Is Cyber War Between the U.S. and Russia Possible?

How Technology is Changing the Dynamic

Introduction

Throughout most of the 20^th century and into the 21^st, there has been a level of tension between the U.S. and Russia. Following the Second World War, the Cold War created a dynamic between the two countries that breeds constant competition. This dynamic has persisted past the fall of the Soviet Union and has taken many shapes and forms in the following decades. Technology has been the main proponent of competition, beginning with the nuclear arms race of the Cold War and the race to space of the latter half of the 20^th century. Today, the tension has manifested itself into the cyber sphere, with each country working to gain the upper hand over the other through the use of cyber intelligence and attacks. In the past decade, the U.S. has identified several instances of Russia interfering not only with American domestic cyber activity, but also interfering in several other countries. Russia’s cyber interference with former satellite states, now independent, democratic nations with Western alliances, such as Estonia and Lithuania, puts the international system on alert.

In April of 2007, cyber attacks were documented in Estonia that resulted in the disarming of several Estonian government, private sector, and news portal websites over three weeks. It is largely speculated that the Kremlin orchestrated the attack in light of political tension between Estonia and Russia regarding World War 2 memorial services. In 2008, the Radio Free Europe/Radio Liberty website operating within Belarus was targeted by a Distributed Denial of Service. The attack effectively disabled the website, which is one of the only free, pro-Western news sources operating in Belarus. Belarus has been led by its president, Alexander Lukashenka, since 1994, and is considered to have the strongest remaining political ties with Russia while also having one of the most repressive media environments in the world. The attack is largely suspected to have been perpetrated by Russia. These attacks set a precedent of high profile Russian intervention in the operations of free, democratic, pro-Western institutions, which creates a level of discomfort in Western countries, specifically the United States, given the tenuous relation between the two countries over the past several decades.

The U.S. also has a history of breaching the cyber securities of other nations. As early as the 1960’s and 1970’s, American submarines operated alongside the early National Security Agency and in the Sea of Okhotsk. They were able to evade Soviet detection and intercept information from an underwater communications cable, effectively stealing undeterminable amounts of classified Soviet intelligence. In 1982, an alleged cyber attack on a Russian gas pipeline was orchestrated by American operatives, and resulted in the explosion of the pipeline in an attempt to disrupt the Soviet economy. Sabotage and espionage between the two countries is not unprecedented, and likely not final, given the current political climate. In 2010, Iranian nuclear facilities were attacked by the Stuxnet worm, a computer worm that infiltrates a device, spreads, takes over, and disables the network system. Centrifuges within the Iranian facilities were breaking, rendering the facilities inoperable. It is largely speculated that the attacks were a joint operation between the United States and Israel.

This study will look at several cases of cyber attacks, specifically curtailed around the U.S. and Russia. The two countries are no stranger to armed conflict, and have already come dangerously close to war, as evident by the Cold War. Technology has become integral to the definition of power, and the concept of a powerful country shifts as technology does. As technology changes, so does the international system, and Russia has used this to their advantage. Understanding the criteria of war set by Carl von Clausewitz, the question sought to be answered by this research is whether a new theory of war, cyber war, between the United States and Russia is possible.

Literature Review

In order to answer the question explored in this study, it is important to define cyber war and what it entails. The Oxford Dictionary defines cyber war as being, “The use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes” (Oxford Dictionary, 2018).

