‘Reckless cowboy’: U.S. may underestimate Putin’s cyber strategy

Join today’s leading executives online at the Data Summit on March 9th. Register here.

Cybersecurity veteran Eric Byres says that with Russia’s invasion of Ukraine this week, a lot has changed about his view of Vladimir Putin’s potential cyberattack strategy against the U.S. and other Western nations. And not in a good way.

Byres, who’s spent decades in the security industry and is now CTO of aDolus Technology, a provider operational technology (OT) software supply chain security, has been watching the actions and statements of Putin closely. His goal has been to figure out what all of this might say about Russia’s potential for launching cyberattacks against the West in connection with Ukraine.

And similar to the way that many experts did not expect Russia to actually embark on a full-on military invasion of Ukraine, Byres says that the cyber industry may be underestimating what Putin is actually wiling to do from a cyber perspective.

While everyone in the industry knows that Russia and government-linked groups have a significant cyber offense capability — it’s one of the biggest drivers for the security industry, after all — many in the West have made the assumption that Putin would stop short of unleashing the full brunt of these forces on the U.S.

That assessment might be dangerously wrong.

“I originally believed that Putin was a rational actor that wouldn’t want to launch major cyberattacks in the U.S., as that would provoke similar attacks in response,” Byres said. “After all, his goal was to subdue Ukraine, not the U.S.”

However, “after reading the full translation of his speech on Tuesday, reviewing the commentary from a number of Russian political analysts and talking to cyber analysts looking at known intrusions in the U.S., I’m not so sure anymore,” Byres said. “I worry that Putin believes he is bulletproof and the U.S. is weak.”

‘Could be very bad’

Ultimately, “we could have a repeat of the thinking in Japan before Pearl Harbor,” Byres said. “If so, the West could be underestimating how much of a reckless cowboy he is — and that could be very bad.”

Putin has made it clear that the entire Western world is his enemy and all options are on the table, according to Byres.

In his speech on Thursday, for instance, Putin said that “I would now like to say something very important for those who may be tempted to interfere in these developments from the outside. No matter who tries to stand in our way or all the more so create threats for our country and our people, they must know that Russia will respond immediately, and the consequences will be such as you have never seen in your entire history.”

In other words, “any country and its infrastructure is fair game for a cyberattack if Russia runs into significant resistance in Ukraine. I don’t think that this will be limited to companies directly dealing with Ukraine,” said Byres, previously the inventor of Tofino security technology, a widely deployed firewall for industrial control systems (ICS).

Russian cyber offensives have already been playing a role in the country’s build-up to its assault on Ukraine this week. Authorities in the U.S. and U.K. blamed Russia for last week’s massive distributed denial-of-service (DDoS) attacks in Ukraine. Fresh DDoS attacks, as well as destructive cyberattacks that involved wiper malware, struck Ukraine on Wednesday just ahead of the invasion.

“The West could be underestimating how much of a reckless cowboy he is — and that could be very bad.”

Eric Byres, CTO of aDolus Technology

U.S. cyber options

As far as the U.S. goes, while the country will not be sending in troops in response to Russia’s unprovoked invasion of Ukraine, NBC News reported Thursday that advisers have presented U.S. President Joe Biden with options for “massive cyberattacks” aimed at disrupting Russia’s military efforts.

The report, which cited four sources familiar with the matter, was dismissed by a White House spokesperson. However, the NBC News report itself specified that cyberattacks would be either covert or clandestine military operations, and the U.S. would never publicly acknowledge the activities.

The proposals include the use of U.S. “cyberweapons” in an unprecedented manner — “on a scale never before contemplated” — to target Russia’s military, according to the NBC News report. Agencies including U.S. Cyber Command, the NSA and the CIA would be among those with a role in the operation, according to the report.

In comments to VentureBeat on Thursday, cybersecurity experts provided a range of perspectives on the idea, from cautious support of the general concept to wariness — due in part to concerns about whether U.S. cybersecurity defenses would be up to the challenge of an cyber escalation involving Russia.

Hitesh Sheth, president and CEO at Vectra, said that it’s “imperative” that the U.S. “consider offensive options” in this situation. However, “going on the offensive without the right technology to defend ourselves in cyber space would be bad strategy,” Sheth said.

And given the challenges of executing strong cybersecurity across critical infrastructure in the U.S., a retaliation by Russia could have “devastating” impacts on services that Americans depend on, said John Hellickson, field CISO and executive advisor at Coalfire.

“We have a lot of work yet to do here at home to ensure such retaliatory attacks could be sufficiently thwarted, as evidenced by very public ransomware and similar attacks recently,” Hellickson said. “I believe we need to avoid crossing the line of such considerations, as it’s difficult to predict the impacts of a likely retaliation.”

Originally appeared on: TheSpuzz