US sanctions on Russia rewrite the rules for cyber espionage

Some critics of cyberpolitics see Biden’s sanctions for spying on SolarWinds in more cynical terms: an inconsistent and instinctive response designed to satisfy anyone who accuses the administration of being lenient on Russia. “This is not an attempt to correct Russian behavior,” says Dmitri Alperovich, former CTO of security firm CrowdStrike and founder of the cybersecurity-focused Silverado Policy Accelerator. “It’s more about making us feel good than fighting back and most importantly, frankly, for a national audience.”

Alperovich argues that by punishing the Kremlin for prudent cyberspying – and associating it with a large collection of far worse actions – in fact, it is even more difficult to bring the Kremlin under control. “I am not against hammering Russia,” says Alperovich. “But it would have been a lot more effective if we had focused on a couple of things that we really think are irrelevant and told them that if you correct that behavior, those penalties will drop. This is how you get effect or effect. less chance of getting effects. That’s not it. “

Yet administration officials have argued that even espionage can cross borders, especially at this scale. “In some ways, the rule is not new, although it may be new to cyber activity,” says J. Michael Daniel, president of the Cyber ​​Threat Alliance and former Obama White House cyber coordinator . “Just because it is recognized that every state practices espionage does not mean that you do not respond when these activities become too important and too brazen.”

Tom Bossert, homeland security adviser to former President Donald Trump, echoes this view and says he would have taken similar steps to punish Russia had his tenure been extended until the SolarWinds campaign. . He argues that it falls under the same anti-piracy rule that lacks the “discrimination and proportionality” with which he intended to oppose sanctions in response to Russian cyberattack NotPetya in 2017, which caused $ 10 billion in damage worldwide. To leave SolarWinds unanswered, Bossert says, would be “like Japanese planes circling Pearl Harbor and we are all sitting down saying,” Well, I’m sure and convinced that this is just an effort. spy. They’re just up there taking pictures, ”he says. “At this point, it’s the Japanese planes not only over Pearl Harbor, but also over New York, Washington, DC, Indiana and Los Angeles, holding companies and agencies at risk.”

Biden administration officials said so on Thursday, arguing the potential for destruction that SolarWinds’ hacker’s degree of access could have caused as a key factor in his response. “What’s concerning is that from that platform, from the wide-scale availability of the access that they’ve gained, there’s the ability to do other things, and that’s is something we cannot tolerate, ”NSA cybersecurity director Rob Joyce said on a call with reporters Thursday. “And that’s why the US government is costing and pushing back.

But critics of the administration’s response point out that while the SVR could have used its SolarWinds hack to perform huge disruption, it did not. “You don’t hammer someone for what they might have done,” Alperovich said. “You focus on what they actually did.”

The White House, however, is probably judging Russia on what it possesses fact, argues Chesney of the University of Texas. The NotPetya attack also used software supply chain hacking to spread destructive malware in what was to be recognized as the costliest cyberattack in history. The Russian military intelligence agency GRU carried out NotPetya, rather than the relatively cautious and stealthy SVR. But this distinction may be less important than the similarity of the methods used. “Russia is seen as a group,” says Chesney. “A child in the group burned his authorization card. And now everyone is being punished for it.

More WIRED stories

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *