An organisation could launch a devastating attack—and then control the way it is interpreted by societyby Andrei Soldatov, Irina Borogan / January 6, 2017 / Leave a comment
Since the early 1990s, governments have been aware of cyberthreats and their potentially devastating consequences. But initially, they identified the threats in different ways.
The American government was concerned with a possible attack against the country’s infrastructure—powerplants, nuclear stations, transport systems and so on.
The Russian government took a different view. The Russian secret service was the direct successor of the KGB, poisoned by spymania, and despite all of Boris Yeltsin’s reforms, stayed paranoid about the Americans. They were obsessed with a possible penetration (the uncovering—and then exploiting—of vulnerabilities in a system) and the stealing of government secrets by foreign intelligence agencies. It didn’t help, obviously, that the internet had been invented by the Americans and its infrastructure was built all over the world, including in Russia, on American technology. This view was reflected in the Russian Information Security Doctrine, signed by Vladimir Putin in 2000. The list of identified threats included the “compromising of keys and cryptographic protection of information.”
The Russian command in charge of monitoring cyber threats was also worried about disinformation in cyberspace. But back then they believed that disinformation could be disseminated online only by traditional, mainstream international media outlets, and said it openly in the Doctrine: the list of threats also included the squeezing of Russian media out of the country’s information market and increasing dependency on foreign media.
In the 2000s these fears, both American and Russian, seemed misplaced—the cyberattack on American vital infrastructure never happened. “Since there have been cyber experts, they have predicted that a catastrophic attack was imminent. Yet nearly two decades along, all of cyberspace’s major disruptions have been lacking in scope, duration, and intensity. Cyberwar, then, has loomed but not swooped,” said Jason Healey in 2011. Healy was a director for Cyber Infrastructure Protection at the White House from 2003 to 2005, helped advise George Bush and coordinated US efforts to secure cyberspace and critical infrastructure.