For years, I slept fitfully after a “friend” told me that it wasn’t the noisy mosquitos buzzing in my ears at night that were a problem. Instead, it was the female mosquitos that made no noise at all but laid eggs in your ears at night. That image wrecked my sleep until the Internet helped me to dispel the myth years later.
The cyber threat is a little like the silent mosquito. The biggest dangers are the ones that you will never know about.
However, if you follow the public discourse on the nature of the cyber threat to the U.S., it seems that the bulk of the dialogue has to do with the issue of hackers and the thousands of daily thwarted attacks against government and private computer systems. It is almost as if the danger is easily detected, and a better password and up-to-date antivirus software can solve the problem.
However, the far bigger threat is from foreign intelligence and terrorist groups, who have the talent, resources, and wherewithal to do serious damage to U.S. interests – damage we may never realize until it is too late. While we publically frame the problem by citing how many attacks are observed every day, the far bigger problem is hidden. An intelligence organization’s job is to pick your pocket without you ever knowing anything is amiss. You won’t make it very far as an intelligence officer if your adversary becomes aware of your activities.
Of the capable organizations that are determined to do us harm, perhaps the most competent, dedicated, and focused is Russia’s Special Communications Service, the Russian equivalent of the U.S. National Security Agency (NSA).
Russia doesn’t do many things well (dancing bears, perhaps). Spying, however, is a Russian specialty honed by decades of experience controlling its population and stealing from the West. The U.S. has been their main enemy since WWII and remains so today. Indeed, while we more often hear about Chinese cyber activities, the Russian cyber espionage enterprise is far more sophisticated and capable than its Chinese counterpart, according to statements by U.S. intelligence officials.
Unlike in the U.S., the Russian espionage effort is central to its foreign policy, and its offensive cyber capability is a particularly powerful weapon that is used to challenge the U.S. across the board. Indeed, the Russian NSA equivalent is used for – among other things – cyber warfare, espionage, counterintelligence, internal control of its citizens, disinformation, and propaganda. Russia’s cyber attacks – both blatant and stealthy – are used to achieve geopolitical ends and to maintain an asymmetric ability to damage the U.S.
The Russians have shown a willingness to use the cyber weapons at their disposal, and have done so effectively. In 2007, the Russians swamped Estonian computer systems to express their anger at perceived Estonian disrespect of Russian symbols. A year later, they combined sophisticated cyber intrusions with their military attack against Georgian forces. More recently, they used offensive cyber tools to support their aggressive annexation of Crimea and eastern Ukraine. We even witnessed Russian cyber probing of top U.S. financial institutions in 2013.
Internally, the Russians use cyber weapons to maintain control over their population. By law, all private encryption equipment in Russia is required to be licensed by Russian Intelligence. Likewise, all internet providers in Russia have to install hardware/equipment provided by the Russian NSA equivalent (and pay for it themselves). There is no such thing as privacy in Russia.
While the U.S. Government is probably the biggest target of Russian cyber spying, you can be confident that they go after anyone and anything that can help them get what they need. They surely steal directly from Yahoo, Google, Facebook, and social media platforms. If they want to collect compromising information on a person in a bank, military unit, national laboratory, or nuclear power plant, you can be sure that they are swimming in e-mail and personal data that can help them craft an approach to that individual.
At the same time, the Russians are collecting the capability to understand and possibly disrupt our power grid, air traffic control, oil and gas infrastructure, and transit networks. Additionally, recent reports cite a significant increase in Russian submarine surveillance activity in the vicinity of the strategic underwater fiber cables that facilitate commercial and classified communications. This aggressive effort has intensified fears of Russian efforts to tap or cut these critical deep sea communication conduits that carry trillions of dollars a day in global business.
The only real way to protect ourselves from this kind of sophisticated cyber warfare is a robust public-private partnership between our intelligence and law enforcement services, and those companies that provide the backbone of our computer networks. In this sense, perhaps the most damaging of Edward Snowden’s many traitorous acts was to destroy the trust between the private sector and our security professionals. We are now talking past each other, and the Russians, Chinese, Iranians, and others are having a field day. Until those key relationships and trust is restored, we will remain in a vulnerable state.
So, the next time you hear a story about hackers attacking various computer networks, think of the buzzing mosquito, and remember that there is probably something much more dangerous happening away from public notice.
Read the Original Article at Cipher Brief