Cyberattacks against the United States are often very easy for the public to ignore. They rarely have a direct effect on the daily goings-on of the average citizen, isolated as they are in the seats and hard drives of power. Although polls show hacking to be the crime Americans worry most about—more so than assault or burglary—most of our information is woefully vulnerable and most companies refuse to make cybersecurity a priority. In fact, for most Americans, the most noticeable effects foreign invasions of U.S. servers have had is an occasional email from their bank about switching debit cards or having to watch a Seth Rogen–James Franco movie at home.
But very real intrusions of vital components of the U.S. government and the national economy are under a daily threat from other countries, a reality made all the more frightening after the White House reported Russian hackers had gained access to nonclassified portions of the White House and State Department email servers, having carte blanche access to private communications between the two centers of executive strength and even access to the President’s private schedule. In fact, the State Department hack has been called “the worst ever,” and to this day, isn’t completely solved.
It’s merely the latest in a long chain of attacks by Russia against the United States, a problem so severe President Barack Obama issued an executive order giving the Treasury Department official capacity to sanction any participator in such an attack, a similar punishment currently being levied against North Korea after their suspected involvement in the notorious hack against Sony Pictures last fall.
Despite constant threats from China, North Korea, and a myriad of other nations and private groups, breaches by Russia or Russian interests of American institutions of power is a common enough and serious enough concern that it should be treated not as the vague capabilities of a former enemy but as direct attacks by a current enemy, a cyberwar in the most literal sense of the term.
In order to understand what that determination means, it’s very important to understand the difference between hacks coming from the Russian government and security breaches simply linked to computers and servers from within Russia. Russia has one of the largest and most prodigious black markets for hacked goods (credit card numbers, bank account numbers, stolen passwords, etc.) in the world, representing a full third of the $12.5 billion worldwide cybercrime market.
The feats of these loosely organized criminal syndicates are often very impressive, even if they are simultaneously frightening. Along with regular access to the servers of the White House and the State Department, Russians have been in and out of the NASDAQ, the largest financial index in the world, since 2010. Last year, in what one security firm called “the largest data breach to date,” a group of 20 Russians stole 1.2 billion usernames and passwords across the Internet, including over 500 million email addresses. JPMorgan had Russian hackers in their servers for months before even noticing it.
Keep in mind, these are only the hacks that have been made public to the press. Many companies and agencies are quick to keep a major data breach private to either save face or not reveal current vulnerabilities. Even when a major leak is made public, like the infamous hacks of retailers like Target and Home Depot, attribution of the attack to a singular source is not always released and not always certain. And implying a nation-state’s involvement in a hack—versus nationless criminal undergrounds—takes even more work and verification. However, the rapidity with which security firms regularly see major attacks from within Russian borders shows not so much participation within the Russian government as complacency.
This was the focus of Russian security firm Group-iB when they released a comprehensive report condemning the state of Russian laws against such activity. Which is rather surprising considering that Russia has famously been very restrictive of what its 68 million Internet users can and cannot see, even in ex-Soviet states. Using advanced surveillance systems, the Russian Federal Security Bureau (successor to the KGB) regularly censors and monitors the activities of political activists critical of President Vladimir Putin. Putin’s control over the Russian Internet is fairly ironclad. However, when confronted with the responsibility they might have for allowing such a legendary criminal underground to persist within their borders, Russian officials respond with a flippancy now famous among diplomatic staff: “Blaming Russia is now a sport,” says one aide.
To be sure, the U.S. faces many threats online from sources outside of Russia. China, after all, has also stolen government data from the Pentagon and top secret weapons labs, as well as threatening the security of U.S. infrastructure. Just last month, China hacked GitHub in an effort to squash a software meant to help Chinese citizens evade that country’s online censorship, known as the Great Firewall. We are also known for unleashing our own attacks, most famously against centrifuges in Iran.
The U.S. is the top target of cyberattacks in the world and faces a variety of enemies, but the regularity with which massive piles of sensitive data are leaked onto Russian black markets speaks not to the devotion of a criminal element but to the apathy of the Russian government. The threats coming from within Putin’s country are far from rare—in fact, they are ongoing. The sanctity of everything from government communications to the financial markets is at stake and it is well past time to take it seriously.
Gillian Branstetter is a social commentator with a focus on the intersection of technology, security, and politics. Her work has appeared in the Washington Post, Business Insider, Salon, the Week, and xoJane. She attended Pennsylvania State University. Follow her on Twitter @GillBranstetter.
Photo via DonkeyHotey/Flickr (CC BY 2.0)