SolarWindsIn the Wake of SolarWinds: Making and Breaking a Rules-Based Global Cyber Order

By Anatol Lieven

Published 29 April 2021

We should recognize that the need to make careful distinctions between different categories of cyber operations, and shun the use of emotive and misleading language about “attacks,” should also be extended to the field of political influence via the internet. Using cyberspace to spread propaganda, influence political outcomes and reveal or invent damaging information is an extension of tactics that have been used in different ways for millennia—including by the U.S. Actually trying to rig U.S. elections by tampering with the count online would be completely different and vastly more serious.

This op-ed is part of a new debate from Russia Matters and is written in response to US Response to SolarWinds Cyber Penetrations: A Good Defense Is the Best Offense” by Paul Kolbe and “Punitive Response to SolarWinds Would Be Misplaced, But Cyber Deterrence Still Matters” by Erica D. Borghard.

Paul Kolbe is entirely correct in reminding us that there is a great deal we still do not know about the SolarWinds hack. Russian official responsibility does seem probable, but it is not absolutely proven. The strongest statement that the U.S. agencies concerned have come up with is that the hack was “likely Russian in origin.”

Kolbe’s article and Erica Borghard’s response are also very valuable for their warning of the need to distinguish between cyber espionage and cyber sabotage or terrorism, as this crucial distinction has been blurred by the loose and lazy term “cyber attack,” as well as by the hysterical response to the SolarWinds hack by some U.S. politicians, with their very dangerous talk of an “act of war” (on which I have written previously here and here).

I would however like to point out in response to Borghard that Russia’s denial of responsibility is absolutely normal in espionage operations, even when these have been unquestionably revealed. In 2006, the British government denied Russian allegations of a British spying operation in Moscow using a device hidden in a fake rock, though after a few years a former British official admitted that the story was entirely true. The difference in the case of cyber operations is that (with all due allowance for freelances and double agents) conventional espionage has been the monopoly of states. On the internet, there are vastly more opportunities for independent actors, seeking personal gain or mere amusement. Most teenage hackers in the U.S. are not working for the CIA.

Kolbe is right to say that, given the nature of the hack, strengthening U.S. cyber defenses is a much better response than offense or retaliation. As in response to previous successful espionage operations against the U.S., a thorough review of practices and reforms of institutions are required. As after 9/11 (not that I wish to compare SolarWinds in any way to the criminality and the horror of that attack), a chaotic mixture of separate, overlapping and mutually antagonistic U.S. agencies must be pulled together into a coordinated and effective system.