Skip to main content

Biden’s Retaliatory Cyberattacks Against Russia Are Folly

All states conduct espionage but if the Biden administration responds to espionage with sabotage it will take national rivalry in cyberspace to a wholly new level of danger.

The Biden administration is reportedly planning a “retaliation” against Russia in the next three weeks or so for last year’s massive “SolarWinds” hack of U.S. cyber infrastructure, for which Russia was allegedly responsible.  

The New York Times has written that U.S. plans include both new sanctions against Russia and U.S. cyber hacking of Russian state institutions. According to the Times, this will include “a series of clandestine actions across Russian networks,” which U.S. intelligence has already prepared. According to National Security Adviser Jake Sullivan, the response is intended to show Russia “what (actions) the United States believes are in bounds, and out of bounds.”

We hope that wiser counsels can still prevail, and in particular, that someone in the administration will notice both the logical incompatibility of these two responses, and the fact that they could set a precedent that will be used against America itself in future.

Because, as Sullivan’s remarks indicate, the imposition of sanctions implies a belief that state cyber hacking is illegitimate in what the United States  calls a “rules-based global order.” The threat of U.S. retaliation in kind declares out in the open that the United States also plans to engage in these supposedly illegitimate actions, and is an implicit acknowledgement that Washington has indeed repeatedly engaged in similar actions in recent years. 

More importantly, the planned action reflects two very serious errors in judgement, which left unchecked, could increase in scope under the new Biden administration. The first is a tendency, amplified by much of the U.S. media, to attribute blame to Russia for negative developments based on inadequate evidence, which the American public is hardly given a chance to view or assess. Furthermore, there is a proclivity to base U.S. policy on information that may be unclear, exaggerated, or simply untrue.

Concerning the SolarWinds hack, U.S. intelligence services can only say that the Russian state was “most probably” or “very probably” to blame for the hack. The New York Times has reported this as a certainty, but it is in fact extremely difficult to pin down for certain the national origins of such hacks, and even more difficult to determine if they were the work of state forces or independent actors. We may well reasonably assume that Russian intelligence services were responsible, but action of the kind that the Biden administration is contemplating should be based on something more than probability.

The second error, as I pointed out in Responsible Statecraft on January 13, and as has been argued since in a paper by Major Juliet Skingsley  for Chatham House in London, and in Wired by Andy Greenberg, is the use of the phrase “cyberattack,” reflecting an extremely dangerous confusion between cyber espionage and cyber sabotage.

Cyber sabotage is like all forms of sabotage: a deliberate attempt to damage public or private infrastructure. If it leads to deaths, then it can well be considered an act of terrorism or of war. This is indeed action that violates all traditional rules of international behavior in peacetime. 

Writing about a “Russian cyberattack” against the U.S. Energy Department and Nuclear Security Administration suggests actual damage to those institutions and the infrastructure they control. Among other hysterical political reactions, Democratic Senator Dick Durbin called the SolarWinds hack (which of course he described as a “cyberattack” and attributed unconditionally to Russia) as “virtually a declaration of war.” This has been echoed by Senator Chris Coons and others.

If you like this article, please sign up for Snapshot, Portside's daily summary.

(One summary e-mail a day, you can change anytime, and Portside is always free.)

No such attack happened. Nor is it at all likely that Russia would carry out such sabotage unless Russia and the United States were already on the edge of war. This suggestion is in keeping with the equally absurd warning last year from NATO officials that in time of peace, Russian submarines might attack undersea communications cables — in the process, by the way, doing great damage to Russia itself, and to Russian partners. This analysis appears to have emanated in the first instance from the British Navy, in an absolutely transparent attempt to save itself from budget cuts. As with most of the SolarWinds allegations, these suggestions involved a confusion —whether careless or deliberate — between espionage and sabotage operations 

The SolarWinds hack was an act of espionage by contemporary means. As pointed out in the analysis for Chatham House, an interesting (and amusing) feature of the hack is that if it had not been voluntarily reported to the U.S. government by a private security firm, then — as with all the most successful espionage operations — nobody in America would ever have known that it had happened. Believe me, if Russia ever does decide to attack America, we will know about it. 

All states conduct espionage, including most notably the United States itself. Edward Snowden revealed the massive scale of electronic and cyber espionage, not only against Russia and other U.S. rivals but against America’s closest allies. In 2015, Wikileaks revealed that for decades, the National Security Agency had been spying on top German government communications, including hacking the phone of German Chancellor Angela Merkel. 

Moreover, the United States is a global leader in cyber sabotage. As the Times itself has reported, not only has Washington carried out massive cyberattacks on Iran, it has planted malware in much of Russia’s energy infrastructure — though supposedly only to be activated in response to a Russian attack.

Under the new “Defend Forward” cyber-strategy, the Trump administration decided that the United States would itself set out to disrupt any potential cyberattack before it occurred. This is a cyber version of the Bush administration’s disastrous Preventive War strategy, and like that strategy, involves Washington in exactly the sort of aggressive actions that it condemns and seeks to prevent on the part of others. 

If the Biden administration does respond to espionage with sabotage it will take national rivalry in cyberspace to a wholly new level of danger, and start a potentially disastrous vicious circle of retaliatory attacks. It will give a green light to all future targets of American cyber-espionage to respond with cyberattacks on the United States.

Furthermore, to retaliate in this way would be a clear break with ancient international conventions and with the longstanding policy of the United States itself. For example in 2014, Russian intelligence was credibly reported to have hacked into the emails of the White House, State and Defense Departments. The Obama administration classified this as traditional espionage and did not retaliate.

The planned response to the SolarWinds hack reflects a much deeper problem in the Washington establishment’s attitudes and policy: the belief that the United States can unilaterally set the rules of the international system, and yet set different rules for itself whenever it feels an urgent need to do so. This was never an approach that was going to be accepted by other powerful states. In the area of cybersecurity it makes even less sense, for the internet really is (in many bad ways, alas) a great leveler. To adapt a famous meme: on the internet nobody knows that you are the only superpower.


Anatol Lieven is a professor in Georgetown University’s School of Foreign Service in Qatar. He is also a visiting professor in the War Studies Department of King’s College London, a senior fellow of the New America Foundation in Washington DC, and a member of the Valdai discussion club in Russia.

Anatol Lieven’s latest book, “Climate Change and the Nation State,” is published in the Spring of 2020 by Penguin in the U.K. and Oxford University Press in the U.S.

He worked for 12 years as a British journalist in South Asia, the former USSR, and Eastern Europe. His areas of expertise include Islamist militancy and insurgency; U.S. political culture and global strategy; the countries of the former Soviet Union; South Asia and Afghanistan; and the politics of climate change. He has commented frequently on current affairs for the Financial Times, the New York Times, Foreign Policy, and The National Interest.

His book “Pakistan: A Hard Country” was published in paperback in April 2012 by Penguin in the U.K. and Australia, and Basic Books in the United States. An updated new edition of his book “America Right or Wrong: An Anatomy of American Nationalism” was published by Oxford University Press in September 2012.

The Quincy Institute promotes ideas that move U.S. foreign policy away from endless war and toward vigorous diplomacy in the pursuit of international peace. Support the Quincy Institute with a 100% tax-deductible donation. Help us achieve a world where peace is the norm and war the exception.