The Intent Behind Russia’s New Cyber Hacking Against America
The hacks are a potent reminder that Moscow does not trust in the goodwill of the Biden administration, and is warning against efforts to weaponize unrest in Russia. Understanding this mindset will be important as the U.S. prepares for the Geneva summit.
What are we to make of reports that hackers affiliated with the Russian special services have targeted groups and organizations that receive support from the U.S. Agency for International Development?
Having been in enough Track-II dialogues where the Russian side routinely disavows any knowledge of or support for such actions, I'd like to dispense with the forensic accounting and posit that we assume, for purposes of this essay, that the cyber intrusions came from Russian sources so that we can move to an assessment of Kremlin decision-making.
This revelation--and the associated reporting that these intrusions are ongoing, not historical, raise the question of what Moscow might be thinking. These cyber-attacks are taking place at a time when Western governments are offering olive branches after a rough patch in relations with Russia. President Joe Biden has confirmed that he will meet for a face-to-face summit with President Vladimir Putin in Geneva in June, while President Emmanuel Macron has called for Western leaders to re-assess the utility of further sanctions on Russia. What purpose would be served by continuing with what can only be perceived as aggressive action?
Graham Allison would encourage us to consider the possibility of the dead-hand of organizational routine--that is, those parts of the Russian national security establishment charged with the use of the cyber tool, having been given general instructions, are carrying out actions without consulting higher authority. After all, as Allison noted in Essence of Decision, at the most fraught point in the Cuban Missile Crisis, when any miscalculation might have resulted in war, the U.S. Air Force was continuing with its regularly scheduled missions to test Soviet air defense reactions in the Pacific according to a predetermined roster.
One might also postulate that these actions are deliberate measures on the part of factions within the Russian national security establishment that either oppose the normalization of relations with the West or who wish to demonstrate Russian resolve and capability in advance of the Biden-Putin summit so that Moscow can engage with Washington from a position of strength and advantage. Again, we have past examples, notably how Russian cyber activity in 2016 and 2017 was designed to highlight Russian capabilities and American vulnerabilities, as the expected prelude to Russia's hopes for engaging in cyber arms control talks with Washington. Of course, the Russians miscalculated the domestic political reaction in the United States, particularly among Democrats who otherwise would have been proponents of diplomatic engagement having been enraged by Russian activities that were blamed for causing Hillary Clinton's defeat in the 2016 presidential contest.
But there is a third area to explore--and this area also helps to explain why Belarus undertook such a risky and provocative step--of faking a terrorist threat to a RyanAir flight to get it to land in Minsk so that a journalist and opposition activist, Roman Protasevich, could be seized--and why Russia seems to be backing Belarusian leader Alexander Lukashenko despite worldwide condemnation for this action. Two weeks ago, Russian pranksters Vova and Lexus, who have had a track record of getting American officials to take their calls, reportedly convinced senior figures at the National Endowment for Democracy, including its president, that they were aides to Belarus opposition leader Svetlana Tikhonavskaya. The video of a purported Zoom call seems to highlight support for the protests not only in Belarus but also that have occurred in Russia. The prank was no laughing matter in either Minsk or Moscow--and for some in Russia, it seems to confirm that the end goal of U.S. policy will be regime change.
This is a critical year for Russian politics, as the Kremlin seeks to stage-manage the environment in which the "2024 question" and Putin's decision about his political future will be settled. Despite the hot-cold relationship between Putin and Lukashenko, the Kremlin, while not averse to a controlled departure of Lukashenko from the political scene at some point in the future, is adamant that Lukashenko not be overthrown by any sort of popular uprising. Later this year, elections for the Duma that will preside over further changes to the Russian political system will be held, and, in keeping with the Napoleonic approach to popular voting, the Kremlin wants the ballot to be a sign of public confidence in the system. In responding to these realities, "Open Russia" has decided to cease its activities, as the Duma passes legislation that increases criminal penalties for any sort of cooperative association with groups on the list of "undesirable" organizations.
The fact that the latest set of hacks seem to be to gather information about NGOs engaged in democracy promotion is taking place alongside a concerted effort to dismantle the activist network created by the imprisoned Alexei Navalny. As we have seen over the past year, the Russian government has been willing to risk its political and even business relations with the West in order to neutralize potential domestic political challengers.
The Putin government is still dealing with the after-effects of the 2020 oil price war and the coronavirus pandemic, both of which have stressed the Russian economy and political system. There is an undercurrent of discontent running through Russian society. The hacks are a potent reminder that Moscow does not trust in the goodwill of the Biden administration, and is warning against efforts to weaponize unrest in Russia. Understanding this mindset will be important as the U.S. prepares for the Geneva summit.
Nikolas K. Gvosdev is a contributing editor at the National Interest.