States’ security and interests. What the real question seems to be is not so much can Russia be stopped but does the United States have the talent pool to create similar cadres capable of matching the same innovation emerging from Russia. Classified information and state secrets aside, the jury on that question, quite frankly, remains out.