Will Russia retaliate for isolation measures?
Long-term Russian retaliation for Russian isolation post-invasion
U.S.-based internet backbone operator, Cogent Communications, just took its services in the Russian Federation offline in a remarkable move. Apart from the interesting effect of at least partially limiting Russia's capability to conduct retaliatory cyber attacks against the West using Cogent's infrastructure, the cumulative impact of this additional measure is difficult to over-state. Cogent's infrastructure handles roughly one-quarter of all internet traffic globally, but the precedent of leveraging critical infrastructure in this way is also monumental. For comparison, ICANN — the group responsible for coordinating DNS — refused to participate in isolating measures against Russia, citing concerns unilateral punitive action would "erode trust in the multi-stakeholder model."
At one point during my U.S. government career I was responsible for formal political-military assessments to inform the Secretary of Defense and White House senior officials of potential consequences before using some of our intelligence agencies' most sensitive technology tools for special operations. The whirlwind of recent steps taken to isolate Russia hearkens back to those experiences.
These steps include numerous financial and technological weapons never or seldom used before, speculatively but in my judgment likely including cyber operations unlikely to be publicly disclosed. One has to expect we will sooner than later see copycat phrasing similar to that used by Western entities, but from the Russian Federation or other states and justified using their own worldview and narrative.
We may see Russian retaliation prefaced with statements such as, "In light of recent Russophobia and unprovoked 'cancellation' of Russian citizens," "In light of the unprovoked invasion of [MENA country]," or a number of narratives aligned with Russian messaging coinciding with retaliation. Look for Russian Foreign Ministry spokesperson Maria Zakharova to signal with statements such as how Russia will "respond correspondingly," that Russia's "response may or may not be proportionate," and so on.
Apart from information isolation, consequences of recent packages could be enormous for Russian supply chain factors like commercial aerospace manufacture & supply (how many Western multinationals provide key equipment for basic maintenance components?), access to advanced technologies and microchips, etc. There are dozens of factors.
Time will tell whether these are effective in achieving U.S. & Allied objectives. Measures significantly affect these partners as well, but presumably participating nations’ central banks are prepared to absorb supply/demand shocks and steer through the effects. Central banks already demonstrated this type of coordinated agility 2020-2022.
In the meantime, these factors help us understand where we may see retaliation. Putin has stated some of these actions are akin to war, although this is likely signaling. But based on Russian precedent for ”tit-for-tat,” any retaliation could be through the cyber medium — e.g., supply chain attacks, further empowered state-aligned ransomware actors, pro-Russian hacktivism, data exfiltration to facilitate technology transfer in support of proprietary development initiatives, targeting of critical infrastructure incl. PPD-21 sectors named as POTUS's red line, and attacks against the Western financial sector incl. central banks. Some possibilities have NATO Article 5 considerations.
Retaliation could also be through additional application of conventional military action in light of fewer available additional consequences for an already isolated power repeatedly assured there is no possibility of U.S./NATO military engagement so long as a member country is not attacked. But while these options currently appear limited for Russia’s conventional force, I leave that to qualified military forces analysts.
There also may be options for financial retaliation later via future Sino-Russian partnerships. At face value those options lack clear benefits for China, but circumstances levied against the world’s largest and most resource-rich landmass—however well-considered or contemporaneously strategically sound— may accelerate the development of a regionally empowered, if fragmented, digital yuan; or may strengthen attempts to displace Western financial infrastructure — a project in motion for many years with minimal success partly because of global deference to the systems from which Russia has just been removed.
As the U.S. Cybersecurity and Infrastructure Agency wrote in a letter urging corporate directors to empower Chief Information Security Officers, I hope information security departments in large financial enterprises and critical infrastructure sectors such as communications and energy are empowered and working to identify the likeliest attack vectors in accordance with organizational intelligence requirements and threat modeling. A formal political-military assessment for some of these decisions would be fascinating, but until then it’s hard to imagine a scenario in which we don't observe some form of retaliation leveraging computer network operations - either covert or overt.
(cross-posted with minor copy edits from LinkedIn)