The previous year saw a rise in state-sponsored cybercrime with the Russian government authorizing the SolarWinds attack, which was used to spy on multiple US organizations such as the Treasury Department and the Department of Homeland Security. The US government responded by imposing sanctions on Russian intelligence officials.
There aren’t any signs that suggest that things are about to get better with countries like Russia, North Korea, China, and Iran becoming increasingly offensive in their battle with the West. In the G7 summit held in Cornwall, state-sponsored cyberattacks became the focus of the meeting as Joe Biden met with Russian President Vladimir Putin.
Cyber ceasefire?
There was little hope that the meeting would prove to be fruitful as Putin is a master at denying incidents he authorized while pleading his innocence. This skill has allowed him the ability to dismiss any opposition, as seen at the G7 summit, or even any sanctions being imposed on Russia.
Words have simply not been effective enough to halt the cybercriminal activities of the Russians, due to which there is no choice for the US and its western allies but to be aggressive in their cybersecurity operations. Essentially, if Russia had performed an attack in a more direct and traditional way, like through the military, it would have resulted in an equally offensive counterattack from the US, which Russia is aware of.
On the offensive
In the current situation, the best offense is likely to be a good defense. It should be made apparent to Russia that cyberattacks on key Russian targets are a genuine possibility. President Biden even implied that should Russia perform cyberattacks on US institutions again, the US will not be afraid to retaliate with the same measures.
This was a well-thought-out move and one which needed to be done as despite various talks about cybersecurity between the two nations, there have not been any signs of change in Russia’s behavior. However, without facing any significant retaliation, there is an expectation that Russia will continue its strategy of interacting with nations through diplomatic channels like the G7 summit, and alongside that, display an eagerness to maintain good relations despite carrying out cyberattacks behind the scenes.
Terms of combat
In the meeting, Biden did not specify the exact retaliation in case another Russian cyberattack occurred. Instead, he stated that representatives of both countries are working to define what cyber activities are prohibited and then working on any such cases currently occurring in either country.
Biden also defined the 16 industries that are considered to be part of a country’s critical infrastructure, which included agriculture, water, healthcare, and financial services. Colonial Pipeline, which was a victim of a recent ransomware attack, falls under these categories alongside meat processing firm JBS, which also fell victim to a recent cyberattack. It is believed that both attacks were conducted by Russian cybercriminals, and despite no direct link with officials, it is thought that these attacks were state-approved.
The first step
The G7 meeting is considered the first step in improving cyber-relations between the West and Russia. Despite this, there remain doubts about how successful the talks will be in changing Russia’s attitude. Even Biden was not optimistic about improvements in his talks to the press.
A complete ceasefire was never likely to happen, but a positive outcome would be if there were to be a reduction in aggressiveness by the Russians. This may only be possible if the US is able to firm up on its stance and show Russia that it will not take any cyber attacks lying down.