International defense deal motivated by Russian hacking, experts say
Along Russia’s western border, a united, allied cybersecurity front that spans multiple nations, intelligence agencies and spy networks is gaining renewed support from Washington, according to a White House statement published last week.
A heightened focus on cooperative, NATO-driven cyber operations is being motivated, at least in part, by a series of recent attacks on American political organizations and individual lawmakers, former defense officials and policy experts tell FedScoop.
U.S. Vice President Joe Biden shook hands with political leaders representing Lithuania, Latvia and Estonia last week to reaffirm Washington’s commitment to NATO and more specifically, the Baltic states’ sovereignty — holding independent from Russian incursion or influence.
Biden’s visit is symbolic of broader U.S. efforts to calm looming fears held by the Baltic states concerning Russia’s evident interest and capability to mount offensive military operations in both the physical and cyber realms, retired admiral Jamie Barnett, a former Deputy Commander for the Navy Expeditionary Combat Command, told FedScoop.
“I think the DNC hack offered an attractive backdrop, but it wasn’t the primary, motivating factor here. This goes back farther than that. [I think] it’s bigger,” said Barnett.
Offensive cyber operations are an aspect of modern warfare, he explained, this was shown during the Russo-Georgian War when weeks before an invasion, Russian intelligence reportedly hacked numerous government websites and information services. The Baltic states remember the Russo-Georgian War, Barnett said, and they “likely want some reassurances … cyber is a tripwire for them; a first sign for what could be a more expansive strike.”
The White House followed Biden’s suit by officially announcing a “Joint Declaration on Increased Security and Defense Cooperation” with the Baltic states. The announcement was careful to avoid naming the Kremlin, directly, as the White House has yet to publicly attribute any recent cyber attack. Even so, experts say that Russia’s recent behavior is a motivating factor.
“The Baltics are worried about the NATO commitment, which is the only thing between them and Putin, and they know that NATO has to mean U.S. if it is to meet anything. So this was to reassure, guide spending and reinforce the NATO commitments made in Warsaw,” said James Lewis, senior vice president at the Center for Strategic and International Studies, a D.C.-based think tank.
Moving forward, the Obama administration will broadly work alongside Lithuania, Latvia and Estonia to grow cooperative cybersecurity defensive efforts, among other things, Tuesday’s White House statement explains.
Adam Segal, director of digital and cyberspace policy at the Council on Foreign Relations, agreed with Barnett’s assessment, noting: “[the reason for accelerated cooperation] probably predates the Russian hacking of the DNC since cyber is mentioned in the context of the European Reassurance Initiative — which itself is in part motivated by Russian hacking of Baltic countries and NATO networks.”
A State Department spokesperson did not respond to FedScoop’s multiple requests for comment.
An accompanying White House Fact Sheet, describing ongoing cooperation between Washington and the Baltic states, reads: “The United States helps improve Estonian, Latvian, and Lithuanian defense and security infrastructure, strengthen national resilience, and build defense capacity.”
In practice, the aforementioned international cybersecurity cooperation push will likely amount to increased information sharing programs and jointly conducted military cybersecurity exercises, said Barnett, now co-chair of law firm Venable LLP’s telecommunications and cybersecurity practice.
Existing, large-scale, U.S.-led cybersecurity training exercises include U.S. Cyber Command’s Cyber Mission Force, Cyber Flag 15-1 and Cyber Guard events. In the past, cyber specialists representing foreign governments have participated in the Cyber Guard exercise. It remains unclear, however, if Estonia, Lithuania or Latvia have sent representatives in the past to any of these training exercises.
“The Estonians are still nervous after 2007,” Lewis said, referencing a massive distributed denial of service attack linked to Russian intelligence that disrupted the country’s political institutions, banks and media industry.
“It’s the realization that hybrid warfare is a Russian tactic designed to circumvent things like NATO, and cyber is a big part of it,” said Lewis, a former member of the Senior Executive Service at the State Department.