The Cyber-Dimension of the Geneva Summit
Andria Gotsiridze, Cyber Security Consultant, Founder of Cyber Security Studies & Education Center
Cyber security has become an important topic of discussion at the Geneva Summit following cyber-attacks directly or indirectly related to the Kremlin. Against the backdrop of a pre-announced adequate response, Biden handed Putin a list of areas the attacking of which would be a red line for Washington. As expected, the Russian President denied Russia's connection to the cyber-attacks, but expressed readiness for cooperation between cyber experts. The summit, which intensified the feeling that responsible behavior on the part of Russia in cyberspace is unlikely in the near future, was preceded by several major cyber-attacks.
At the end of 2020, the well-known American cybersecurity group "FireEye" announced that the company had fallen victim to a cyber-attack. It turned out that APT29, affiliated with the Foreign Intelligence Service of the Russian Federation, carried out a large-scale cyber-attack against large US private companies and government agencies. The cyber-attack came from a system update file of “SolarWinds Orion”, which contained malicious code. The target of the attack turned out to be more than 200 federal agencies and thousands of organizations around the world. Cyber espionage was declared as the reason for the attack.
As a result of a Ransomware cyber-attack on one of the largest oil pipelines in the United States on May 7, the company Colonial Pipeline temporarily suspended the operation of the pipeline. Hackers broke into the computer system of the pipeline and acquired almost 100 GB of data, and as a ransom received several million dollars’ worth of bitcoins from the company to open the encrypted data.
The US government declared a state of emergency. The pipeline shutdown led to an increase in fuel prices. As a result of several days of delay, fuel prices reached their highest level since October 2014.
The perpetrator, DarkSide, a Russian-based cybercrime group which uses a ransomware-type attack, became active last year and has already caused losses of billions to the West. The group also has a kind of "code of ethics": it states that they will never attack government agencies, the medical domain or educational institutions.
A little later, in early June, another Ransomware attack on “JBS”, a large meat producer, led to a significant delay in operations in the United States, Canada, and Australia, thereby raising meat prices. According to the FBI, the Russian cybercriminal group "REvil" was behind the attack.
REvil, also known as Sodinokibi, is a well-known cybercrime group that has been active since at least 2019. Its members are citizens of Russia and post-Soviet countries.
So far, there has been no evidence of Kremlin involvement in the last two attacks, but according to President Biden the fact that cybercrime is based in Russia places some responsibility on Moscow. Official Moscow’s tolerance of hacker groups operating from the areas under its control is well known. It seems that the Kremlin, by not taking appropriate measures (arresting actors and obtaining cipher keys), at the very least encourages cybercrime, which serves as a means to weaken the West.
Whether the number of cyberattacks will decrease as a result of the recent summit is still unknown, although following the summit announcements, it can be assumed that this was a Red Flags Summit, seeing the US draw certain red lines to reduce risks in the cyber domain.
We can highlight several main directions in the field of cyber security at the Geneva Summit:
- According to Biden, experts from the two countries will work on "a specific interpretation of what actions are to be prohibited in the cyberspace", as well as monitor cyber-attacks perpetrated from the territory of both states;
- Biden handed over to Putin a list of 16 domains that are considered critical infrastructure by the Presidential Order of 2013, and attacking them, according to the President, will precipitate an appropriate response. These domains include the government agencies, banking, finance, helthcare, ICT, energy, logistics, agriculture, and other critical sectors.
- Prior to the summit, Putin offered the US administration an exchange of cybercriminals, which the White House met with a willingness to prosecute cybercriminals, but, naturally, without extradition. Washington's position is that a responsible state must take action against cybercriminals operating from its territory, which is directly contrary to the Kremlin's intention to utilize the "white spots" in international law and use cyberspace for its own geopolitical purposes, so as not to lead to the initiation of a collective defense mechanism or retaliatory strike.
- Putin said at the press conference that Russia has not received an appropriate response to 45 cases of cybercrime, despite the fact that the Kremlin has complied with all relevant requirements of the United States. The Russian President also stressed that Washington has never provided adequate evidence to substantiate claims of Russian cyberattacks. Clearly, these statements are intended for a less informed audience and are false. In October 2019, the US Department of Justice took legal action and indicted six GRU officers. The indictment, along with other resounding attacks, includes a spearphishing attack on Georgia's leading media outlets in 2018 and the defacement of thousands of Georgian websites, hampering the work of the president’s, courts’, and local government’s websites. A little earlier, dozens of employees of the Russian special services were charged with meddling in the 2016 US election.
