UKRAINE CRISISRussia Could Unleash Disruptive Cyberattacks Against the U.S. – but Efforts to Sow Confusion and Division Are More Likely

By Justin Pelletier

Published 27 January 2022

As tensions mount between Russia and the West over Ukraine, the threat of Russian cyberattacks against the U.S. increases. Cybersecurity experts are concerned that in the wake of recent cyberattacks by hackers affiliated with Russia, the Russian government has the capability to carry out disruptive and destructive attacks against targets in the U.S. the Russian government is likely to think twice before unleashing highly disruptive attacks against the U.S., because the U.S. government could interpret such attacks, particularly those targeting critical infrastructure, as acts of war.

As tensions mount between Russia and the West over Ukraine, the threat of Russian cyberattacks against the U.S. increases. The Department of Homeland Security issued an intelligence bulletin on Jan. 23, 2022, warning that Russia has the capability to carry out a range of attacks, from denial-of-service attacks on websites to disrupting critical infrastructure like power grids.

“We assess that Russia would consider initiating a cyber attack against the homeland if it perceived a US or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security,” the DHS stated in the bulletin, which it sent to law enforcement agencies, state and local governments, and critical infrastructure operators.

Cybersecurity experts are concerned that in the wake of recent cyberattacks by hackers affiliated with Russia, the Russian government has the capability to carry out disruptive and destructive attacks against targets in the U.S. The SolarWinds attack, uncovered in December 2020, gave the perpetrators access to the computer systems of many U.S. government agencies and private businesses. The DHS and FBI accused Russian hackers in March 2018 of infiltrating U.S. energy and infrastructure networks.

Russian cyberattacks could include continued attempts to diminish Americans’ confidence in elections, undermine economic stability, damage the energy grid, and even disrupt health care systems.

While some components of these systems almost certainly remain vulnerable to Russian-aligned hackers, the Russian government is likely to think twice before unleashing highly disruptive attacks against the U.S., because the U.S. government could interpret such attacks, particularly those targeting critical infrastructure, as acts of war. The DHS bulletin stated that Russia has a high threshold for initiating disruptive attacks. As a researcher who studies cyberwarfare, I believe a more likely threat from Russian hackers is launching disinformation campaigns.

Distract, Distort and Divide
Americans can probably expect to see Russian-sponsored cyber activities working in tandem with propaganda campaigns. These activities are likely to be aimed at preventing a unified response to Russian aggression in Ukraine.

Russian military doctrine includes the well-evolved concept of information confrontation, which uses cyber means to create doubt about what is true. Russia’s information warfare strategy seeks to manipulate information and relationships.

The specific maneuvers aim to bolster narratives, people and groups that support Russian interests and undermine those that are counter to Russian interests. The maneuvers, which include dismissing and distorting information and undermining opinion leaders, are carried out in the press and on social media.