Cybersecurity Threat from Russian State-Sponsored Hackers

Alejandro Moro

// The U.S. must invest more time and money into its cybersecurity. //

In 2020, a group of Russian state-sponsored hackers orchestrated one of the most sophisticated and coordinated cyber warfare attacks on the United States. This was not their first attack: back in 2019, the same group compromised widely used computer software from a company known as SolarWind, a breach that spread to 18,000 government computers. As a result, the hackers were able to access confidential government files from the Departments of Justice, State, Energy, Treasury, and Commerce, as well as the Pentagon. The attack went undetected for nine months and that FireEye, a private company, had to tell the National Security Agency that the U.S. government had been hacked. Despite the persistence of these attacks, there has been no public progress towards stopping them. If the U.S. is to present itself as a strong nation, it needs to take action to stop these attacks. Undoing the federal government’s inaction, the U.S. must invest more money into cybersecurity and take an active stand against Russia to protect both our economy and government institutions. 

In the past decade, Russian cyber assaults have imposed significant damage on American infrastructure. According to the Cybersecurity and Infrastructure Security Agency, Russian-sponsored hackers have hacked infrastructure related to healthcare, energy, water, telecommunications, and additional sectors. Among the most notable attacks was the Russian cyberattack in 2021, which shut down a critical gas line on the East Coast. This pipeline provided half the fuel used in the region and introduced a gasoline price spike in addition to business shutdowns. State-sponsored Russian hackers have also attacked chemical plants, oil refineries, water plants, and power grids. Just in the past year, Russian cyberattack hackers, by compromising the State Department, were able to see confidential information regarding troop developments as well as private deals with other countries. Thus, greater investments of time and money into cybersecurity will be necessary to stymie Russian cyber-assaults. The U.S. cannot allow key infrastructure to be brought down and be indefinitely controlled by these hackers.

In the past, the U.S. has failed to directly confront cyberattacks and has instea, employed threats of sanctions to combat cyber warfare. As Richard Andres, a cybersecurity expert at the National War College, states, “Our policy traditionally has been passivity. Generally, we bluster a little bit and don’t do anything.” This is consistent with the action of the Biden administration. Biden has threatened Russia with sanctions, counter cyberattacks, and more, but his administration has yet to undertake concrete action, leaving Russia to continue hacking the United States. Instead of using empty warnings, therefore, the U.S. has to take a stronger stance against these cyberattacks by directly confronting them in global discussion and action.

Much of the information taken by Russia could lead to a negative impact on not just the United States but also its international allies, which provides an even stronger argument for taking an active stance against Russia. Furthermore, these assaults are not the work of rogue groups: they are state-sponsored. Russia is directly attacking our infrastructure, our daily lives, and our economy. It is very possible and likely that there is some behind the scenes action being taken by the Pentagon to improve cybersecurity; however, if this action was being taken publicly rather than secretively, it would be more likely to disincentivize Russian sponsored hackers. The department of Cybersecurity and Infrastructure Security Agency(CISA) also has collaborated with private cybersecurity companies, however, it is not enough. The U.S. should invest more of its resources into the private sector of cybersecurity. This would help our ability to prevent and respond to the attacks that pose a great threat on the U.S. Accordingly, the U.S. government should increase their public efforts towards cybersecurity and invest more money and time into cybersecurity in order to protect our nation from this danger whilst taking an active stance against Russia. 

Russia poses a particularly serious cybersecurity threat to the U.S.