Follow us on social

Putin-biden

Biden's retaliatory cyberattacks against Russia are folly

This act of aggression could end up causing far more harm to the U.S. than the initial SolarWinds hack did.

Analysis | Europe

The Biden administration is reportedly planning a “retaliation” against Russia in the next three weeks or so for last year’s massive “SolarWinds” hack of U.S. cyber infrastructure, for which Russia was allegedly responsible.  

The New York Times has written that U.S. plans include both new sanctions against Russia and U.S. cyber hacking of Russian state institutions. According to the Times, this will include “a series of clandestine actions across Russian networks,” which U.S. intelligence has already prepared. According to National Security Adviser Jake Sullivan, the response is intended to show Russia “what (actions) the United States believes are in bounds, and out of bounds.”

We hope that wiser counsels can still prevail, and in particular, that someone in the administration will notice both the logical incompatibility of these two responses, and the fact that they could set a precedent that will be used against America itself in future.

Because, as Sullivan’s remarks indicate, the imposition of sanctions implies a belief that state cyber hacking is illegitimate in what the United States  calls a “rules-based global order.” The threat of U.S. retaliation in kind declares out in the open that the United States also plans to engage in these supposedly illegitimate actions, and is an implicit acknowledgement that Washington has indeed repeatedly engaged in similar actions in recent years. 

More importantly, the planned action reflects two very serious errors in judgement, which left unchecked, could increase in scope under the new Biden administration. The first is a tendency, amplified by much of the U.S. media, to attribute blame to Russia for negative developments based on inadequate evidence, which the American public is hardly given a chance to view or assess. Furthermore, there is a proclivity to base U.S. policy on information that may be unclear, exaggerated, or simply untrue.

Concerning the SolarWinds hack, U.S. intelligence services can only say that the Russian state was “most probably” or “very probably” to blame for the hack. The New York Times has reported this as a certainty, but it is in fact extremely difficult to pin down for certain the national origins of such hacks, and even more difficult to determine if they were the work of state forces or independent actors. We may well reasonably assume that Russian intelligence services were responsible, but action of the kind that the Biden administration is contemplating should be based on something more than probability.

The second error, as I pointed out in Responsible Statecraft on January 13, and as has been argued since in a paper by Major Juliet Skingsley  for Chatham House in London, and in Wired by Andy Greenberg, is the use of the phrase “cyberattack,” reflecting an extremely dangerous confusion between cyber espionage and cyber sabotage.

Cyber sabotage is like all forms of sabotage: a deliberate attempt to damage public or private infrastructure. If it leads to deaths, then it can well be considered an act of terrorism or of war. This is indeed action that violates all traditional rules of international behavior in peacetime. 

Writing about a “Russian cyberattack” against the U.S. Energy Department and Nuclear Security Administration suggests actual damage to those institutions and the infrastructure they control. Among other hysterical political reactions, Democratic Senator Dick Durbin called the SolarWinds hack (which of course he described as a “cyberattack” and attributed unconditionally to Russia) as “virtually a declaration of war.” This has been echoed by Senator Chris Coons and others.

No such attack happened. Nor is it at all likely that Russia would carry out such sabotage unless Russia and the United States were already on the edge of war. This suggestion is in keeping with the equally absurd warning last year from NATO officials that in time of peace, Russian submarines might attack undersea communications cables — in the process, by the way, doing great damage to Russia itself, and to Russian partners. This analysis appears to have emanated in the first instance from the British Navy, in an absolutely transparent attempt to save itself from budget cuts. As with most of the SolarWinds allegations, these suggestions involved a confusion —whether careless or deliberate — between espionage and sabotage operations 

The SolarWinds hack was an act of espionage by contemporary means. As pointed out in the analysis for Chatham House, an interesting (and amusing) feature of the hack is that if it had not been voluntarily reported to the U.S. government by a private security firm, then — as with all the most successful espionage operations — nobody in America would ever have known that it had happened. Believe me, if Russia ever does decide to attack America, we will know about it. 

All states conduct espionage, including most notably the United States itself. Edward Snowden revealed the massive scale of electronic and cyber espionage, not only against Russia and other U.S. rivals but against America’s closest allies. In 2015, Wikileaks revealed that for decades, the National Security Agency had been spying on top German government communications, including hacking the phone of German Chancellor Angela Merkel. 

Moreover, the United States is a global leader in cyber sabotage. As the Times itself has reported, not only has Washington carried out massive cyberattacks on Iran, it has planted malware in much of Russia’s energy infrastructure — though supposedly only to be activated in response to a Russian attack.

