Expert Commentary

Next Moves on the Cyber Chessboard

Kenneth Geers
Senior Research Scientist, Comodo

Where will Russian President Vladimir Putin strike next? With the 2018 Russian election around the corner, former Soviet states are nervous. Foreign adventures are the quickest way for a politician to get a bump in the polls.

What does this mean for cybersecurity? In the internet era, one thing is for sure: the war has already begun. Generals and admirals today have a dilemma. They must prepare for a wide range of possible wars, and they know that information technology is one key to victory. However, they cannot wait until the first shot is fired to start hacking.

Tanks, planes, and ships are now rolling, flying, and floating boxes of information technology, which are vulnerable to the same digital attacks as your old Windows XP – theft, denial, modification. The “blue screen of death” is a game-changing new weapon in any military arsenal, so tank commanders today must understand IT as well as maneuver warfare.

If you are defending Tallinn, Riga, or Vilnius, the same rule applies. Russia has thousands of quick-strike forces just across the border but is unlikely to challenge NATO directly. A far better option is to chip away at the alliance’s integrity and credibility and hope it dissolves of its own accord.

The difference between the Cold War and Cold War 2.0 is internet IT. In the long run, the internet will sweep all dictators aside, but in the short run, it provides autocracies with Orwellian surveillance capabilities and gives them endless opportunities for espionage and provocation.

Cyberattacks are notoriously difficult to prove, but we also shouldn’t miss the forest for the trees. What do Finland, Estonia, Latvia, Lithuania, Poland, Belarus, Ukraine, Georgia, and Azerbaijan have in common? All border Russia, and all have been hit by cyberattacks.

War is politics by other means, and hacking is war by other means. This is true for all modern militaries. Russia, though, has the most impressive public record of employing advanced technology in support of national security goals. Even in the early history of modern signals intelligence, the fact that Russian scientists are unusually good at math and crypto has been known as the “Russia problem.”

Cyber war skeptics should read more history. The first electronic computers were built specifically for military purposes. For example, the early computer called the ENIAC was meant to improve the calculation of ballistic missile trajectories, not to share recipes. Project Ultra, a British signals intercept code breaker, may have shortened World War II by several years. Since the major breakthroughs in IT, soldiers and spies have relied heavily on scientists.

What would cyber war look like in the Baltics in 2017? Not like Estonia in 2007, but Ukraine in 2014. The cyber activity in Ukraine is dramatically more complex, diverse, and subtle, with attacks in the political, military, diplomatic, business, critical infrastructure, and social media domains.

The internet is a machine. Cyberspace encompasses the human cloud above it, which includes students, soldiers, spies, and statesmen. Today, computers and malicious code are ubiquitous, and cyber espionage is the evil twin of cyberattack. On defense, understanding intent is key, but intent is usually in a safe behind a locked door. Good all-source analysis can bring you closer to the truth, but given how surprised we were by the annexation of Crimea, the Kremlin is good at keeping secrets.

In Ukraine, the barrage of physical and logical cyberattacks were likely intended to prevent decision-makers in Kiev and the West from understanding what took place on the ground in Crimea. Possession is nine-tenths of the law, and it is easier to play defense than offense. As was the case with airpower in World War II, cyberattacks are unlikely to be decisive in war, but they can serve to blind, delay, or confuse national security decision-makers precisely when time is crucial.

Because humans are now glued to the internet, traditional military operations will nearly always be preceded by psychological operations in cyberspace, backed by big data, machine learning, and automated analysis. Adversaries will first invade your talk shows and soap operas, and then ask their artificial intelligence engines whether a more traditional assault would be successful. In social media, anything that looks like a camouflaged military operation could be exactly that but it might be impossible to know for sure.

NATO, however, has an ace up its sleeve. The alliance consists of 28 core members, all of which are sovereign nations with independent law enforcement, counterintelligence, and cybersecurity specialists. If they choose to act in concert, NATO is a formidable group. Even at a time of populist uprisings and alternative facts, mathematics still matter and 28 nations sharing proactive intelligence and conducting reactive investigations are hard to beat – and the Russians are good at math.

So, are the Baltics, the NATO alliance, and the West as a whole, safe from Putin’s threats? Not by a long shot. Putin himself told us why: “Fifty years ago, the streets of Leningrad taught me one rule: if a fight is inevitable you have to strike first.” Indeed, autocrats are in a difficult position. Crimea happened because Putin realized that if he sits back and does nothing, Maidan – a popular movement in Ukraine for closer European integration – will eventually come to Red Square. So it’s the challenge of expansion versus the fear of diminution. Take your pick.

The Author is Kenneth Geers

Kenneth Geers is a Senior Research Scientist at Comodo, an Ambassador at the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia, and a Senior Fellow at the Atlantic Council. Geers is also an affiliate at the Digital Society Institute-Berlin and a professor at TSN University of Kyiv. He holds over 20 years of experience within the U.S. government, specifically at the U.S. Army, the National Security Agency, Naval Criminal Investigative Service, and NATO. He served as an... Read More

Learn more about The Cipher Brief's Network here.


Share your point of view

Your comment will be posted pending moderator approval. No ad hominem attacks will be posted. Your email address will not be published. Required fields are marked *