Carl von Clausewitz offers three elements that define the concept of war, which can then be applied to the concept of cyber war and used to decide if it applies to the United States and Russia. First, Clausewitz writes that war is inherently violent, that both sides of the conflict work to overwhelm the other and inflict enough pain to render surrender. Second, he asserts that war is used as a means to an end, the end being the coercion of the enemy into accepting the terms of defeat. The third element is the concept of war’s political nature, that war is an extenuation of politics. It is politically motivated, and not defined by one decision; the ultimate “end” is subject to the will of the party in power and not necessarily constrained by isolated acts (Rid, 2012). The body of research into this question is divided along the lines of these elements. One such study concludes that cyber war is inevitable, although not necessarily between the U.S. and Russia. John Arquilla and David Ronfeldt surmise that technology inherently initiates cultural change, that it forces a shift in the international system. They draw upon historical precedent of technological advancements that changed the nature of war and had profound impacts on the course of history, such as the invention of the gun. Arquilla and Ronfeldt argue that the concept of modern “war” has shifted, so as to minimize violent conflict and has come to focus on the collection of information that would allow you to outmaneuver your opponent (Arquilla, 1993). They note that conflict in the modern age has manifested itself into an ideological disagreement and highly intertwined with economics, rather than territorial disputes as it has been in the past. Information has become a highly prioritized currency in inter-state conflict, and because of this, the nature of war has been changed.

 Research into cyber war also suggests that technology changes the nature of the international system (Weigly, 1989). It allows a state access to another in ways previously not possible. Technology has redrawn boundaries between states and opens systems that had not been accessible before (Arquilla, 1993). This challenges the international system and opens it up to reconfiguration. States have begun to alter their approach to national security and priorities, with a focus on protecting their economy. To challenge a powerful country by modern standards, such as the United States or Russia, it is necessary to challenge their economy, to compromise their economic capabilities.

 Alternatively, there is research surmising that cyber war is not inevitable, that it will not take place, based on the three elements set for by Clausewitz. Thomas Rid argues that no cyber attack to date has met all three elements of being violent, instrumental, and politically attributed, despite numerous isolated attacks meeting one or two of the criteria (Rid, 2012). He looks into the Estonia cyber attack in April of 2007 that threatened their national sovereignty, as well as the explosion of a Russian gas pipeline in 1982 that is suspected to be the result of an American cyber attack, and found neither to meet the definition of cyber war. He concludes that because cyber war is not geared towards the type of violence that directly threatens human life and safety, cyber war is not likely.

 Regardless of whether these case studies conclude an act of cyber war or not, it is evident that the number of cyber attacks are increasing, and are likely to continue. The Pew Research Center conducted a survey in 2014 that canvased 1,642 experts on the Internet and cyber attacks and found that 61% agreed that a major attack causing widespread harm would occur by 2025. The study highlighted four key themes agreeing with the likelihood of attacks. First, that systems connected to the Internet are open targets. An overwhelming amount of society’s basic functions, essential to daily activities, are facilitated by the Internet. This attracts attention from those who wish to take advantage of this fact. Second, that security is not the primary concern when Internet applications are designed. Designers instead work to make the most economically beneficial product they can, to make the most money they can. System security does not often fall in that category. Third, that major cyber attacks have already happened, such as Stuxnet. Finally, that cyber attacks often target the private sector rather than government institutions. These institutions are more vulnerable to attacks because they are not equipped with the same level of defense as government institutions, but arguably carry equal weight importance in the daily lives of the public (Pew Research, 2014). The dissenting opinion argues three counter concepts. First, that there is already significant progress in security fixes. Designers are upgrading system security capabilities. Second, that cyber deterrence is an effective method of defense. The threat of retaliation is sufficient to deter malicious actors. Cyber deterrence is defined as the capability to do to attackers what they may intend to inflict (Libicki, 2009), and that the potential attacker is aware of it. Third, that cyber attacks are exaggerated, created by organizations that would profit from an atmosphere of fear.

 The United States has identified the cyber sphere as a top national security sphere, and has initiated efforts to increase deterrence capabilities under the new administration, including the commission of several research and development agencies. Agencies such as the Cyberspace Solarium Commission have been tasked with finding and have published strategic approaches to cyber deterrence (Sasse, 2018).