- The development of offensive cyber capabilities is the most important topic, which can become a window of opportunity for Georgia. Clearly, threats could not be made during the meeting, although an adequate response still seemed relevant. This is probably what Biden's question - what Putin would have done if he had faced a massive cyber-attack against the Russian oil pipelines? - was aimed at. Biden stressed that the US have significant cyber-attack potential and Putin knows what consequences to expect. It should be noted that the US has been working on the development of offensive cyber capabilities in recent years. The US Cyber Command has expanded its mission in Europe, the Middle East, and Asia, to monitor Russian, Chinese, and Iranian cyber actors. The NSA has the ability to block overseas targets, destroy their databases, or shut down their networks. During the 2018 midterm elections, US special services blocked the Russian IRA for prevention purposes. Last year, the NSA and the US Cyber Command launched a cyber operation against Iranian Revolutionary Guard Corps hackers after the group sent threatening emails to American voters.
After the SollarWinds incident, the White House is going to invite allies – The UK, Denmark, Estonia, and France - to the annual exercise CYBER FLAG 21-1 organized by the US Department of Defense. According to official information, the exercise will build a community of cyber security operators and enhance capabilities in terms of detecting malicious actions against critical infrastructure, synchronizing countermeasures and joint responses. It is a conception of a collective defense alliance in cyberspace, which will act in accordance with the norms of responsible behavior of states in cyberspace.
In general, in light of the ongoing confrontation in cyberspace, Washington will seek to intensify cooperation with allies against the malicious cyber activities to synchronize the norms of international law and attribution. Involvement in these events is very important for Georgia, as its cyberspace is a kind of testing ground for Russian cyber operations.
As early as September 2019, the US and 26 partner states signed a joint statement on the responsible behavior of states in cyberspace. The signatories note that, if necessary, they will act jointly against the "irresponsible" countries in accordance with the norms of international law. Obviously, Russia did not sign the document, and a Chinese Foreign Ministry spokesman said the statement " is an attempt to justify certain countries' offensive military operations in cyberspace and to turn the cyber domain into a new theater of war"
It is important for Georgia to adhere to this document and thus gain the opportunity to participate in the development of a framework of responsible behavior on the Internet, as well as in cyber capacity building activities. At the same time, Georgia should not limit itself to statements of attribution, and at the outset should express its readiness to join the CYBER FLAG 21-1 alliance. Such a development is feasible, given the degree of Georgia's integration with the West in cyberspace.
- War in Ukraine and Russia’s declining role in the Karabakh peace process
- The Russian Exclave of Kaliningrad and the Lithuanian "Sting"
- Seventh Package of Sanctions and Embargo on Russian Gold
- What could be the cost of “Putin’s face-saving” for European relations
- Failed Tskhinvali Referendum
- The War and Georgia
- “Rural Orbanism”- Polarization as a determinant for Hungary's political future
- Illegal Presidential Elections in the Tskhinvali Region: Why Bibilov Lost and What to Anticipate in Future
- How to Respond to Russian Ultra-Orthodox-Historic-Hegemonism?
- The War in Ukraine and the UK’s New Role in Eastern Europe
- What Will the Abolition of the OSCE Minsk Group Bring to the South Caucasus?
- Why Has the Abkhaz Side Become More Active on Social Networks?
- Why a Neutral Ukraine Is Not on Putin’s Mind (Ukraine’s Neutral Status Is Getting Closer, but What Does It Mean to Putin?)
- Europe's energy future - challenges and opportunities
- Uncontrolled Mass Immigration and the Position of the Georgian Government
- Changes in Putin's propaganda narratives since the Russian invasion of Ukraine
- Positions and Actions of Turkey in the Russo-Ukrainian War
- NATO’s possible expansion in Northern Europe and its significance for Georgia and Ukraine
- Political Winter Olympics in Beijing
- What Is behind Putin’s Sudden Gambit in Ukraine?
- L'Europe pourra-t-elle éviter le “déjà vu” ? (France, President of the Council of the European Union, and the Tensions in Eastern Europe)
- US-Russia Relations and the Issue of Ukraine
- The New Targets of Ramzan Kadyrov’s Regime
- What Will the Post-Merkel Era Mean for the EU’s Russia and Eastern Neighbourhood Policy?
- What Lies Behind the Growing Cooperation of the Georgian and Hungarian Governments
- “Doberman” as a Minister: Inal Ardzinba’s Prospects and Challenges
- The Belarus Crisis: How to Enhance Our Resilience Against the Russian Strategy for Its Near-Neighborhood
- Moldova’s Gas Crisis Has Been Russia’s Yet Another Political Blackmailing
- Belarus One Year On: An Insecure Regime Under Russian “Protection”
- Russia’s Parliamentary Elections - What Can Be Said About the Regime’s Stability
- Can Georgia use China to balance Russia?
- The West vs Russia: The Reset once again?!
- Formation of a New “Political Elite” in Abkhazia - Who Will Replace the Old “Elite?”
- Securitization of the Arctic: A Looming Threat of Melting Ice
- Europe in Anticipation of the Results of a “Harmful Deal”
- (Re)Mapping the EU’s Relations with Russia: Time for Change?
