Cyberattack on Russian Defense: American Revenge?
The Russian Defense Ministry said it was the victim of a computer attack launched from abroad against its website. An American operation?
Who can this attack come from? One of the possible scenarios is that of an American cyber attack. The United States has seen three major cyber attacks in recent months. First, the discovery of spyware – probably of Russian origin – at the Texan publisher Solarwinds , supplier of large groups and American federal agencies. Then, a massive cyberattack on Microsoft’s Exchange messaging system , attributed to Chinese hackers, which had seen the data compromise of tens of thousands of customers. A third attack targeted a strategic pipeline on the east coast of the United States, which was decommissioned in a ransomware attack against its owner, the Colonial Pipeline company. The company took several days to restart this pipeline, which supplies 45% of the area’s fuel.
Attack on Kaseya
A fourth cyber offensive targeted at the beginning of July the American company Kaseya, a specialist in the outsourcing of IT services , which had affected several hundred companies by ricochet. A Russian-speaking hacker group known as REvil claimed responsibility for the intrusion, which Kaseya still had not recovered from on July 14, and claimed $ 70 million in bitcoin. A group of hackers, called ATP 29 or Cozy Bear and linked to Russian intelligence services, is suspected of being behind the politically sensitive intrusion attempt.
Many voices of cyber experts and congressmen had risen in recent weeks to call on Washington for a massive reaction. White House press officer Jen Psaki did not rule out hack back operations against Russian interests in early July. “IF the Russian government does not take action against criminal actors based in Russia, we will take action on our side,” said Jen Psaki.
In February, Anne Neuberger, the White House’s senior cybersecurity adviser, said her team was considering retaliation after the attack on SolarWinds. “This is not the only case of malicious cyber activity of probably Russian origin, whether for us or for our allies and partners,” she added. For Frank Cilluffo, former homeland security adviser in the administration of George W. Bush, now director of the McCrary Institute at Auburn University, any response will have to be carefully crafted, without collateral damage, in the manner of ‘military action against specific targets. This could mean economic, diplomatic or military measures, “he said in March.