Theory

 Realism is the international relations theory that best explains the United States and Russia’s response to one another and the shifting world system. Under realism, international relations is individual states interacting with each other, in the pursuit of power. States act in accordance with human nature, which is largely selfish. The definition of power is ambiguous, and is not constrained by any one component, but has been agreed to include technological capabilities. There exists a balance of power in the international system, and states battle to gain the upper hand over the others while preventing others from doing the same to them. There is a lack of hegemony in the international system, so higher power to assume the ultimate authority in delegating the balance of power. To do so, states operate in their own self interest, with national security being a top priority. They rely on their own military resources to achieve desired ends, and a “self-help” system of sorts emerges. Jean-Jacques Rousseau wrote about realism in his work, The State of War (Roosevelt, 1987),and surmised that the world is governed by predatory rulers, and that there is an inherent anarchy in international politics. Applying the theory to the modern world, neorealism borrows models from economics and behavioral science. It makes the modification to the theory that recognizes economic resources as the basis of influence and power. A powerful country by today’s standards is a country with a powerful, secure economy.

 Between the United States and Russia, there lies a deeply rooted struggle for power. Both states have built themselves up as two of the most powerful states in the international system. As prescribed by the realism theory, each state is in constant struggle to gain power over the other; this concept is directly applicable to the situation today.  Constant changes in technology create constant opportunity for the balance of power to shift, and both countries work to gain power over the other.

Cases/Analysis

 The following cases look at instances of possible cyber attacks that the U.S. and Russia/Soviet Union were involved in. By comparing them the Clausewitz’s criteria of war, it will possible to evaluate the possibility of cyberwar given the precedent set by the United States and Russia, specifically their capabilities and the extent to which they are willing to go in the name of national security and protecting the balance of power.

1.)   Estonia, 2007:

In April of 2007, street riots broke out in the capital, Tallinn, between young Russian ethnic groups and the native Estonians. The riots were in response a government decision to relocate a Soviet-era, World War Two memorial that celebrated Soviet army victories. The site had become a rallying point for extremist Russian nationalists, and the relocation was an attempt on the government’s behalf to ease tensions. Instead, the tensions only increased when the peaceful protests turned violent, with police making 1300 arrests, hundreds injured, and one death. The Estonian ambassador in Moscow was physically assaulted. Estonian government web pages, news agencies, and private sector websites were attacked over a span of three weeks, disrupting the day to day operations of the country.

Analysis: Estonia is a highly interconnected state, with high internet capabilities. It was a wide range of government and private sector services available online and the majority of the Estonian population has access to and used the Internet; much of daily life is dependent on internet functionality. The attack is suspected to have been instigated by the Kremlin and Russian nationalists in response to removal of the memorial. This particular attack is highly politically motivated but lacks any inherent violent motivation. It demonstrates Russia’s ability and willingness to interfere in an independent state’s sovereignty.

 Source: “International Cyber Incidents: Legal Considerations” by Eneken Tikk, Kadri Kaska, and Liis Vihul, 2010.

2.)   Radio Free Europe/Radio Liberty, 2008:

In April of 2008, on the anniversary of the Chernobyl disaster, the Radio Free Europe/Radio Liberty website operating within Belarus was targeted by a Distributed Denial of Service attack. The attack rendered the website inoperable. The attack lasted for two days, during which other RFL/RL websites were affected. Belarus is notoriously maintains one the closest relationships with Russia following the fall of the Soviet Union, having been lead by the same president, Alexander Lukashenka, since 1994. Only 29% of the population uses the Internet, and access is controlled by a state-owned company that controls and restricts some critical websites, according to Freedom House.

Analysis: On the anniversary of the Chernobyl disaster, native Belarusians were protesting the government for lack of compensation following the disaster. It is speculated that the government attacked the RFL/RL to limit press coverage of the protesting, facilitated by Russian technology and Lukashenka’s close relationship with the Kremlin. The RFL/RL is one of the few sources pro-Western, uncensored, international news in Belarus. The Belarusian/Russian disruption of information flow again exemplifies Russia’s willingness to overpower a sovereign state. The fact that the website was pro-Western is not to be ignored by western states, specifically the United States. Analyzed by Clausewitz’s three criteria, the attack was not intended to be directly harmful to human safety, but was politically motivated, as it was an effort to assert one system of culture and government over another by silencing it.

