Russia has not been deterred

Opinion by the editorial board : 29 May. 2021


RUSSIA IS not stopping. This is the only conclusion to draw from news that hackers linked to the country’s main intelligence service compromised an email system used by the U.S. Agency for International Development within the State Department. The attack targeted the computer networks of human rights groups and other organizations critical of President Vladimir Putin — and it continues even now.Support our journalism. Subscribe today.

Microsoft discovered and disclosed the breach on Thursday, identifying the culprit as the Nobelium group also responsible for the SolarWinds operation, which recently wormed its way into the innards of hundreds of companies and at least seven government agencies. President Biden last month announced the U.S. response to that incursion: levying some sanctions on Russian companies and individuals, expelling some diplomats and taking other “unseen” actions to deter further malfeasance. Many punches, however, were pulled — ostensibly to avoid escalation. Now it appears not only that Russia has not been deterred, but may itself have escalated.

Adding insult to injury, the latest salvo took advantage of the same weakness in the country’s cybersecurity as did SolarWinds: insufficient safeguards in critical supply chains that run from private enterprise up to the most sensitive public entities. In this case, widely employed email software from a company called Constant Contact was the way in. Spear-phishing messages were blasted out from USAID to more than 150 organizations and reached more than 3,000 accounts. These contained malicious code to let the hackers into recipients’ computer systems, where they could infect others on the network or make off with data. The emails were coming ever faster and ever more furious upon the effort’s discovery — designed, it seems, not to hurt the State Department but civil society, including groups that analyze Russian foreign policy and those that oppose the Kremlin.

One lesson from this mess should have been learned already, which is that sensitive digital supply chains must be shored up. The White House issued an executive order earlier this month to build baseline standards with which all commercial suppliers to the federal government must comply. That should provide some more protection, but efforts to hunt for threats and defeat what’s found must also improve.

Another lesson, however, remains: Mr. Putin will not respond to the traditional playbook of sanctions and expulsions by backing down, but rather by stepping up to the boundaries of Internet-age espionage and pushing them. Mr. Biden must make very clear what the United States is and is not willing to tolerate. He must also have a plan for how to respond when an adversary refuses to listen.

2 comments

  • Standing down in the name of de-escalation is cowardly and ignorant of the current regime in Moskovia. They only understand strength and lead. If you give them one inch they will assume it is an open door. We are not dealing with rational, cooperative humans, we are dealing with modern day Nazis. Did we not learn from history?

    Liked by 3 people

  • onlyfactsplease

    “RUSSIA IS not stopping.”
    Why should they? We have been slapping wrists from the get-go. If a crime-ridden juvenile doesn’t feel real punishment, he too will continue doing bad things. It’s a basic fact of life and actually easy to comprehend … unless you are an idiot politician from the early 21st century.

    Liked by 2 people

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.