International Affairs: To what extent has the COVID-19 pandemic heightened cybersecurity concerns? Are there any new threats?

A. Krutskikh: Digital tools have become a lifeline for millions of people during the coronavirus pandemic. The Internet, which facilitates communication between people, is becoming increasingly open, but at the same time, it poses an enormous risk. As enterprises, businesses and government agencies transition to operating remotely, they are exposing their internal data. And the deeper humanity “dives” into the cyber sphere, the more we see virtual crime growing.

An even more dangerous trend could emerge: increased terrorist activity in the information space. One strategic challenge that has grown in the current environment is the risk of interstate confrontation in the digital sphere, which cannot be contained on a local scale due to the cross-border nature of information and communication technologies (ICT), and the intertwining of national processes and lifestyles.

All states, regardless of their political orientation and level of socioeconomic development, are vulnerable to acute global problems. COVID-19 demonstrated the interdependence of the new challenges we face and confirmed the urgent need for interstate cooperation in the field of international information security (IIS).

For our part, we consistently advocate establishing such cooperation in a professional and constructive manner. In the current conditions, it is clearer than ever that without universal agreements, the world risks plunging into “cyber chaos,” with truly catastrophic consequences. We believe that rules, norms and principles of responsible behavior for states in the information space, as well as a universal international convention on combating crime in the ICT field, need to be developed as fast as possible.

The leading role in the search for universally acceptable prescriptions for a cyber pandemic should be taken by states and other stakeholders (businesses, civil society, academia) at the only universal organization: the UN. In particular, we are talking about the UN Open-Ended Working Group (OEWG) on IIS, established on Russia’s initiative, as well as the Open-Ended Intergovernmental Ad Hoc Committee to elaborate a comprehensive international convention on countering the use of ICT for criminal purposes.

Q: Recently, American intelligence services have repeatedly made statements about the increased activity of Chinese and Russian hackers who are allegedly trying to steal coronavirus vaccine information from scientific laboratories. What do you believe these charges relate to?

A: The lack of evidence and the political motivation of such fake news is obvious. The sad thing is that it is not only our American partners who are taking these provocative actions. While the U.S. and Great Britain are the lead singers, some states have taken on the thankless role of extras in someone else’s performance: The voices of Georgia, the Czech Republic and the Netherlands have joined the chorus. Who else will get the sheet music for this fake song?

Disinformation campaigns, especially in the field of health care, are being used to manipulate public opinion. We consider it appropriate to recall that, in accordance with the provisions of the 2015 consensus report of the Group of Governmental Experts (GGE) and UN General Assembly Resolution No. 70/237 that consolidated it, any accusations of organizing and committing criminal acts against states must be substantiated. Russia advocates excluding the possibility of arbitrarily identifying the source of cyber threats without states providing appropriate technical evidence at their own discretion.

The COVID-19 pandemic has particularly highlighted the risks and consequences of malicious activity that exploits vulnerabilities at a time when societies are under great strain. Russia shares the opinion of a number of countries on the need to protect ICT infrastructure in the health care sector. We propose that states commit to refraining from attacks not only on medical facilities, but also on the critical information infrastructure of institutions providing vital public services in general – particularly in the fields of education, energy and transportation, as well as in the banking and financial spheres. We will work in this area at UN negotiating platforms on IIS: OEWG and GGE.

Q: About a month ago, German authorities accused Russia of involvement in the hacker attacks on Bundestag servers that took place in 2015. As usual, no evidence was presented. Why does Berlin need to hype this story now?

A: I’ll answer this question from a somewhat unexpected angle. It is surprising that for five years, this obviously absurd case had been gathering dust and was not troubling anyone. It was being held for the right moment, and now it has suddenly exploded. One gets the impression that when they made the pseudo-accusations against Russia, the Germans were performing a ritual act of forced Western solidarity under tremendous pressure from Washington. And what is perhaps even more ruthless, they did this to “buy off” their “older brother” for shameless claims about Nord Stream 2.

The German authorities cite some “credible evidence” that, according to German media reports, they received from none other than the United States. The U.S. is a well-known provider of “reliable facts.” Did Germany immediately publish the information without verifying its authenticity? If Berlin really does have documented evidence from Washington of someone’s guilt, the Russian side is ready to consider it. However, as practice shows, it will hardly be presented to us.

We need facts, not the “high likelihood” that the German media so actively tout. In their absence, we resolutely reject the unfounded and highly politicized accusations of the involvement of Russian state agencies in the 2015 hacker attack on the German Bundestag. We regard these accusations as an attempt to discredit our country and strengthen Russia’s image as an aggressor in the view of the greater world community.

Again, the conclusion about the origin of the malicious activity must be confirmed by technical data. The relevant Russian agencies did not receive official materials and requests from German authorities about the hacker attacks on the Bundestag servers. Berlin still has not provided an intelligible response to Russia’s repeated proposals to discuss the German claims substantively and on the basis of facts.

We earnestly proposed to the Germans to hold consultations on several occasions. In 2014 and 2018, Berlin unilaterally derailed planned high-level Russian-German interagency consultations on information security, and it continues to consistently and purposefully, under various pretexts, to evade restoring this useful cooperation format where we could resolve all questions, share information and hold negotiations. We consider it vital to resume full-scale dialogue in this format, involving the necessary IIS experts. This would allow us to neutralize an unnecessary irritant in our bilateral relations and move toward practical cooperation on information security issues.

Q: Last December, you said that cyber attacks number in the millions and even billions, while attacks on Russian government agencies alone number about 70 million a year. Do you have more recent data?

A: The digital age is our new reality; it does not exist in a vacuum. Human progress cannot be imagined without cyber technologies, the free exchange of data in the virtual space. Unfortunately, the number of challenges related to the illegal use of ICTs is growing every day. The situation in the world is sharply deteriorating.

The UN estimates that cybercrime causes $1.5 trillion in material damage every year. Gartner, Inc., a consulting company, predicts that nearly $124 billion will be spent on global cybersecurity in 2020. According to the research firm Cybersecurity Ventures, while in 2016, global businesses were attacked by ransomware viruses every 40 seconds, in 2021, such attacks will occur every 11 seconds. During the pandemic, the number of emails containing malware and phishing messages has increased more than sixfold.

Since the beginning of 2020, more than 1 billion malicious information attacks on Russia’s critical information infrastructure have been recorded. Cases of coordinated, targeted computer attacks – i.e., those involving several related actions – have become more frequent. The number of such attacks in the last several months has already exceeded 12,000. The attacks have targeted state authorities, the credit and financial sphere, health care, the defense industry, and science and education institutions. These figures confirm the immense danger posed by computer attacks, since the attacked institutions ensure the daily life of society and the state, the safety of our citizens.

The greatest danger is that online incidents could lead to full-scale offline conflicts. Russia is calling for more effective international counterterrorism cooperation, especially in the digital age. The use of ICT by terrorists is a clear challenge to international peace and security stemming from the illegal use of these technologies. This is not just a criminal problem, it is also a political one. Such actions could violate the sovereignty of states and interfere in their domestic affairs.

No nation can succeed in tackling the misuse of ICTs on its own. The international community needs real and effective unity in our joint steps. We advocate for an equal, fair world order in the digital sphere that protects the interests of all countries and excludes the possibility of establishing hegemony in the information space and imposing unilateral “rules of the game” that would benefit only individual players.