Although the United States is bracing for retaliatory Russian cyberattacks, experts in the field say the Kremlin is likely still weighing whether destructive action in cyberspace is worth the blowback.
Russia has shown cyber restraint, at least for the moment, even as the West imposes sanctions that have quickly strangled its economy and targeted government leaders and oligarchs.
“The question is not ‘can Russia carry out cyberattacks against Europe or the United States,’ ” said Melissa Griffith, a senior program associate with the science and technology innovation program at The Wilson Center.
“The question is ‘what would Russia have to gain from and what would they risk by carrying out cyberattacks against the United States and Europe.’ ”
Griffith added that intentionally crippling U.S. critical infrastructure through a cyberattack is “risky and unwise” as the U.S. prepares to take countermeasures against Russia, such as imposing further economic sanctions.
The U.S. and Western Europe have taken unprecedented measures against Russia, cutting the country off from roughly $600 billion in reserves held by the Central Bank of Russia, cutting off Russian access to the U.S. dollar and banning the state banks from using SWIFT, a messaging system used by banks to conduct international transactions.
U.S. lawmakers and NATO officials have also raised the possibility that destructive cyberattacks on infrastructure or militaries could trigger NATO’s Article 5, which says that an act of war against any member will trigger a response from the full alliance.
Michael Daniel, CEO of the Cyber Threat Alliance and a former cybersecurity official during the Obama administration, said that Russia is “definitely going to be cautious on doing things that could be escalatory.”
But that hasn’t eased U.S. fears of Russian aggression in cyberspace.
Sen. Mark Warner (D-Va.), chair of the Senate Intelligence Committee, said on Monday during a Washington Post live event to expect the Russians to use cyberattacks following crippling sanctions imposed by the U.S. and the European Union that caused the value of the ruble to plunge.
“I think we will probably see that in the coming days and weeks as Putin tries to lash out against the crippling level of sanctions we’ve put on him.” Warner said.
And last week, the Cybersecurity and Infrastructure Security Agency (CISA) updated its “Shields Up” guidance for organizations, urging businesses to remain “laser-focused on resilience” following cyberattacks that left several Ukrainian government websites down.
“While there are no specific or credible cyber threats to the U.S. homeland at this time, Russia’s unprovoked attack on Ukraine, which has involved cyber-attacks on Ukrainian government and critical infrastructure organizations, may impact organizations both within and beyond the region, particularly in the wake of sanctions imposed by the United States and our Allies,” the CISA guidance states.
“Every organization — large and small — must be prepared to respond to disruptive cyber activity,” it added.
Cyber experts told The Hill that the U.S. oil and gas industry is particularly vulnerable to cyberattacks because it is not mandated by law to invest in cybersecurity.
The experts also said it’s difficult to predict exactly how the Russians plan to use their cyber weapons against the West.
“I think many of us in the industry expect that some form of retaliation will come through cyberspace because it’s an area that the Russians have a lot of capability and it’s one where the West has a lot of vulnerabilities,” Daniel said.
The vulnerabilities in question are that the U.S. and Western Europe are digitally dependent societies, making it almost impossible to survive without the internet.
“Everything is reliant in some form on digital capabilities, and that means that there are a lot of different avenues to create disruptions … for the West,” Daniel said.