Under the new “Defend Forward” cyber-strategy, the Trump administration decided that the United States would itself set out to disrupt any potential cyberattack before it occurred. This is a cyber version of the Bush administration’s disastrous Preventive War strategy, and like that strategy, involves Washington in exactly the sort of aggressive actions that it condemns and seeks to prevent on the part of others. 

If the Biden administration does respond to espionage with sabotage it will take national rivalry in cyberspace to a wholly new level of danger, and start a potentially disastrous vicious circle of retaliatory attacks. It will give a green light to all future targets of American cyber-espionage to respond with cyberattacks on the United States.

Furthermore, to retaliate in this way would be a clear break with ancient international conventions and with the longstanding policy of the United States itself. For example in 2014, Russian intelligence was credibly reported to have hacked into the emails of the White House, State and Defense Departments. The Obama administration classified this as traditional espionage and did not retaliate.

The planned response to the SolarWinds hack reflects a much deeper problem in the Washington establishment’s attitudes and policy: the belief that the United States can unilaterally set the rules of the international system, and yet set different rules for itself whenever it feels an urgent need to do so. This was never an approach that was going to be accepted by other powerful states. In the area of cybersecurity it makes even less sense, for the internet really is (in many bad ways, alas) a great leveler. To adapt a famous meme: on the internet nobody knows that you are the only superpower.


Russian President Vladimir Putin (ID1974/Shutterstock) and President Joe Biden (Stratos Brilakis/shutterstock)
Analysis | Europe
Starmer Macron Merz
Top image credit: France's President Emmanuel Macron, Britain's Prime Minister Keir Starmer and Germany's Chancellor Friedrich Merz arrive at Kyiv railway station on May 10, 2025, ahead of a gathering of European leaders in the Ukrainian capital. LUDOVIC MARIN/Pool via REUTERS

Europe's snapback gamble risks killing diplomacy with Iran

Middle East

Europe appears set to move from threats to action. According to reports, the E3 — Britain, France, and Germany — will likely trigger the United Nations “snapback” process this week. Created under the 2015 Iran nuclear deal (JCPOA), this mechanism allows any participant to restore pre-2015 U.N. sanctions if Iran is judged to be in violation of its commitments.

The mechanism contains a twist that makes it so potent. Normally, the Security Council operates on the assumption that sanctions need affirmative consensus to pass. But under snapback, the logic is reversed. Once invoked, a 30-day clock begins. Sanctions automatically return unless the Security Council votes to keep them suspended, meaning any permanent member can force their reimposition with a single veto.

keep readingShow less
Vladimir Putin
Top photo credit: President of Russia Vladimir Putin, during the World Cup Champion Trophy Award Ceremony in 2018 (shutterstock/A.RICARDO)

Why Putin is winning

Europe

After a furious week of diplomacy in Alaska and Washington D.C., U.S. President Donald Trump signaled on Friday that he would be pausing his intensive push to end war in Ukraine. His frustration was obvious. “I’m not happy about anything about that war. Nothing. Not happy at all,” he told reporters in the Oval Office.

To be sure, Trump’s high-profile engagements fell short of his own promises. But almost two weeks after Trump met Russian President Vladimir Putin in Alaska and European leaders in Washington, it is clear that there were real winners and losers from Trump’s back-to-back summits, and while neither meeting resolved the conflict, they offered important insights into where things may be headed in the months ahead.

keep readingShow less
US Marines
Top image credit: U.S. Marines with Force Reconnaissance Platoon, Maritime Raid Force, 31st Marine Expeditionary Unit, prepare to clear a room during a limited scale raid exercise at Sam Hill Airfield, Queensland, Australia, June 21, 2025. (U.S. Marine Corps photo by Cpl. Alora Finigan)

Cartels are bad but they're not 'terrorists.' This is mission creep.

Military Industrial Complex

There is a dangerous pattern on display by the Trump administration. The president and Secretary of Defense Pete Hegseth seem to hold the threat and use of military force as their go-to method of solving America’s problems and asserting state power.

The president’s reported authorization for the Pentagon to use U.S. military warfighting capacity to combat drug cartels — a domain that should remain within the realm of law enforcement — represents a significant escalation. This presents a concerning evolution and has serious implications for civil liberties — especially given the administration’s parallel moves with the deployment of troops to the southern border, the use of federal forces to quell protests in California, and the recent deployment of armed National Guard to the streets of our nation’s capital.

keep readingShow less

LATEST

QIOSK

Newsletter

Subscribe now to our weekly round-up and don't miss a beat with your favorite RS contributors and reporters, as well as staff analysis, opinion, and news promoting a positive, non-partisan vision of U.S. foreign policy.