A long time reader pointed me at an article over at the new International Pipeline Resilience Organization web site and asked me what I knew about the organization. First part of that is simple, I’ve never heard of them, but they appear to be a new organization. Further, I have had very little contact with the pipeline industry, so I do not recognize any of the names listed on their ‘Leadership’ page. I do find it interesting that a large portion of their leadership comes from a single large law firm.
The article, though, that I have some thoughts on.
First off, nothing really new here except for the brief mentions about the benefits of joining their organization. The ‘increased cyber threat’ from Russia is a common thread seen in most of the messaging from most of the thought leaders in cybersecurity. The refrain goes that Russia has been aggressive in their cyber activities in stealing information and getting footholds in systems from the federal government to critical infrastructure long before their military crossed into Ukraine. And there were certainly a wide variety of cyber attacks against the Ukraine before the physical attacks started. So, we must (the conventional wisdom goes) expect that the Russians will attack our critical infrastructure.
I am sorry, but I have to take a contrarian stand here, the last
thing Putin wants to see now is a really pissed off USA and/or NATO. He bit off
more than he can conveniently chew and was obviously surprised at how well,
NATO, the European Union, and the United States responded in a coordinated manner
in exercising their individual and combined economic muscle in response to the
Russian invasion. That combined with the strong nationalistic response from the
citizens of the Ukraine, the unexpected leadership shown by large portions of
the civilian government of the Ukraine, have all made the mission of the
Russian armed forces much more difficult than expected.
Putin realizes that the last thing he needs to see at this point is an introduction of NATO forces into the conflict. Even just a NATO air campaign to remove Russia’s air superiority would almost certainly give the Ukrainian military the final tool it needs to repel the Russian forces, or worse yet, capture large portions of the stalled Russian equipment sitting in the mud of the steppes. This realization on Putin’s part is almost certainly a major reason for his threats about nuclear escalation. A significant cyberattack on critical infrastructure in NATO would be the final spur that would drive movement of NATO forces eastward.
So, we can ignore the cybersecurity ‘threat’ from Russia, right? Sorry, nothing in Eastern Europe is ever that simple. What we really have to concern ourselves with is the reaction of the masses in Russia. As the sanctions begin to take hold and Russians start to hear more from their disillusioned soldiers about the conditions in Ukraine (lack of food and fuel really hurts military morale), Putin is going to have to start worrying about an uprising back home. Putin’s concern about this possibility may be what has driven his keeping most of his military forces at home.
If that threat becomes real, then Putin might decide that he
needs a NATO incursion into Ukraine to justify his actions. Again, the easiest
way to encourage that response would be to execute a limited cyberattack on
Western interests. And non-catastrophic cyberattacks on gas and fuel pipelines
would be an effective target for such attacks. So, do not stop working on
improving your cybersecurity posture.
No comments:
Post a Comment