On Thursday, senior cybersecurity officials from the US and Russia began two-day meetings in Geneva. The US says that the two countries are renewing efforts to prevent rushing into a cyber war “by mistake,” but many wonder what defines a "cyber war," and whether it actually poses a credible risk.
In recent years, America has pushed the boundaries of cyberwarfare while Western media focused on imagined threats from Russian and Chinese hackers. Beginning in 2010, with Operation Olympic Games, the US and their Israeli counterparts released the Stuxnet virus, crippling Iran’s Natanz nuclear facility and demonstrating the potential of "kinetic effects" as a result of cyberwarfare.
Further, in 2014, the NSA was implicated in surveilling the president of Brazil and the country’s state-owned oil giant Petrobras. Documents released from that NSA surveillance triggered the "car wash" investigation, leading to a vote to impeach Brazilian President Dilma Rousseff.
Recently, a series of cyberattacks by Iran demonstrated that turnabout is fair play. A federal indictment was issued against several Iranian officials for hackers engaging not only in market manipulation but also attempting to cripple a dam in New York state that, if it had been successful, could have resulted in substantial loss of life and long-term agricultural damage.
With the purported specter of cyber war moving from the realm of science fiction to a leading national security distraction, Sputnik’s Brian Becker sat down on Friday with journalists Dmitry Babich and Declan McCullagh to discuss the cooperative meetings between US and Russian officials and whether the so-called new Cold War has already migrated online.
Is Russia engaged in cyber war around the world?
"There is a really bad relationship between the US and Russian government," Babich told Loud & Clear, "and there are constant accusations in the US press against Russia about Russian hackers on the payroll of the government trying to ruin the economy and military systems of countries like Estonia."
"I think the real picture is more complicated," suggested Babich. "There are some companies in Russia, big companies, which are dealing with cybersecurity and are part of international business. A [Russian] company like Kaspersky is an integral part of the global cybersecurity system."
Babich believes Russian cybersecurity companies and specialists are not engaged in cyber war against the United States or elsewhere, that they "don’t want to quarrel with the US and the EU," and are frustrated that the West takes such an aggressive posture towards them.
The journalist believes that the meeting between the two military superpowers will help to clear misconceptions, often advanced by Western media, that Russian hackers are "trying to attack the innocent West" when, in reality, Russia is both a competitor and a cooperative partner, engaged in activities that mirror US efforts.
Declan McCullagh agreed, likening US-Russian relations on cyber warfare to competition between tech giants Google and Apple. "Google competes with Apple, but it also releases maps and mail for the iOS Chrome browser – there is both cooperation and competition there," said McCullagh. "Similarly, the US and Russia are interested in the other party’s computer vulnerabilities, data, and obtaining military and defense intelligence, but they also cooperate regularly on cybersecurity."
McCullagh provided the example of a 2013 cyber crime extradition working group, and more recently a cyberwar hotline established for countries to quickly ask counterparts whether they are responsible for a cyberattack in order to rapidly deescalate situations and avoid misunderstandings.
What challenges stand in the way of cooperation in the cyber arena?
"Attribution," said McCullagh. "The real difference in cyber is the issue of attribution, because if a missile is fired you know who fired the missile, or if a spy is caught you can track down who the spy is, but if you are hacked by somebody and it is sent through five different routers in five different countries then attribution is impossible, you won’t know who did it."
The two guests raised the issue that law and policy have yet to catch up to cyber realities, creating the possibility for false-flag attacks, misunderstandings and overreaches that could become military conflicts. The meetings on Thursday and Friday are designed to address those vital issues.