Russian hackers have close links to the Russian government, to the point of taking orders from Moscow on who to attack and leave alone. Some of the attacks are politically motivated by Russian state goals, while others are purely for financial gain. Nearly all are apparently with the tacit approval of the Kremlin.
Estonia, for example, was an early Russian state target acted upon by the country’s cybercriminals. Their attacks came in retaliation for the capital city of Tallinn moving a Soviet-era statue that memorialized the Red Army from the city center to a cemetery. This infuriated Russian President Vladimir Putin, who apparently sicced his cybercriminals against the European democracy.
Because Russia reportedly fears the offensive power of U.S. cyber capabilities, and Washington has made clear to Mr. Putin its willingness to retaliate with those capabilities, Moscow ruled against Russian criminal cyberattacks on U.S. infrastructure and government entities, including at the local and state levels. The United Kingdom and Canada have similar cyber strengths and, therefore, cyber protections.
But other countries lack that level of deterrence against Russian attacks.
Just a month before the Russian invasion of Ukraine, according to Mr. Glenny, “a raft of powerful attacks against [the] Ukrainian government, military and media networks helped convince the U.S. intelligence community that Russia was about to invade Ukraine.”
Ever since, Russian ransomware groups have apparently aided Mr. Putin’s war efforts by acting on tips and vulnerability information provided by the Russian government regarding targets in Europe. The cyber gangs are making money and helping “Mother Russia,” according to an expert quoted in the Financial Times.
Russian cyber criminality includes locking up a company’s data, threatening to publish compromising material on the internet, and rapidly rising credit card fraud. Globally, credit card fraud amounted to over $30 billion in 2021 and is expected to rise to over $40 billion in 2026.
Moscow’s participation in protecting Russian and Belarusian cybercriminals as a source of business for what amounts to a Russian cyber mafia adds to the many reasons why the country is widely considered a rogue state.
Mr. Kimmage mentions Russia’s arbitrary arrests of Journal reporter Evan Gershkovich and Alexei Moskalev, whose only crime was to be the father of a 12-year-old girl who drew an anti-war picture.
“The message to the United States is that its norms and ethical standards do not apply to Russia, because Mr. Putin has the power to do whatever he wants,” Mr. Kimmage wrote. “The Russian government does not necessarily need to arrest a dozen Evan Gershkoviches or a dozen Alexei Moskalevs to get its way, but it needs to show itself to be morally and legally capable of anything.”
Mr. Bremmer and Eurasia Group chairman Cliff Kupchan note that “a rogue Russia represents a geopolitical crisis of the highest order. It’s a threat to global security, Western political systems, the cybersphere, space, and food security … not to mention every Ukrainian civilian.”
Rogue states like Russia, China, Iran, North Korea, Burma (Myanmar), Syria, Afghanistan, Venezuela, and Cuba have certain characteristics in common. They snub the international rules-based order led by the United States, European Union, Japan, and other like-minded allies that promote free markets, democracy, and human rights. They mistreat their own citizens, sometimes to the point of genocide, including against Ukrainians under Russian control, Uyghurs and Falun Gong in China, and the Rohingya in Burma.
These rogue states deserve an international downgrade from the status of sovereign nations to the status of terrorists, like the ISIS terrorist group. When the international community shows them respect by according them equal status to their own democracies, they tacitly legitimize their criminality. This failed strategy of engaging the world’s most dangerous rogue regimes must end.