The US can retaliate against Russian hacking and ‘kick them in the balls’Vladimir Putin (Kremlin)
- Russia stands accused of bold intrusions into vital US infrastructure (elections, nuclear power plants).
- The US has the ability to fight back.
- Empowering ordinary Russians with cyber tools against Vladimir Putin’s regime would be “kick them” where it hurts, according to one cyber security expert.
It’s been nearly a year since US intelligence agencies accused top Russian officials authorized hacks on voting systems in the US’s 2016 presidential election, and mounting evidence suggests that the US has not fought back against the hacks as strongly as possible.
But attributing and responding to cyber crimes can be difficult, as it can take “months, if not years” before even discovering the attack according Ken Geers, a cybersecurity expert for Comodo with experience in the NSA.
Even after finding and attributing an attack, experts may disagree over how best to deter Russia from conducting more attacks.
But should President Donald Trump “make that call” that Russia is to blame and must be retaliated against, Geers told Business Insider an out-of-the-box idea for how to retaliate.
“It’s been suggested that we could give Russia strong encryption or pro-democracy tools that the FSB [the Federal Security Service, Russia’s equivalent of the FBI] can’t read or can’t break,” said Geers.
In Russia, Putin’s autocratic government strictly controls access to the internet and monitors the communications of its citizens, allowing it suppress negative stories and flood media with pro-regime propaganda. If the US provided Russians with tools to communicate secretly and effectively, new, unmonitored information could flow freely and Russians wouldn’t have to fear speaking honestly about their government.
The move would be attractive because it is “asymmetric,” meaning that Russia could not retaliate in turn, according to Geers. In the US, the government does not control communications, and Americans are already free to say whatever they want about the government.
“What if we flooded the Russian market with unbreakable encryption tools for free downloads?,” Geers continued. “That would really make them angry and annoy them. It would put the question back to them, ‘what are you going to do about it?'”
To accomplish this, the NSA could spend time “fingerprinting” or studying RUNET, the Russian version of the internet, according to Geers. The NSA would study the challenges Russia has with censorship, how it polices and monitor communications, and then develop a “fool-proof” tool with user manuals in Russian and drop it into the Russian market with free downloads as a “big surprise,” he added.
“You’re just trying to figure out how to kick them in the balls,” Geers said of the possible tactic. “But they’d probably figure out how to defeat it in time.”
Geers acknowledged that such a move could elicit a dangerous response from Russia, but, without killing or even hurting anyone, it’s unclear how Russia could escalate the conflict.
As it stands, it appears that Russian hacking attempts have continued even after former president Barack Obama expelled Russian diplomats from the US in retaliation last year. Cybersecurity experts attribute a series of recent intrusions into US nuclear power plants to Russia.
Taking bold action, as Geers suggests, would leave Russia scrambling to attribute the attack to the US without clear evidence, while putting out fires from a newly empowered public inquiry into its dealings.
The ball would be in Russia’s court, so to speak, and they might think twice about hacking the US election next time.