Stumbling toward Armageddon

“Those whom the gods wish to destroy, they first make mad.”

- ancient Greek saying, wrongly attributed to Aeschylus

The New York Times ran a story on Saturday that starts with the sentence “The United States is stepping up digital incursions into Russia’s electric power grid in a warning to President Vladimir V. Putin and a demonstration of how the Trump administration is using new authorities to deploy cybertools more aggressively, current and former government officials said.”

The story goes on to discuss how government cyber warriors have implanted malware in the Russian grid – and for that to be able to do any damage, it has to be on control networks. Of course, there have been multiple reports that the Russians have planted malware in US control networks, including:

1. The 2019 Worldwide Threat Assessment, prepared by the Director of National Intelligence, the FBI and the CIA. While the WTA doesn’t directly say the Russians are in electric utility control networks, it does say they’re in a position to cause multiple outages at will, which means the same thing;
2. Vikram Thakur of Symantec, quoted in a January article in the Wall Street Journal, where he said that at least eight utilities had been penetrated at the control network level; and
3. Chris Inglis, formerly deputy director of the NSA, who said recently that over 200,000 “implants” (the same word used in the NYT article, meaning malware) had been planted in water, natural gas and electric power infrastructure (presumably at least some of those in control networks of electric utilities).

To be honest, I would have been surprised to hear that the US wasn’t doing this to the Russians, and I’m glad they are. But the question is: What is the purpose of doing this?

Of course, there’s a very obvious reason for planting malware in the Russian grid (discussed at length in the article): Since the Russians have malware in our grid and could cause outages whenever they want (if the CIA and FBI are to be believed), the knowledge that we’ve done the same thing to them will make them much more hesitant to pull the cyber trigger on us. So we’re protecting ourselves, just as our huge nuclear missile and bomber fleets have so far protected us from nuclear attack from Russia (and previously the Soviet Union), under the Mutually Assured Destruction principle, also known as MAD.

But there’s a big difference between nukes and cyberattacks. A nuclear attack on anywhere in the US, even the middle of some desert, is totally unthinkable. There’s literally no risk we will accept that would open up the possibility – even if very very very small - of this happening. This means we will absolutely never launch a first strike against Russia, since we could wipe out the whole country, but their nuclear submarines would still survive to destroy most of the US. And the Russians will never launch a first strike against the US, for the same reason (of course, a dictator who doesn’t care about his countrymen might do that, if cornered. Kim Jong-un comes to mind here).

But a cyberattack isn’t at all unthinkable. A lot of these have been launched by state actors (including us, of course); the NotPetya attack caused $10 billion in damage worldwide (question 1: Who was responsible for that? Answer: Without a doubt, Russia. Question 2: Has Russia been in any way held responsible for this, or is there even any likelihood that they will be? Answer: You gotta be kidding! The same goes for the Malaysian airliner that was downed over the Ukraine in 2014, the cyberattacks on the Ukraine, etc. Do you notice a pattern here?) – yet we’re still able to go to the grocery store, write blog posts, etc. Of course, some people will die in a cyberattack on either our or Russia’s grid, but tragedies happen every day. Neither the US nor Russia considers a grid cyberattack to be an unthinkable event.

Of course, the Russians certainly wouldn’t launch a cyberattack on the US grid willy-nilly. But they might do it due to some provocation, such as our killing Russian troops in Syria. When they were attacked, US forces killed about 100 Russian mercenaries in Syria last year, but the courageous Mr. Putin pretended that they weren’t really Russians and didn’t take any measures against us (way to stand behind your guys, Vlad!). If it had been regular Russian troops or say airmen, Putin would have felt compelled to respond in some way. Or perhaps if the US directly aided a new offensive by the Ukrainians to drive the Russians and their allies out of the Donbass region of the Ukraine – again, Putin would probably feel compelled to respond in some serious way, like causing blackouts in the US.

So let’s say the Russians black out a few major cities, although probably just for a few hours. What will we do then? The article makes it pretty obvious that we’ll probably launch a similar attack against the Russians. And given that their grid is less redundant and resilient than ours (and we’ll naturally want to cause more damage than they caused to us), it will probably be more destructive and kill more people. So what’s Russia going to do then? I’d say there’s a pretty good chance they’ll strike back. They might launch a broader cyberattack, perhaps hitting water and/or natural gas pipelines (although I find it hard to believe that a cyberattack alone could cause a serious natural gas disruption. However, water supplies are a bigger concern). And since real Russian civilians would presumably have been killed by our retaliatory cyber strike, they might even launch some sort of very limited military attack, which would kill even more US civilians and military personnel.

I think you see where this is going: Once the conflict moves into the military phase, it becomes very possible that a “limited” nuclear strike will be launched, perhaps on a US military base overseas, so it doesn’t kill a lot of US civilians. But then we launch a bigger nuke strike, and sooner or later we have a full nuclear exchange and that’s the end of civilization.

