Putting the SolarWinds hack in geopolitical context
Over the last several decades, Moscow has seen the limits of U.S. and Western responses to cyberattacks, to territorial violations and even to extraterritorial assassinations.
The latest cyberattack against U.S. government computer systems reflects Russia's strategic position on the world stage, its perceived vulnerabilities and its continued use of grey area operations to maintain a strategic edge against the United States.
The Solar-Winds attack appears to have provided Russian operatives with lengthy access to internal U.S. government computer systems and email accounts, a veritable goldmine of intelligence collection. Initial assessments suggest the suspected Russian operatives limited the systems they accessed, reducing the chance of detection and thus lengthening their access. As such, this currently appears to be primarily an intelligence collection operation, not an offensive operation designed to damage or destroy U.S. systems.
Russia's continued use of cyberspace for intelligence collection and detection of vulnerabilities for potential offensive operations demonstrate a key component of Russian international strategy. Moscow sees itself still locked in competition with the United States and its European allies, and engages in grey-area operations and hybrid warfare, using proxies and nonmilitary means in order to maintain a tactical edge and broaden its options should relations deteriorate further. Grey area operations, from cyberespionage to the use of "little green men" along the Russian periphery, are lower cost and lower risk operations for Russia. Their use reflects Moscow's seizing of an opportunity and its perceptions of its own weakness.
Russia's government, and Russian President Vladimir Putin in particular, has assessed Russia's opening to the West at the end of the Cold War as having been an economic and political disaster at home, and as clear proof that the United States and Europe have little intention of ever considering Russia an equal within the Western liberal order. For Russia, reasserting its influence along the former Soviet periphery and protecting its domestic political system represents an imperative. Russia sees the West constantly seeking to further eat away at its periphery, from promises of, or actual, NATO and EU expansion to economic and political sanctions.
This perception is made more immediate by Russia's future vulnerabilities. Like most of the developed nations of the global north, Russia faces a future of continued demographic decline, with an aging and shrinking population pool from which to draw labour, innovation and defence personnel. Russia has also found it difficult to transition away from a commodity-based economy, one heavily dependent on oil and gas, and sees the potential for peak oil in the early 2030s as a massive economic obstacle. In short, Russia faces an economic and budget crisis and a population crisis sometime in the next 20 years. It fears those vulnerabilities will leave it exposed to faster Western encroachment and to an unequal relationship with China.
Over the past 20 years, Moscow has sought to address these future crises. It has steadily pushed back along its periphery, from Georgia to Moldova, from Ukraine to Armenia. Moscow inserted itself in the Middle East crisis, and is expanding its maritime operations along the Red Sea. And it sought new investments into alternative industries. But its strategic push along the Soviet frontiers, particularly the annexation
of Crimea and the downing of MH17, imposed additional sanctions that left Moscow doubling down on resource extraction in the Arctic and its Far East.
The government has also sought to reinstall a strong sense of Russian nationalism, and strengthened ties with the orthodox Church to reinforce a sense of Russian identity and try to spur its birth rate. At the same time, Russia has stepped up its defence ties with China, securing its rear, dividing U.S. attention and drawing on Chinese financial resources.
But these efforts only serve to build a protective shell for the future Russia. They do not eliminate the threats from the West (or the East). The cyber domain provides Russia with several important strategic levers to mitigate its vulnerabilities. It is a source of intelligence collection, against governments and industries. It is a tool for information operations and disruption. And it can be a vector for attacks against U.S. communications and infrastructure. Moscow is regularly engaged in the first two, and in exposing vulnerabilities toward the latter. These provide Russia with asymmetric response capabilities to U.S. economic and political tools, both now and in any future confrontation.
And the United States remains particularly vulnerable in the cyber domain. The longstanding preference for freedom of information, personal privacy and free market activity leaves the U.S. system fragmented, with limits on government involvement and control. This is not a critique, but a recognition of the choice, one in contrast to the cyberspace policies of China and Russia – or even the shifting policies of the European Union, which bend even more strongly toward individual protections over corporate. Despite the increase in U.S. attention to the cyber domain, this patchwork quilt structure is likely to remain, reinforcing U.S. values at the risk of vulnerabilities.
Russia, then, is unlikely to back down from continued operations in the future, even in the face of U.S. sanctions or counteroperations. Over the last several decades, Moscow has seen the limits of U.S. and Western responses to cyberattacks, to territorial violations and even to extraterritorial assassinations. The United States and European nations have largely responded to Russian actions with limited steps, from targeted sanctions to public critiques. This is similar to U.S. responses to Chinese activities over the past several decades. The strategic consideration has been that no single action justifies such a strong response that it either cripples the adversary (Russia or China) or triggers an escalation that could lead to physical conflict. And the semi-ambiguity possible in cyberspace adds another layer of assurance that the responses will be kept within a set of Western norms that Moscow can generally manage.
Russia's continued use of cyberspace for intelligence collection and detection of vulnerabilities for potential offensive operations demonstrate a key component of Russian international strategy.
The risk for Russia is that, as with the shifting U.S. perception of China, Russia's actions may reach a point where the status quo response is no longer politically feasible inside the United States. Washington has refrained from its potentially most devastating economic tools, and limited the expansion of its military partnerships along the Russian frontier. While this is likely to remain the reality for some time, were Russian actions to move from intelligence collection, information operations and disruptive activities to cyberattacks with strong physical impacts inside the United States, the U.S. calculus would change dramatically.
Rodger Baker is Senior VP of Strategic Analysis at Stratfor. “Putting the SolarWinds Hack in Geopolitical Context” is republished under content confederation between Financial Nigeria and Stratfor