Source: “International Cyber Incidents: Legal Considerations” by Eneken Tikk, Kadri Kaska, and Liis Vihul, 2010.

3.)   Operation Ivy Bells, 1960s/70s:

In the 1960s and 70s, the American Navy and the National Security Agency created a covert operation that submarines would locate and tap into underwater Russian communication cables in the Sea of Okhotsk. The submarines were disguised as deep-water rescue and research vessels, and were able to avoid Russian detection. They used highly advanced technological equipment, some of which is still classified to this day, and the divers involved were some of the first to use the new underwater water breathing devices that are used today. The mission was reportedly highly successful, as it continued until the 1980s.

Analysis: With this case, the United States has demonstrated a precedent and ability for cyber espionage and a desire for information to gain an advantage over Russia. Hacking Russian underwater communication cable and stealing highly classified state secrets sets the United States squarely in conflict with Russia and raises tensions between the two. When compared to Clausewitz’s three criteria, the mission was politically motivated, as it was an effort to steal information, but was not directly violent or cause any type of destruction. 

Source: Submarine Spying- Operation Ivy Bells in the Cold War by Matthew Gaskill, 2018.

4.)   Stuxnet, 2010.

In 2010, several Iranian nuclear facilities were attacked by a malicious software computer worm, known as Stuxnet, that had the ability to repeat itself and spread to any device operating on the same network as the initially infected device. The worm gave attackers the capability to override the system, and it was used to destroy centrifuges inside the nuclear facilities, forcing the facilities to shut down. It is largely speculated that the worm was developed by a joint effort between the U.S. and Israel, in an effort to deter Iranian nuclear capabilities.

Analysis: By developing a malicious computer worm, capable of inflicting substantial systemic damage, the United States has demonstrated a willingness to initiate potentially violent and dangerous actions that operate in the self interest of the state. In this particular situation, the U.S. felt threatened by Iranian nuclear capabilities and attempted to protected itself by disabling Iran’s nuclear facilities. Attention on the United States was diffused by the cooperation with Israel, who had also had a state interest in disabling Iran’s nuclear operations. When compared against Clausewitz’s criteria, it is a politically motivated attack, but it was not directly violent and did not result in the physical harm of human life.

Source: “Cyber Attacks Likely to Increase” by the Pew Research Center, 2014.

Implications/Conclusion

 Applying realism to the Russian-American dynamic currently playing itself out through international relations, there is clear and definite struggle in the balance of power. They have developed two distinctly different systems and cultures and have perpetuated them internationally so that each has come in direct competition with the other for global dominance. Eastern and Western cultures have become so conflicted that each is a threat to the sovereignty of the other. The changing nature of technology changes the nature of this conflict and has continued to do since the Cold War. As exemplified by the case studies and recent international events, Russia has demonstrated the ability to integrate cyber capabilities and attacks in military offenses. The United States recognizes this as a threat to its allies along the Russian border, and subsequently a threat to Western culture. Conversely, the United States has demonstrated a willingness to act against states and institutions it deems threating to national security. The American government has prioritized the cyber theater as a top security priority, and the current presidential system has authorized new programs and operations that loosen restrictions on cyber retaliatory attacks. National Security Memorandum 13 enables agents to engage in retaliatory actions quickly and without approval from governing bodies, as well as allowing them to take preemptory steps towards potential attackers before any attack has even happened (Fryer-Briggs, 2018).

 Understanding that the number of cyber attacks are increasing, so are the intensity of the attacks. Just this past year, thirteen Russian nationals and three Russian companies were indicted by the United States on charges of interfering with the 2016 presidential election. The Russians stand charged with the hacking of the Democratic National Committee and the Clinton presidential campaign (Mazzetti, 2018).

