No outcome of the Geneva summit was more eye-opening than Joe Biden’s claim to have presented Vladimir Putin with a list of 16 categories of U.S. cyber targets that must remain off-limits to attack.
But calling Mr. Putin’s attention to the list also calls the attention of Russia’s hackers to it, for whom surviving in business means being sensitive to the Kremlin’s ill-defined and often retroactive red lines.
Mr. Biden’s list almost certainly is the same as the one publicly posted by the U.S. Cybersecurity and Infrastructure Security Agency last year. It contains no state secrets. U.S. expectations that Mr. Putin will take a proactive hand against Russia’s for-profit hackers are also probably correspondingly low. It would impose costs and risks on Mr. Putin to interfere in a business that’s paying off so handsomely for some of his clients, including officials of his own security services.
Mr. Biden’s threat of retaliation would have been heard too and suggested to Russia’s hackers a new source of risk to their domestic immunity. Mr. Biden specifically mentioned Russia’s oil-field pipelines and elicited from Mr. Putin an agreement that such an attack would “matter” to him.
Admittedly this is speculative, but it smells like the U.S. is playing a three-cornered game with Mr. Putin and Russia’s hackers. If so, it fits what we know about how Russia operates. Mr. Putin is far from all-seeing and all-knowing. It also fits what we learned in the aftermath of the Colonial Pipeline hack that caused gasoline shortages in the Eastern U.S., when hackers believed to be part of the Russia-based group Dark Side conspicuously apologized for the collateral damage and pretended to dissolve their organization.
- Red lines for Russian hackers set by Biden
- Check all news and articles from the latest Security news updates.