Cyber Scene - A Cable Message: Disruption Ahead
By krahal
To quote Ronald Reagan, "Here we go again," but more so. As Russia continues its physical assaults on Ukraine, it is reportedly upping the ante to launch attacks on US elections at both the national and state levels and to deploy misinformation intended to weaken and destabilize the administrations of worldwide democracies. Following the disruption internationally of several 2020 and 2022 elections and a new intelligence consensus, the State Department has sent a cable, now unclassified on 20 October 2023, to over 100 democratic countries, warning them of the commitment of Russia to tamper with elections worldwide in 2024.
As reported on 23 October by the Washington Post's Tom Stark, the Russian Ambassador to the US, Anatoly Antonov replied: "By casting our country as an adversary, the White House demonstrates disinterest in pragmatic cooperation to address the common challenges facing whole humankind. Washington, with its reckless policies, has driven Russian-American relations into a dead end." Surprisingly, on that subject, to cite the late Wagner Group leader Yevgeniy Prigozhin, "We have interfered, are interfering and will interfere, carefully, precisely, surgically and in our own way, as we know how to do."
Stark mentions another entity: the Democratic Association of Secretaries of State plans $10 million for physical security for election workers in battleground states, as Stark cites Nick Corasaniti, reporting for the New York Times. US Department of Homeland Security (DHS) cyber officials believe that "Nation-state threat actors likely will seek to use novel technologies and cyber tools to enhance their capabilities and malign influence campaigns." DHS added that adversaries would also include China, Iran and North Korea, as well as domestic extremists, as reported in a recent threat assessment. While this would likely include AI, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly noted that AI would not really change the US defensive approach. CISA is already placing ten dedicated regional election security advisers for the 2024 runup and election.
CISA particularly is, however, under attack, indirectly and directly, by some lawmakers who believe that the First Amendment includes protection of any and all information publishable. For background, although CISA was established under the Trump administration in 2018, due to work against misinformation in the 2020 election, the first CISA director was then removed. CISA's attackers believe that the work to combat online disinformation during elections "…singles out conservative voices and infringes upon free speech rights," according to Politico on 22 October. "The accusations started in the wake of the 2020 election and are ramping up ahead of 2024, with lawmakers now calling for crippling cuts at the agency." The Biden administration has turned to the courts, and SCOTUS (Supreme Court of the United States) has reversed the results of the US 5th District Court of Appeals decision temporarily (until likely June 2024), allowing CISA to continue to communicate with the US tech industry against election and other misinformation.
The Washington Post's Ann E. Marimow notes how significant SCOTUS thinks this case is: "The importance of the issue was underscored by the court's decision Friday (20 October 2023) to accept the case for oral argument this term, which would mean a ruling before end of June." She adds that this speed is customary in emergency orders, and that it is customary that the majority would "... not explain its reasoning for granting the administration's request." As for details and impact, SCOTUS has put a hold on the lower appeals-court ruling regarding First Amendment improprieties "…influencing tech companies to take down what they saw as problematic posts about public health and election-related disinformation." Justices Clarence, Alito, and Gorsuch dissented from the court's majority decision to suspend the lower appeals court's ruling stay until the Court can further review it.
The debate continues in the House, with some so-far-minor voices in the Senate. Defunding CISA by 25% may surface again. In addition to election security, "CISA protects government computer networks and essential private sector institutions, like chemical manufacturers, schools and hospitals, from both physical and digital sabotage," per Marimow.
Among leading influential House republicans are well-known-to Cyber Scene--Mike Gallagher (R-WI), the Chair of the House Armed Services Committee's Cyber Panel, and Nancy Mace (R-SC), who heads the House Oversight Committee's Cyber Subcommittee. They are both strong House proponents of cyber security and CISA. The House has passed an appropriations bill similar to that of the Biden administration that will keep CISA's funding intact. Anti-CISA voices in the Senate appear few currently. Marimow summarizes the crux of the issue dear on both sides who believe the Constitution is at risk:
"The First Amendment protects against government infringement on speech. Officials are permitted to tell a company when content on its website is problematic or misleading, and to advocate for administration policies. But officials cannot coerce private companies to take action on the government's behalf or threaten to punish people for expressing different views. The question for courts to unravel is how to distinguish between permitted government speech and prohibited coercion or threat."
