Could Russia and West be heading for cyber-war?

0
19

By Gordon Corera Security correspondent

The latest warning of Russian intrusions is another sign that cyber-space is becoming one of the focal points for growing tension between Russia and the West.

But so far, much of the talk about cyber-war remains hypothetical rather than real.

It is true that Britain’s National Cyber Security Centre (NCSC) is on high alert for the possibility of some kind of Russian activity. More people and resources have been devoted to monitoring and investigation.

There has also been outreach to companies to warn them on what to look out for and what to do.

“Russia is our most capable hostile adversary in cyber-space, so dealing with their attacks is a major priority for the National Cyber Security Centre and our US allies,” NCSC chief Ciaran Martin said in a statement.

But so far, there has not been any sign of a significant cyber-attack or change of behaviour from Russia.

That is not to say that officials are not seeing any Russian activity. Quite the opposite, the reality is that they are almost always seeing Russian activity and they have done for close to 20 years.

Russian espionage – the theft of information – dates back at least to the late 1990s.

More recently, in the past few years, officials in the UK and US have said they have seen Russia pre-positioning in networks that are part of the critical infrastructure in a way that could be used for destructive acts of sabotage, for instance taking down parts of the electricity grid.

It is possible that Russian intrusions may be increasing. But it is too early to know for sure if this is the case, since it takes time to spot this – if it is spotted at all – and to be sure it is Russian.

The crucial thing is whether Russia actually employs its offensive capability to actually do something destructive.

So far, there has been relatively little sign of this in the US or UK, although Russia is accused of launching destructive attacks against Ukraine, which spilled over into companies that did business there.

It is worth saying that Britain and the US will be carrying out almost identical activities in Russia, pre-positioning in Russian networks to be able to respond.

What no-one is quite sure of is whether this creates a deterrent a bit like mutually assured nuclear destruction in the Cold War. Or if the fact that cyber-attacks are harder to trace and at least partially deniable – unlike a nuclear missile – makes the threshold for action much lower.

It was notable though that the head of GCHQ last week made public reference to the use of Britain’s offensive cyber-capability.

“For well over a decade, starting in the conflict in Afghanistan, GCHQ has pioneered the development and use of offensive cyber-techniques,” said Jeremy Fleming.

“And by that I mean taking action online that has direct real world impact.”

In this case, Mr Fleming was talking about activities targeting the Islamic State group.

“We may look to deny service, disrupt a specific online activity, deter an individual or a group, or perhaps even destroy equipment and networks,” he said.

Talking publicly about the capability is also likely to be seen as a means of warning Russia that Britain could respond if it was targeted.

One possibility is that Russia could take action primarily in the information space.

It has already been accused of unleashing bots and trolls to push its narrative of the Salisbury poisoning, although such activity does not fall under the traditional definition of a cyber-attack.

Image copyright Fancy Bear Image caption It has previously been alleged that a hacking group called Fancy Bears has worked with the Russian military

But it could use cyber-intrusions to steal compromising data and then release this into the public domain to punish those it is opposing.

This tactic was used with information stolen from sporting anti-doping bodies but also in the case of the Democratic National Committee in the US.

Such activity is a reminder that cyber-space should not be seen as somehow completely separate from other fields of activity – whether information flows or traditional military activity.

Particularly in the Russian doctrine of hybrid warfare, it is simply part of a continuum.

But as the field that is newest, the rules in cyber-space of what constitutes war and an attack are much less clear. And that may be the danger, as miscalculation could lead to escalation.

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here