Russia’s meddling in the 2016 Presidential election obviously has captured plenty of media attention. Less well known is that, according to a recent U.S. CERT Report, Russia has been “targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors” with cyber intrusions. The CERT Report notes that the initial intrusions proceeded through trusted third-party suppliers with networks that were less secure than those of the infrastructure entities and that the targets were deliberately chosen.
Russia’s manipulation of social media to influence U.S. elections is a deep concern, but the fact that Russia is probing weaknesses in our power, water, air, and other critical networks is even more sobering. Coincidentally, this week I’m teaching a class on cybersecurity and the international law of war. Cyberwar is a fuzzy domain that does not map neatly onto the existing international law of war. Here’s a video lecture of the materials for that class: