Skip to content
Search

Latest Stories

Welcome! Log in to stay connected and make the most of your experience.

Input clean

The U.S. Needs a Stronger Cyber Defense Against Russia

The U.S. Needs a Stronger Cyber Defense Against Russia

Paul Kolbe, Director, Intelligence Project, Harvard University's Belfer Center for Science and International Affairs

Kolbe

Paul Kolbe is Director of The Intelligence Project at Harvard University’s Belfer Center for Science and International Affairs. He previously served 25 years as an operations officer in the CIA and was a member of the Senior Intelligence Service, serving in Russia, the Balkans, Indonesia, East Germany, Zimbabwe, and Austria.

This piece was first published by our friends at Russia Matters, from Harvard Kennedy School’s Belfer Center for Science and International Affairs. 

According to U.S. officials, Russia is the likely perpetrator of the SolarWinds cyber compromise of federal agencies, private sector firms, NGOs and academic institutions. The scale and impact brought accusations of a reckless and indiscriminate operation. Some politicians labeled this an act of war, while other commentators dismissed the SolarWinds compromise as espionage. Calls for retribution were widespread.

We know few details about the breadth, depth and impact of the SolarWinds cyber operation, though the scale was clearly massive with over 18,000 SolarWinds customers uploading malware-laden tools. But we do not know which companies and agencies have been affected, what information was compromised or whether damage occurred to any information systems. This lack of public disclosure likely represents caution in revealing what is known and not known, but also signals the difficulty of assessing just how bad we’ve been had.

So how should the U.S. respond?

A natural inclination will be to strike back in order to modify future Russian behavior and to introduce stronger cyber deterrence for other potential actors. Responses might include declaring Russian intelligence personnel persona non grata, indictment of perpetrators, targeted sanctions and execution of similar operations against select Russian systems. The aim would not just be punishment, but to change the risk-gain calculation for Russia, and others, when considering new cyber operations.

But frankly, all of these actions have been tried in the past and have not slowed the cyber onslaught. Russia does appreciate and adhere to reciprocity, and a specific and carefully calibrated shot across the bow is appropriate in response to SolarWinds. But we should not kid ourselves and think that such responses will stop cyber espionage or assaults. We are simply too fat and easy a target.

For this reason, retaliation is neither the most urgent nor the most important task at hand. Our most critical mission is to relentlessly and comprehensively improve our cyber defense.

SolarWinds dramatically exposed what many cyber experts have known and warned of: that the United States is pervasively, systemically vulnerable. Our attack surface—the systems, networks and devices that can be targeted and compromised—is stupendously large. The skill and number of U.S. adversaries—the states, criminal organizations and individuals who would exploit those vulnerabilities—is proliferating. Russia is but one wolf in an evolving and growing pack of cyber predators.

Keep reading...Show less
Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.

Related Articles

How Trump Can Be the Winning President in Ukraine

“To each there comes in their lifetime a special moment when they are figuratively tapped on the shoulder and offered the chance to do a very special [...] More

Report for Friday, July 11, 2025

8:40 America/New York Friday, July 11 [...] More

Dead Drop: July 11

IN THIS WEEK'S EDITION: (Yet) another Russian leader who falls out with Putin, has a really bad week; Reports emerge about Iran's low-budget [...] More

As Nukes Spread, Robust Missile Defenses Must Rise

OPINION — More countries aspire to be nuclear-weapons states, and we should prepare for this eventuality. That’s why the Golden Dome missile defense [...] More

Mission CIA: Mapping Beijing’s Path to War

Mission CIA: Mapping Beijing’s Path to War

Taiwan has launched its largest annual military exercise ever - amid growing concern that China is on the cusp of launching a military invasion. Many [...] More

Report for Thursday, July 10, 2025

8:40 America/New York Thursday, July 10 [...] More

Rekindling Memories of the Fuji Fire

Rekindling Memories of the Fuji Fire

In October1979, the most powerful cyclone in recorded history, raced across the Pacific and set in motion circumstances that caused a horrendous fire [...] More

Doing Battle in the Gray Zone

Doing Battle in the Gray Zone

Subscriber+Members are invited to join us on Wednesday, July 23 at 1:00p ET for an exclusive virtual conversation on gray zone operations led by [...] More

Report for Wednesday, July 9, 2025

9:12 America/New Wednesday, July 9 [...] More