Americans warn: Russia's trump card is cyber war

When the Americans warn of an attack, the world should sit up and take notice.

After all, they could be right, as was seen in the invasion of Ukraine.

American politicians are also warning of Russian cyber attacks on the West.

Rarely, however, has that sounded as unmistakable as it recently came from President Joe Biden.

Attacks by hackers loyal to the Kremlin are “quite momentous,” said Biden, “and they are imminent.”

He called on companies to arm themselves against it “immediately”.

Morten Freidel

Editor in the politics of the Frankfurter Allgemeine Sunday newspaper

• Follow I follow

Nobody knows what it would look like if hackers employed by Russia paralyzed the Western networks, but they do know that they could cause enormous damage.

They've repeatedly shown what they're made of, spent months spying on authorities and ministries in the US undetected, digitally crippling hundreds of thousands of computers and turning off the electricity for the Ukrainians in winter.

Some analysts believe that Kremlin hackers are particularly good at shutting down power plants or industrial plants.

This is no small thing.

You have to penetrate the computer network and work your way to the control systems.

They run programs that only those in the know can understand, and they cannot simply be controlled remotely, but only if you flip a lever or turn a key at the same time.

Such systems can only bother hackers who play in the first league.

"Russia is concentrating on this, and that should concern us," says Luke McNamara, an analyst with the American firm Mandiant, of the FAS. Compared to China, North Korea and Iran, McNamara sees the Russians as leading in such attacks.

The hacker accepted deaths

Last week, the US Department of Justice released an indictment against a Russian hacker, detailing how he and others managed to disrupt a foreign refinery.

Yevgeny Gladkikh worked for a research institute of the Russian Defense Ministry.

Years ago, he hacked into the computers of an industrial plant, presumably in Saudi Arabia.

Gladkikh was particularly interested in a program that ensured safety, such as shutting down incinerators if something went wrong.

He tried to disrupt that.

Gladkikh and his people wanted to throw the refinery into chaos.

They accepted that toxic gases would escape, that there would be explosions and that people would die.

If their only concern was to shut down the plant, they could have had it easier.

They would then have only had to delete all the data on the computers, which they already had access to.

But Gladkikh waited until he could manipulate the security program.

That noticed a malfunction and shut down the refinery.

A little later he tried again.

The refinery shut down again.

For Gladkikh this was just the beginning, it was a test.

His actual destinations were in the USA.

In the years that followed, he and his people read public articles written by Americans about how safe refineries are.

They even studied job postings to see if there were any facilities using the same security program as those in Saudi Arabia.

In fact, some did.

Gladkikh tried several times to get into the systems, but he couldn't.

One has to assume he was discovered in the process, because the indictment ends here.