We are becoming more cyber vulnerable while Russia and China move to focus on offense and protect their own infrastructure.
Lost amid all the focus on China’s “Great Firewall” and Beijing’s efforts to censor what its citizens can see and say and secure its networks from attacks, is the fact that Russia is attempting to do the same, and that should give us significant pause. Why? Because it means the United States is becoming increasingly vulnerable to both Russia and China, while they are becoming less so.
In June and July of last year, Russia’s government disconnected its national internet from the global network to test its “sovereign internet” or Runet. The level of preparation needed and the cooperation necessary to disconnect the country’s networks from the global internet is significant. In 2019 Russia adopted a “sovereign internet” law aimed to ensure the country could still function if it was cut off from global networks, such as a crisis with the United States. Under this law, the country’s telecommunications companies were mandated to cooperate with the government and annually test this kind of disconnection.
Russian internet traffic must pass through nodes controlled by the government. Further, a Russian-specific owned and operated domain name system was established to ensure the continuity of the internet if external facing connections were severed. Unsurprisingly, the law and its implementation prompted concerns by civil society and free speech advocates who saw the move as an effort by the Kremlin to further control what was said and seen on the domestic internet.
This law, the test, and Russia’s efforts to develop a sovereign internet mask a much more sinister reality — Moscow could take the country offline and still attack the West’s cyberinfrastructure. In a conflict, the Kremlin could retreat behind its walls, deny the United States the ability to respond in cyberspace, and still use its cyber trebuchets and catapults to attack our large and increasing cyber vulnerabilities. This reality sends an extremely strong signal to the United States about Russia’s capabilities and just how vulnerable we are.
Think about what this means in a conflict with Beijing over Taiwan, or with Moscow over Ukraine, like we’re seeing now. Both governments could simply disconnect their internet and attack our nuclear power plants, our financial networks, our electrical grid, largely with impunity making it nearly impossible to attack theirs in response. The whole concept of mutually assured cyber destruction and cyber deterrence would be rendered moot.
Russia and China’s efforts to secure their cyberinfrastructures should give us serious pause. Our cyberinfrastructure is vast and unwieldy, a source of both strength and weakness. Our openness gives us all the amazing things we take for granted — booking travel online, communicating with loved ones, shopping and more — and has radically transformed the way we live, work and internet. It is set to do a whole lot more with the Internet of Things, 5G, and things still on the drawing board.
Yet that unwieldiness and fragmented nature leave our critical infrastructure extremely vulnerable to cyberattacks such as we saw with Colonial Pipeline. Disruptions to our electric grid, banking services, communication systems are all very real and very worrying possibilities. Imagine the chaos and economic interruption if a ransomware attack from Russia struck a major power company or one of the financial services providers.
Beijing and Moscow claim they are only protecting their infrastructure from Western interference or hacking, but the hacking — criminal and governmental — is going the other way, not into their countries, but from their countries. So why work to disconnect the national nets from the global internet? It’s not about defense, it’s all about offense. Moscow and Beijing want to ensure that they can attack without retaliation, and they are getting closer to that reality.
I’m not suggesting we adopt a sovereign American internet. This would stifle the creativity of Silicon Valley, strangle investment, and be counterproductive. What it does mean is that we must get very, very serious about our cyber infrastructure, our critical national infrastructure, and the intersection of the private networks and public authorities, and now. We are moving in the right direction, but far too slowly, and with far too little urgency. It’s time to wake up.
We need to incentivize the private sector to invest in better protection and require regular patching. We must disconnect those things that don’t need to be connected and ensure redundancy for those things that we can’t live without. We must plan for and prepare for managed degradation, not outright collapse, and right now we should expect the latter more than the former. The U.S. government should end its balkanized approach to defending American networks.
While Russia and China can flip a metaphorical switch, turn their internet off from the global network, and their citizens may carry on with minimal disruption, the reality for America will be much more dramatic, disruptive, and deadly.
Mike Rogers, a Michigan Republican, was chairman of the House Permanent Select Committee on Intelligence, 2011-15. He is a director at IronNet Cybersecurity.