For those readers who wish to dig deeper into the complexities and impact of this issue, while not reading through casebooks nor looking for legal explanations from the frequently cited Lawfare blog, Amy Howe in SCOTUSblog gives a 20 October, at-arms-length analysis of this case in "Emergency Docket."
For symmetry's sake, let us return to where we started--with a cable issue. This time, however, it is both cyber-related and physical: the attacks on the Finnish, Estonian and Swedish Baltic Sea cables. In its own way, it too, like the US State Department, delivered a message. This one was seen to be retaliatory, and the most likely able and suspicious criminal attacking NATO's newest member Finland and the next in line, Sweden, would be Russia, although, as of this writing, NATO has not confirmed Russia as the perpetrator. Estonia, whose Cyber Center of Excellence was believed to be hacked in 2008 by the capable enemy abutting Estonia's border, is likely placing Russia as well at its primary suspect. We have seen this movie, with a German Nord Stream 1 and 2 gas-cable-slant, just a year ago.
Despite the international focus on the Middle East, reporters as distinct from another such as the Economist and the US Stars and Stripes on 20 October have considered it worthy enough despite two serious, heartbreaking wars, to raise the issue of Baltic sovereign territorial destruction. It was reported by Sweden and Finland between 8-11 October 2023 that a telecommunication cable between Sweden and Estonia, and a telecommunications cable and a gas cable between Finland and Estonia were discovered to be broken, according to the Economist of 22 October. Finland's president Sauli Niinistö called the damage an "external activity." Finland's cables were some distance apart, and the damage was determined to be due to an external mechanical force from an extremely heavy object left on the seabed.
More information gathering is in process. Finland wants to be "iron-clad" of the perpetrator before pointing a finger and of what response NATO and the European Union (Finland belongs to both now) would provide, such as imposing sanctions. While the damage was fixed and the cables back in service, bad weather has been preventing a full investigation.
The Nord Stream 1 and 2 gas pipelines from Russia to Germany were damaged by a pair of explosions. Sweden believed that a state was responsible, as Russia had capability and proximity, but American and European intelligence agencies were not entirely convinced, according to the Economist.
The Economist believes that officials in private are pointing the finger at Russia, and that Russia is trying to intimidate the Baltics. Sweden's Defence Minister Pal Jonson believes that "The security policy situation in our immediate area has deteriorated." As a reminder, Finland acceded to NATO earlier in 2023 while Sweden has had to wait while Turkey sorts out a dispute regarding Kurdish militants in Sweden.
One of the most revealing contributions of this Economist article is the following: "American and European military-intelligence agencies say that their primary concern is Russia's Main Directorate of Deep-Sea Research, known by its Russian acronym gugi. It is essentially a mini-navy unto itself, with a variety of spy ships and specialist submarines. Among them is the Belgorod, the world's largest operational submarine, capable of reaching considerable depths. These vessels can deploy divers, smaller submarines, or underwater drones, which could be used to cut cables or to lay explosives."
But before accusing Russia, the inquiry gets murkier: Finnish police who were inspecting the damage were investigating a Russian nuclear-powered cargo ship and a Chinese container ship which were both in the area; the Chinese Ship closer to the crime scene and had slowed down hear the scene. The possibility of China being responsible is very worrisome: "The prospect of China attempting to sabotage European maritime infrastructure is so serious that some officials have been left scratching their heads for an explanation." As of 20 October, no conclusions have been reached. Meanwhile, Sweden is more vulnerable as it cannot necessarily be backed up by NATO, as Turkey drags accession through this year. On 13 October, the U.K. sponsored a summit of ten northern European countries, including the three attacked, underscoring the critical situation of undersea infrastructure. Undersea surveillance in the Gulf of Finland and the Baltic Sea is increasing, and Finland's Defence Ministry has just blocked three Russian real estate purchases, and NATO has stepped up air and maritime patrols and sent minehunters to the Baltic Sea. Meanwhile, the Baltics are very uneasy, and they have, according to an Estonian think-tank study, "only a limited grasp of what was going on under the Baltic Sea."
Perhaps it is time for the State Department to issue another cable.
To see previous articles, please visit the Cyber Scene Archive.