As the intensity of the attacks increase, so does the likelihood of cyber war taking place between the United States and Russia. But following the criteria set forth by Clausewitz, there has been no cyber attack that meets those standards. If cyber war were to follow this definition of war, it is possible that it will never occur. It is also possible, however, that the nature of cyber attacks and changing cultural values combine to create a new definition of war, one that can define cyber attacks as acts of war. The goal of these attacks is not directly focused on violence, but rather on culture and state infrastructure. More and more, cyber attacks are becoming focused on and targeting the disruption of daily civilian life, hacking into the private sector businesses and corporation and disrupting state economies. If the goal of war remains the dominance of one state over the other, absent the violent criteria of past concepts of war, does cyber war not then meet the other criteria? The United States and Russia see each other as threats, and have responded as such, and along the lines of the realist theory: by building up military capabilities in the form of cyber attack and deterrence capabilities. As they continue to do so, the reality of cyber war becomes increasingly evident.

Sources:

• Arquilla, John and David Ronfeldt. (1993) Cyberwar is Coming!, Santa Monica, Calif.: RAND Corporation, RP-223. https://www.rand.org/pubs/reprints/RP223.html

• Cyberwar | Definition of cyberwar in English by Oxford Dictionaries. (n.d.). Retrieved from https://en.oxforddictionaries.com/definition/cyberwar
• Dinstein, Y. (2002). Computer Network Attacks and Self-Defense. International Law Studies, U.S. Naval War College, 76. Retrieved from https://digital-commons.usnwc.edu/ils/vol76/iss1/20/.
• Fryer-Biggsemail, Z. (2018, November 07). The Pentagon has prepared a cyber attack against Russia. Retrieved from https://www.publicintegrity.org/2018/11/02/22421/pentagon-has-prepared-cyber-attack-against-russia
• Gaskill, M. (2018, June 14). Submarine Spying- Operation Ivy Bells in the Cold War. Retrieved               from https://www.warhistoryonline.com/world-war-ii/dogs-of-war-american-infantry-wwii.html
• Libicki, Martin C., Cyberdeterrence and Cyberwar. Santa Monica, CA: RAND Corporation, 2009. https://www.rand.org/pubs/monographs/MG877.html.
• Mazzetti, M., & Benner, K. (2018, July 13). 12 Russian Agents Indicted in Mueller Investigation. Retrieved from https://www.nytimes.com/2018/07/13/us/politics/mueller-indictment-russian-intelligence-hacking.html
• Pew Research Center, (2014). Cyber Attacks Likely to Increase. Pew Research Center & Elon University’s Imagining the Internet Center. http://www.pewInternet.org/2014/10/29/cyber-attacks-likely-to-increase/
• Rid, T. (2012). Cyber War Will Not Take Place. Journal of Strategic Studies, 35:1, 5-32. DOI: 10.1080/01402390.2011.608939
• Roosevelt, G. (1987). A RECONSTRUCTION OF ROUSSEAU’S FRAGMENTS ON THE STATE OF WAR. History of Political Thought, 8(2), 225-244. Retrieved from http://www.jstor.org/stable/26213293
• Tikk, Eneken, Kadri Kaska, and Liis Vihul. (2010) “International Cyber Incidents: Legal Considerations.” Cooperative Cyber Defense Centre of Excellence. https://ccdcoe.org/publications/books/legalconsiderations.pdf.
• Sasse, B., (2018). Cyberspace Solarium Commission (United States, Senate Armed Services Committee).
• Weigley, R. (1989). War and the Paradox of Technology. International Security, 14(2), 192-202. DOI: 10.2307/2538859

. Earlier this month, the U.S. enacted an offensive cyber retaliatory attack in the case of Russian intervention in the November midterm elections or any other subsequent elections.