How Russian hackers got unplugged in the Ukraine War: Zeihan

Aggressive action by the U.S. and other NATO nations has helped curtain Russian cybercriminals from having much impact in the Ukraine War. — Image credit: AP Images

Russian hackers have caused chaos in the global cyber arena in recent years. They have shut down energy pipelines and have even been accused of interfering in U.S. elections and targeting American airports. There is now concern Russia’s cybercriminals are planning a digital offensive against Ukraine. However, Straight Arrow News contributor Peter Zeihan says it’s unlikely to have much impact. He explains how Russian hackers have essentially been unplugged in the Ukraine War.

Excerpted from Peter’s May 2 “Zeihan on Geopolitics” newsletter:

Since the onset of the Ukraine War, everyone’s been checking under their bed and looking in their closet for the boogeyman – a.k.a Russian Hackers – but they haven’t been there.

There are a few reasons why Russian cybercrime has been lying low. The Russians have been hitting NATO countries with cyber attacks for the past few years. Places like Estonia have learned a thing or two, enabling other NATO members to build robust cyber defenses over the past few years.

Additionally, much of Russian cybercrime is carried out by private crime syndicates, which makes going on the offense a bit easier. Unofficially, of course, the U.S. was able to drop the hammer on many of these organizations, which limited their capabilities heading into the war.

I’m not saying everything is hunky-dory, but we’re starting to see the true power of some offensive cyber tactics now on the table.

Hey everybody, Peter Zeihan here coming to you from Wanaka, New Zealand and his video goes out to Fly, who we just met on the trail. Thanks for the happy birthday message. We’re gonna talk about Russian cybercrime, which is something that has been kind of the bogeyman in the room when it comes to issues that are related to Ukraine and the general collapse of relations. You know, this is a former superpower and a lot of the intelligence apparatus is still, in some ways, intact.

You take that kind of scale, you throw it against the civilian system, and … . But we haven’t seen that. It’s been a year into the war, and it hasn’t happened yet. So there’s kind of three things going on simultaneously. Two that are really simple; one, that’s a little bit more wordy. So number one, practice. The Russians have been hitting certain NATO countries over the last several years that they have found annoying for whatever reason with Estonia, a country with a population of less than a million and a half, being at the forefront. Which means that Estonia, tiny Estonia, has probably the best counter cyber in the world. They’ve moved most of the government services online, they’re relatively hack-proof, and the Estonians have been very forward in cooperating with other European countries, most notably Ukraine, in building up their own cyber defenses. So number one, experience.

Number two, time. The Russians have been pulling this for years and so everyone has had a bit of exposure. And we’re not nearly as exposed today as we were five years ago, or 10 years ago. And the fact that we’re now a year into the Ukraine War and everyone realizes that the Russians are active, a lot of companies, a lot of countries have been taking a lot more forward stance when it comes to cyber defense.

But the third one deals with kind of the backdrop. So in the United States, when cyber first became a thing in the 1980s, Reagan was president and he made the executive decision that we would have no cyber defense; that all cyber offense would be concentrated under the National Security Council, or sorry, the NSA National Security Agency. And they would basically go out and hack everybody every day that wasn’t one of the close allies — New Zealand, Australia, the United Kingdom, Canada — everyone else would be hacked every day. They learned the architecture, put in backdoors … make a list of all the passwords, blah blah blah blah blah. So if we ever had a war, they could just drop the hammer and go.

The downside of that is there was no national defense. And even with the NSA, they only defended themselves, so everyone is really on their own. And that’s the weakness of the American system by far. So if we ever get in a real fight, you know, the power is going to go out, the water is going to stop, the stock market’s going to crash. But then the NSA will come in and just obliterate the opposing side, and they will never have electricity again. But we’re not in a hot war right now. We’re in kind of this middle ground.

And so the NSA strategy has been to keep dry powder, keep dry powder, keep dry powder. That changed a little bit under Donald Trump. Donald Trump gets a lot of crap from a lot of people, myself included, for a lot of things that are very well deserved. But one of the most interesting things that he did from my point was on cyber. And after he was elected, after [sic] that first election, he ordered the NSA to send cease-and-desist letters to the Russian hackers working for the Russian government, with personal details included in the letter so they knew exactly who was in play there. Okay, so put that to the side.

The Russian hacking system is not like ours. There is a state agency, there is the bot arm that has really been playing with religious fanatics and environmental activists, and anti-vaxxers. So basically, if you think that nuclear power is bad for the environment or if you think that COVID has been a conspiracy, or if you [don’t think] Donald Trump lost the last election, Russian hackers have been very active in the bot farm in all three of those spaces. Also, Blue Live Matters, Black Lives Matters, if you ever find yourself at the protest for the wrong one that you were trying to go to, that was probably the Russians. But that’s bots, that’s fraud.

Most of the cyber capacity in Russia is private. It’s organized crime groups who are trying to crack your credit cards and gain control of your bank account, or shut down a hospital in order to get a ransom. It’s a different sort of system. Well, when the war started, what we found out is that the state power in Russia wasn’t as much as we thought and the cyber was more. And the second thing that happened is the Biden administration very unofficially dropped the hammer on a lot of those groups. And so a cyber group that is crime-oriented doesn’t have the same sort of defense capability as a state. And the state group turned out to be not as hard.

So very early in the war, the first couple of weeks, a lot of this got shattered by U.S. cyber capabilities — unofficially, of course. And that has made it very difficult for them to do more than kind of pick at the edges of the Ukrainian system or the Western system. So take that for what it is. It’s not that everything is hunky dory. It’s that the U.S. government actually is using some of those tools in a very real way that we haven’t seen before in the last 40 years. Alright, that’s it for me. Catch you guys later.