Of course, hopefully cooler heads will prevail and someone will step in and talk some sense into both participants before the confrontation goes that far. But that’s not enough. Sometimes, during a period of high tension, the word to stand down might not get through to every officer with nuclear weapons under his command. One guy thinks he’s doing the right thing, presses the button, and…

Which brings me to a good true story – events before and during the Cuban Missile Crisis in 1962. What set the crisis off was probably the US invasion of Cuba at the Bay of Pigs in 1961, along with the US installation at around that time of Jupiter nuclear-armed missiles in Italy and Turkey, aimed at the Soviet Union. The Soviets decided to retaliate by installing similar missiles in Cuba, where they were detected by a U-2 spy plane. President Kennedy then escalated the conflict by declaring a naval blockade of Cuba. But even though the Soviets moved a number of vessels into the waters around Cuba, there was no conflict. The Soviets backed down and removed the missiles, followed by the US removing the Jupiter missiles from Turkey and Italy.  Nobody dead, not a shot fired in anger. Seems to be a textbook case on how a well-controlled (on both sides) military confrontation can produce a satisfactory result for both parties, right?

No, that’s not right. The full story came out after the fall of the Soviet Union, showing how close the world came to Armageddon. It seems one of the submarines that the Soviet Union deployed to Cuba during the crisis was the target of depth charges foolishly dropped by a US Navy vessel, which was trying to get the sub to surface so it could be identified. The problem is that this sub had lost all communications with the outside world because of its depth, and the two commanding officers (one was actually the political officer that traveled on all Soviet naval vessels) reasonably believed that open war had broken out, and the depth charges were meant to destroy them.

This sub had nuclear torpedoes on board (only the US had submarine-based nuclear ballistic missiles at the time), and the two commanding officers decided to use one of them to sink the US ship that was dropping the depth charges. The Soviet navy’s protocol for using these weapons was that it required consent of both commanding officers, which would normally have meant the sub would have fired the missile. However, it happened that the commander of the flotilla also happened to be on the submarine (this wasn’t normal), and because of this, his approval also was required. This man, Vice Admiral Vasily Arkhipov, wouldn’t approve of the launch; the sub surfaced and was recalled to the Soviet Union.

It turns out, it was very fortuitous for the human race that Arkhipov was on the sub at the right time. As it happened, there was a cabal of hotheaded generals at the Pentagon (including Gen. Curtis LeMay, who later would run for Vice President with George Wallace, and was reported to have advocated nuking Vietnam). For them, the nuclear strike on the US ship would have been like manna from heaven, because it was an excuse to do what they had been advocating anyway: launch a first strike on the USSR before the Soviets were able to deploy the overwhelming number of ICBMs that the US already had in place (although the Soviets still had lots of nuclear bombers and the US would probably never have been able to block them all). They would have blamed Russia for the first nuclear strike and used that excuse to launch their attack – which of course would have been followed by retaliation from Russian bombers that were in the air at all times during the crisis, as well as any land-based missiles that weren’t destroyed by the US strike. So even though the US might have technically survived, even just a few nuclear strikes on key cities would have made it a hollow “victory” indeed (remember, the bombs would have been thermonuclear, vastly more powerful than the bombs that destroyed Hiroshima and Nagasaki). And of course the fallout would have killed many more people, in the US and the Soviet Union as well as in adjacent countries.

The moral of the story? I suppose it’s good clean fun to deploy a bunch of malware on the Russian grid, to match (and maybe more than match) the malware the Russians have planted on ours. But actually retaliating against a grid attack with a grid attack of our own could very well lead into the military realm, which could then easily lead into the nuclear realm. And even though the controls on nuclear weapons are supposed to contain their use until the president has made the decision to use them, there can never be 100% certainty that those controls will hold.

If the Russians actually do bring down part of our grid, instead of retaliating in kind, we should turn to tools like sanctions, which seem to have caused a lot of real pain for Mr. P and his cronies. The only problem with the sanctions on Russia so far is that they haven’t been deployed at anywhere near the level they should be. For example, once it became clear that the Russians were responsible for shooting down Malaysia Airlines flight 17 (and a Russian parliament member admitted that about two weeks after the incident), I think Russian planes should have been banned from all international airspace until the Russians had admitted their involvement and paid full reparations to all of the 300 victims’ families, as well as to the Netherlands and other countries who lost their nationals or were otherwise affected. Of course, five years later the Russians have paid exactly $0.00, and I know of no current action to change that situation.

If instead of sanctions, we retaliate against a Russian grid cyberattack on the US with a similar or greater attack on the Russian grid, we can be sure the Russians will retaliate for that, then we’ll retaliate for that strike, etc. This will likely escalate to military retaliation and then, even though the US and Russian leaders will hopefully behave responsibly, we’ll just have to pray that no US or Russian general or admiral anywhere in the world, on the land, sea or air, will become confused at the heat of the crisis and do something they shouldn’t do. But what could possibly go wrong?

Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC. If you would like to comment on what you have read here, I would love to hear from you. Please email me at tom@tomalrich.com.