Deterrence is America’s Best Response to Russian Cyber Intrusions

December 23, 2020 Topic: Security Region: Americas Tags: RussiaHackCyber AttacksEspionageJoe Biden

Deterrence is America’s Best Response to Russian Cyber Intrusions

The Russian hack is not an act of war. At least not yet.

With this latest, massive electronic intrusion by the Russian foreign intelligence service (SVR) into American cyberspace have come the usual uninformed demands for instant, decisive retaliation. There are inflammatory cries that the SVR cyber intrusion constitutes an act of war, pushing the United States toward a confrontation with Russia. 

The Russian hack is not an act of war. At least not yet. 

Instead of launching the missiles, we might step back about a half-century to see what a genuine crisis looked and felt like, what it was like when the daggers were actually drawn, and what was done to calm things down.

As an Air Force voice intercept operator in East Asia, I often found myself bored by listening to the chatter on the Chinese Air Force frequencies. To break that boredom, I might spin the dials of my Collins receiver to an open frequency that would remind me, or anyone else listening in, just how dangerous the world was in the early 1960s. On that set frequency one would hear an ominous, yet somehow soothing American voice, a 1960s version of a Morgan Freeman, eerily repeating a message, again and again:  

​“Sky King, Sky King, do not answer do not answer, authentication code: xxxxxxxxxxxxx”

That transmission was a reminder that about one-third of the intercontinental bombers of Strategic Air Command of the United States Air Force were airborne at any time awaiting orders. The “Sky King” transmissions provided those aircraft with the code that would either keep them in their peaceful orbits or launch them against their targets in the Soviet Union, or China, or North Korea—transportation hubs, power grids, water sources, dams, communications capabilities, the target list goes on.

On the Soviet side, the Long-Range Bomber Force had a smaller, but adequate number of aircraft airborne awaiting their orders to take out targets of “The Main Enemy”—United States. To understand the many issues in the early 1960s that kept the pot boiling you might add the Bay of Pigs invasion, the Berlin Crisis, and the Cuban Missile Crisis. This dangerous combination of events brought the United States and the Soviet Union to the highest levels of alert. A new phrase was coined for this condition by Herman Kahn of the Hudson Institute in 1962:

“Mutual Assured Destruction.”  

Across America people were building personal bomb shelters, schoolchildren were practicing “duck and cover drills.” In the Soviet Union, civil defense measures were ratcheted up and the population was prepared for war. We were a precious few steps away from someone on either side pulling the lanyard. But it didn't happen. 

Wiser leaders on both sides talked themselves off the ledge, and over time put agreements and treaties in place that prevented a repeat of the conditions of the early 1960s. We had reached the point in which a full-scale nuclear lay down by the United States and the USSR would assure complete annihilation of both the attacker and the defender. What flowed from that perilous situation was a strategy that became known as the Nash Equilibrium. A concept in which once armed, neither side has any incentive to initiate a conflict or to disarm.  

Over the next half-century, the Soviet Union collapsed, and the United States emerged, briefly, as the sole remaining superpower. China joined the new game of great power standoff, as did, to a lesser degree, smaller bad actors like Iran and North Korea. All the while, the tried-and-true measures of national power remained in place—standing armies, long-range bombers, nuclear submarines, missile silos, and other conventional forces. But a new, unconventional, even geeky battlefield for big power and small power confrontations began to grow out of the new and mysterious World Wide Web.

Before long cyber wars began.

In short order, the big, and some not so big, powers understood that long-range bombers, intercontinental ballistic missiles, and nuclear submarines were no longer needed to turn out the lights, cut off the water, shut down the communications, and simply and effectively cripple an adversary, large or small. The game had changed. It was now going to be a face-off between the intelligence services of the great and not so great powers. Symmetry was no longer a factor. 

According to publicly available estimates, the combined intelligence budget of the United States in 2020 had reached about $85 billion. The Russian intelligence budget was estimated at about $65 billion and while China’s intelligence budget, still more than a little opaque, was probably around half that of the Russians. The intelligence budgets of Iran and North Korea were considered “adequate for any mischief they might envision.” It is quite proper to assume that a good portion of the twenty-first-century intelligence budgets of all potentially hostile players are devoted to using cyberspace to develop capabilities to take out targets, previously the sole domain of air and naval fleets. And that is as it should be. 

In this latest Russian SVR hack, the Russians were apparently able to get their fingers on many of the strategic “switches” within the United States, and possibly other countries. For the time being, the Russian effort seems limited to intelligence collection. But to move from the intelligence collection mode to an attack mode would only require flipping a couple of switches, something like long-range bombers moving from peaceful orbit into an attack when the authentication code orders it. That is where we are at the moment. 

Instead of a sharp counterattack, a twenty-first-century version of Mutual Assured Destruction needs to be established by the Biden administration. In the unlikely event that American intelligence has not already extended its reach into the strategic cyberspace of Russia, China, Iran and North Korea, then it should set that goal as a strategic national intelligence priority. The Russians will realize that we have put our fingers on their strategic switches and that mutually assured destruction in cyberspace has been reached. That understanding will generate a certain calming effect, allowing wiser heads to begin to work on agreements and, eventually, treaties to deal with this new concept of Mutual Assured Destruction. 

There will probably be no need for a demonstration of the destructive power of cyberspace weaponry, at least as far as the Russians are concerned. If any of the smaller bad actors were to be inclined toward cyber mischief, the United States could promptly strike a “demonstration blow,” a reminder that we could turn off their water and lights at will. 

As the incoming administration looks over its “to-do list” for its first one hundred days, it will see the need for a resolution of this cyber standoff with the Russians. They might start with the concept of the Nash Equilibrium. And in the process, they should set about making it not quite so easy for the Russians, or anyone else, to get their fingers on our switches.

Milt Bearden is a Distinguished Non-Resident Fellow at the Center for the National Interest.  His highly decorated thirty-year career at the Central Intelligence Agency included service as chief of the Soviet and East European Division in the Directorate of Operations, and as head of the CIA’s covert support to mujahedeen fighting against Soviet forces in Afghanistan.

Image: Reuters.