The disclosure underscores how important projection power in cyberspace — in support of Ukraine’s defenses and to potentially deter Russia from carrying out cyberattacks against U.S. infrastructure — has been important to the Biden administration, as it continues to avoid directly engaging Russia in a shooting war.
It’s a rare public acknowledgment by US military officials of hacking operations that are often shrouded in mystery.
Nakasone’s comments, and the White House’s response to them, suggest that cyberspace is an area where the Biden administration feels comfortable countering Russia without fear of escalation. President Joe Biden has pledged not to directly engage with Russia militarily during the Ukraine War until the United States and its allies come under attack.
“We don’t see it as such,” White House press secretary Karine Jean-Pierre said Wednesday when asked at a news conference whether Cyber Command’s actions contradicted Biden’s commitment.
Biden officials have warned for months of the threat of retaliatory Russian cyberattacks on US infrastructure after the United States and its allies imposed sweeping sanctions on the Kremlin over its war in Ukraine.
While analysts have offered a range of theories, including upgrades to US defenses, as to why such a hack has apparently yet to happen, US officials told CNN that Russian fear of an escalation in the cyberspace could be a factor.
On the one hand, Moscow may not want to risk retaliatory US cyberattacks that could hamper Russian military operations, a senior US defense intelligence official told CNN.
The Russians have already had enough problems in Ukraine to execute military operations, “I think adding any kind of American cyber potential into that mix… [is] probably taking into account their decision calculation,” said the official, who spoke on condition of anonymity to speak candidly on a sensitive national security issue.
The paucity of Russian hacks on US targets may reflect “fear of escalation and what the US response might be, particularly if the US response affects Russian combat power in some way”, added the manager.
The statements, taken from an interview with a senior official tasked with closely monitoring Russian cyber activity, offer a window into American thinking about Russian hacking at a critical time in the war – as the Kremlin targets eastern Europe. Ukraine after failing to take Kyiv. .
The official’s analysis also reflects the uncertainty and ambiguity of great-power competition in cyberspace, where governments try to keep guesses about their hacking capabilities and willingness to use them.
“For Russia, understanding the full extent of US cyber combat power is a gap that leaves them uncertain about opening up that front, at least for now,” the senior US official said. “Cyber warfare is a new field… It hasn’t been around long enough for a single nation-state to dominate it.”
“Peacetime attribution is tricky enough”
Analysts say Cyber Command has matured considerably since its inception more than a decade ago and has increasingly become a tool for projecting American power. The command sent personnel to Ukraine in December, in anticipation of the Russian invasion, to help Kyiv bolster its cyber defenses and gather intelligence on potential Russian hacking threats, officials said.
There is a range of activity, including low-level intrusions into computer networks, that may qualify as “offensive” cyber operations but which the Russians do not necessarily interpret as escalation, according to Bobby Chesney, associate dean at the University of Texas School of Law which focuses on cybersecurity and national security law.
While big hacks of US organizations linked to the war in Ukraine have been rare, a plethora of attempted cyberattacks have been reported in Ukraine and Russia as digital vigilantes take sides in the war. The websites of Russian government ministries and media spokespersons have been taken offline or modified to broadcast anti-war slogans.
The senior US defense intelligence official expressed concern that the Russian government may incorrectly assess that this type of hack originated from the US government.
“Peacetime attribution is quite tricky … I would say there is a real danger of unwittingly attributing something to the United States that the United States or its allies simply did not do,” he said. said the manager.
CNN’s Katie Bo Lillis contributed to this report.