- USA, Liberal International Order, Challenges of 2021, and Georgia
- What does US President Joe Biden’s Recognition of the Armenian Genocide Imply?
- The Political Crisis in Moldova: A Deadlock without the Way Out?
- Russia's Testing or Bullying?
- ‘Vaccine Diplomacy’: A New Opportunity for Global Authoritarian Influence?
- A New Dawn for Transatlantic Relations under Biden’s Presidency: What Are the Hopes for Georgia?
- The End of the Russian Natural Gas Monopoly in Balkans
- Who did the judge sentence: Navalny, Putin or Russia?
- Biden’s Conundrum
- 2020 Developments in Abkhazia: “Elections,” the Pandemic and Deeper Integration with Russia
- Could Belarus Become a Prelude to the Great Polish-Swedish War 400 Years Ago?
- Vladimir Putin's Annual Grand Press Conference - Notable Elements and Messages
- Russia’s Energy Policy in the Tskhinvali Region
- Who Won and Who Lost with the War in Karabakh?
- What Russia has Gained in Karabakh
- What Armenia Did and Did not Lose as a Result of the Ceasefire Declaration in Karabakh
- Protests in Belarus, Lukashenko and the Russian Federation
- Some Thoughts on the Use of the Term „Post-Soviet Space“
- Khabarovsk Krai Protests as an Indicator of the Russian Federation’s Stability
- The Pragmatism and Idealism of the Georgian-American Partnership
- Trio Pandemic Propaganda: How China, Russia and Iran Are Targeting the West
- From Russia with… a Canny Plan
- “Elections” in Abkhazia: New “President’s” Revanche and Challenges
- Georgians Fighting the Same Battle 99 Years Later
- Confrontation between Russia and Turkey in Syria
- Political Crisis in Occupied Abkhazia
- What is the Significance of Killing General Qasem Soleimani?
- What Will the New Dialogue Format with Russia Bring for Georgia?
- On the “Russian Culture Center” in Georgia
- Main Messages of Russian Propaganda
- What do we know about the meeting of the Foreign Ministers of the Russian Federation and Georgia?
- New Focuses of the Anti-Occupation Policy
- Vladimir Putin’s Main Messages in his Interview with the Financial Times
- Georgia and Russia’s Post-modern Fascism
- Dugin has Come Out as a Supporter of Georgia – How Did This Happen?
- Deterring Russia
- On NATO, Russia and Pat Buchanan
- Modern Russia’s Own Wars of Religion
- Bolton’s visit to Moscow– what to expect in U.S-Russia relations?
- The Risk of the Renewal of the Karabakh Conflict after the Velvet Revolution in Armenia
- The Situation in Syria’s Idlib Province, Interests of the Parties and Threats
- The Helsinki Summit and its General Results
- Why It Is Necessary to Know the Day the Russo-Georgian War of 2008 Started
- Georgia’s Position in the Westernization Index 2018
- Why Did the Results of the G7 Summit in Charlevoix not Meet Our Expectations?
- How to Win Cold War 2.0
- The Russian “Ambassador’s” Rotation in Abkhazia
- Why did the Foreign Ministers of G7 not remember Georgia during their 23 April 2018 Toronto Meeting?
- Georgia and the American Strategy
- Putin’s Pre-Election Economic Promises: Myth and Reality
- Let Geneva Stay the Way it is
- Turkey’s Military Operation in Afrin – a New Phase in the Syrian Conflict
- Kremlin New Appointments and the Occupied Regions of Georgia
- Dangers Originating from Russia and Georgia’s Security System
- Eurasian Custom Union and problems of Russian – Georgian FTA
- Is Georgia’s Export Growth Sustainable?
- Russia’s Influence over the Field of Security in Tskhinvali Region is Growing: Support for Full Integration
- What Awaits the People of Gali?
- Growth of Military Spending and Relations with Russia: Azerbaijan trying to Gain Advantage over Armenia
- Disrupt and Distract: Russia’s Methodology of Dealing with the West
- Russian Diplomats in Georgia – who are they, how many of them are there and what are they up to
- Putin’s Visit to the Occupied Abkhazia: Was our Reaction Actually Adequate?
- Is it Acceptable for Georgia to Declare Neutrality?
- How to Stop the “Creeping Occupation”
- Kremlin’s Policy in the Occupied Regions of Georgia Moves to a New Stage
- Syrian Civil War in the Context of Regional Security
- The Winnable Second Round of Russia’s Neighbors’ Struggle against Its Imperialism
- Parliamentary Elections in Armenia – The Triumph of the Governing Party
- Current Foreign Policy of Georgia: How Effective is it in Dealing with the Existing Challenges?
- Observations on the Agreement Reached with Gazprom
- New Russian Weaponry in the Caucasus and Its Impact on Georgia’s NATO Aspiration