Читать книгу Russian Cyber Operations - Scott Jasper - Страница 10

Cyber operations possess the means to achieve really mischievous, subversive, and potentially destructive effects, but how is an injured state supposed to respond? The United States, its allies, and its partners face this dilemma in responding to Russian cyber operations. In March 2017, US senator John McCain said on Ukrainian television that the alleged Russian-sponsored breach of the computer systems of the Democratic National Committee (DNC) was “an act of war.”¹ Michael Schmitt, a professor of international law applicable to cyber operations, cringed at the comment and argued that while Russian interference in the 2016 US presidential election was alarming, it did not amount to an act of war. Schmitt said the hacking and dumping of emails by Moscow to WikiLeaks was not “an initiation of armed conflict.”² A few months earlier at a congressional hearing, Senator McCain had taken issue with a similar assessment reached by Adm. Michael Rogers, director of the National Security Agency (NSA). Admiral Rogers stated that “Russian cyberattacks on the electoral system would have to have produced more significant impact or physical destruction to constitute an armed attack.”³ The challenge today, as succinctly outlined by Schmitt, is that “the Kremlin is adept at carrying out operations that fall short of breaching undisputed legal red lines that would invite robust responses.”⁴ Russian cyber operations sow discord in societies and threaten critical infrastructure in the United States and across Europe. The United States in particular is now engaged in day-to-day competition with Russia in cyberspace below the level of armed conflict.

In reply to Russian cyber operations that adeptly avoid crossing perceived thresholds for war, this book will examine methods to counter them through cost imposition or defensive solutions. It will provide an analytical framework to evaluate how and whether past, ongoing, and future Russian cyber operations rise to the level of armed conflict or function as a component of strategic competition.⁵ This book will examine actual cyber campaigns and incidents to understand how the Kremlin exploits technical means and legal regimes to evade attribution and retribution. More specifically, it will explain how Russia uses advanced tactics and techniques for intrusion and evasion to prevent detection and verification of its cyber operations. It will also explore how Russia uses deception through proxies and other means to sustain plausible deniability and avoid responsibility for its cyber operations. The book will explain how Russia tests legal criteria for qualification of its cyber operations as neither a wrongful act nor an unlawful attack. The Russians abuse uncertainty in technical attribution and ambiguity in legal classification to elude repercussions inflicted by injured states through lawful use of countermeasures—for example, by cyber means or by a variety of other methods, such as economic sanctions or legal indictments.

In a speech in Poland in 2019, Secretary of State Mike Pompeo proclaimed that “Russia has grand designs of dominating Europe and reasserting its influence on the world stage. Vladimir Putin seeks to splinter the NATO [North Atlantic Treaty Organization] alliance, weaken the United States and disrupt Western democracies.”⁶ The 2017 US National Defense Strategy asserts that the Russians are using “areas of competition short of open warfare to achieve their ends (e.g., information warfare [IW], ambiguous or denied proxy operations, and subversion).”⁷ Cyber operations are merely a means for Russia to obtain political goals and objectives. An examination of their use in asymmetric tools, in hybrid warfare, and through IW is warranted to understand their role and results. Russia continues to modernize its armed forces with an emphasis on asymmetric weapons, in particular subsonic cruise and hypersonic aeroballistic missiles, the latter part of a potentially invincible arsenal designed to penetrate and evade limited US antimissile defenses.⁸ Cyber operations serve in another asymmetric arsenal of nonmilitary methods but achieve the same aim of penetration and evasion of cyber defenses. Russia has employed new models of warfare, the most debatable called “hybrid.” Since the Russian incursion into Ukraine in 2014, the Western strategic community has been “trying to come to grips with the concept of hybridity,”⁹ although NATO does define hybrid threats as a “type of threat that combines conventional, irregular and asymmetric activities in time and space,” which invariably includes cyber operations.¹⁰ Finally, in the arena of competition of IW, Russia prevails primarily by social media exploitation and cyber-enabled information operations (IO) that influence populations and challenge democratic processes.

The first evidence of Russian foreign policy turning to confrontation with the West was Putin’s blunt Munich speech in 2007. In it, the Russian president accused the United States of imposing an unacceptable unipolar world model, characterized by an “almost uncontained hyper use of force” and a “greater disdain for the basic principles of international law.”¹¹ Putin openly demanded that Russia, with “the privilege to carry out an independent foreign policy,” be given a leadership position in making international policy. The following year, Russia exerted this privilege by invading Georgia, using cyber operations as a new component of warfare. Russian hybrid aggression expanded into Ukraine in 2014 and has continued with cyber campaigns that intend to desovereignize the nation.¹² Russia has also attempted to influence the public policy of NATO allies, in particular Estonia in 2007 and the United States during the 2016 election. Through use of cyber operations in these and other cases, Russia seeks to advance its national interests, even if it undermines or circumvents established norms for responsible state behavior. US and international responses to counter harmful or wrongful acts by Russia in the cyber domain through methods for cost imposition have not altered Moscow’s behavior. Therefore, in reply to Russian usage of legal ambiguity and technical complexity, this book argues to leverage emerging solutions for resilience to withstand attacks and continue operations. It will examine the adequacy of cybersecurity measures and describe proven capabilities for automated cyber defense. Given continued legal uncertainty that hampers meaningful responses, the book will explore conditions for a technical offset strategy. Specifically, the use of data-correlation technologies in an integrated security operating platform has the potential to diminish Russian advantages through cyber operations, whether they rise to the level of armed conflict or function as a component of strategic competition.