Russia has been turned into a dictatorship in two weeks. No journalists are allowed to mention the word “war” in combination with “Ukraine”, resulting in several journalists or news agencies shutting down their activity or agreeing to self-censorship. Many foreign journalists are thus going home for fear of their reporting being in conflict with these hard measures.
Protesters face fines, but also being conscripted and sent to the frontlines of the war, in a very cruel irony. Furthermore, the Russian authorities are shutting down or blocking access to various social media. They still lack the capacity to hunt down everything said and written, so they resort to complete blocking, I guess. Simultaneously they can use Internet Research Agency (IRA) and others to spread disinformation about the war, foreign interventions and try to gain support for this military operation (Z, anyone?). Lastly, they have the opportunity to limit the influence of foreign actors.
Many are surprised the Russians haven’t attacked, or crushed, Ukraine through cyberwar yet. This was expected regarding all the attacks Ukraina has endured since (at least) 2015: attacks on energy plants, the electric grid, authorities, banks and so on. It was also expected because of the Gerasimov doctrine (Gerasimov happens to be highest ranking military (as I understand it)) in Russia, overseeing the invasion of Ukraine.
There are things destabilizing the Internet, such as cyberattacks on authorities, power plants and a virtual flood of spam mail, though nothing (yet) near the total cyberwar between nation states. One important aspect complete havoc has not hit us could be linked to the dark forest theory.
The dark forest theory is developed by science fiction writer Cixin Liu in the second book of The Three-Body Problem Trilogy (spoiler alert ahead!): The Dark Forest. In my eyes it could be applied here, even if it originally concerns cosmic civilizations. Instead of a dark forest inhabitated by scattered civilizations, we see a planet with many different countries in various stages of cyber capabilites. The three strongest are the US, Russia and China. The former two are in economic war, and the US supports a fourth nation being attacked by Russia militarily. The US also has allies in the form of the Five Eyes (the US, UK, Australia, New Zealand and Canada) and the EU (which is not a cyber power in itself). On the outskirts are enemies of the US, North Korea and Iran, to keep it simple.
Russia attacks Ukraine and the US declares its support of Ukraina, all in concert with the EU. The Five Eyes have exposed the Russian planes for months and boosted the Ukrainian defense for years, both military and the cybersecurity. All eyes are focused on Ukraine and Russia. So, to apply the dark forest theory here, all nations are separate persons sitting or standing next to a tree each, in a dark forest. Every single one is a hunter and game at the very same time. (Even if, for instance, the US, Russian and China are comprised of several agencies and authorities (and companies) each, they are reduced to one person here.) The nations/persons have all surveilled and hacked one another for years now, so they know pretty well who sits or stands next to a tree, and about where that tree is situated. Now they are poised for stronger, more devastating cyberattacks than ever before, perhaps on such a scale that it can cripple an entire person for years to come. And they can’t afford more than one chance, here meaning they have three choices:
- Sit/stand still
- Shoot
- Run
The first implies trying to hide and remain, in best case, undetected, or it means remain vigilant but inactive.
The second means attacking, thus revealing and exposing themselves by standing up and shooting. Everyone in the dark forest will instantly hear the shot. The closest, or most able, will even see the shot, perhaps even the shooter.
The third means trying to relocate and, if succesful, hide behind another tree. It entails standing up, running, avoiding being shot and hiding behind another tree, hopefully not to close to another person.
Unlike a real person, Russia can cause some minor disturbance for others, just like other nations might cause small disturbances, because they are comprised of so many smaller actors within themselves. But still, the nation has only have one single chance of doing something powerful: taking down an opponent/enemy.
What upsets the dark forest theory here is allies. In the original dark forest theory there is no such thing as ally or friend. Everyone is a mortal enemy. Russia has no allies to speak of. The US is in a group of five, and aligned beside them are friendly allies, such as France, Germany, the Netherlands and Sweden. Let’s say Russia chooses to attack the US, wreaking havoc in revenge for the support of Ukraine. They can take down some agencies, companies, municipalities and cripple many others. But since the Americans aren’t all situated in the US, many cybercapabilites will remain (the opposite is also true, though the Russians have fewer capabilites abroad). And most importantly, the allies will definitely attack Russia in turn. Since Russia has no allies, they will be the quarry.
To speak with dark forest theory: Russia can choose to shoot. But they cannot run to another tree. They will turn from hunter to game the moment they reveal themselves. They will be fatally shot and destroyed by all the other hunters in the forest (especially considering how strained their other capablities are: military, economy, clout). That’s why I believe (and I could be very wrong) there has been no cyberwar to speak of so far (that we’ve seen). Russia simply cannot attack without being completely destroyed.
Another main reason for this is the approach formulated by former secretary of defense Jim Mattis. In 2018 he outlined a new approach by the US in case of a major, devastating cyberattack: to consider such an attack as a nuclear attack, thus reciprocate with nuclear weapons. This is something the Russians know. Of course, this concerns an attack on the US itself, but where to draw the line when cyberattacks on one actor can spread unintentionally to others?