On May 20, two pro-Moscow hacker groups, Killnet and Legion, launched a coordinated cyberattack against thousands of Italian websites. Targets included major transportation centers and key government offices such as the foreign and defense ministries.
Later that month, Killnet threatened to follow up with “an irreparable blow” against Italy.
The big question is why? Russia has certainly increased the pace of its cyberstrikes since its invasion of Ukraine. In the early days of the war, it cyber-hammered the Kyiv government relentlessly.
Other nations have seen malicious attacks as well, but why the concentration on Italy? While Rome has condemned the invasion and supports Ukraine’s self-defense efforts, it ranks nowhere near the top of nations aiding Kyiv.
Perhaps the Russians thought Italy would be a soft target for their hacker army. If that’s the case, they were greatly mistaken. Rome’s freshly minted National Cybersecurity Agency led a robust response, successfully repelling the worst of the Russian attacks.
Established in August 2021, the agency includes the Computer Security Incident Response Team. About the same time the Russian hackers were readying their Italian offensive, the agency published a forward-looking National Cybersecurity Strategy, which calls for the adoption of 82 measures by 2026. A significant part of the strategy is specifically dedicated to protecting from and responding to cyberattacks.
Cyberwarfare differs fundamentally from conventional warfare. It is not a war to be won; it’s a condition to be endured. A system might be invulnerable one day, and a sitting duck the next. All it takes is one computer virus or one successful phishing attack.
China and Russia understand this. They have invested heavily in cyberwarfare because they appreciate its potential to be a real game-changer in the ongoing competition with the free world.
Make no mistake. Presidents Vladimir Putin and Xi Jinping would like to (in the bluntly honest vocabulary of Nikita Khrushchev) “bury” the free world. They would prefer a world without America, a world where Europe is weak, disorganized and distracted and most other regions exist as supportive suburbs of Beijing and Moscow.
They employ many longstanding weapons in their struggle against freedom: military, economic and diplomatic. But cyber is a major part of their arsenals. It enables them to engage in economic raids—like intellectual property theft and outright stealing—as well as mess with their opponents’ infrastructure and military operations.
Of all the areas of cooperation between free nations, cyber-action ought to top the agenda, and not just among national governments. The private sector, communities, law enforcement, policy community, the academy, and states and provinces all have roles to play.
There is some international connectivity, but there could and should be more. As many countries work to break down internal institutional barriers to creating a more resilient cyber-environment, the opportunity is ripe for multilateral work as well.
The opportunities for fruitful cooperation extend beyond traditional NATO allies like Italy. The U.S. and India, for example, can build effective cybertools to counter China’s aggression through cyberthreats and digital authoritarianism. Cyber leaders in Romania and Estonia, working through EU and NATO centers respectively, should build out intelligence sharing and cyber-relationships with like-minded countries in the Indo-Pacific such as South Korea (a nation recently admitted into NATO’s cyber-collaborative).
Always seeking asymmetric advantages over the free world, autocrats and despots will continue to bank heavily on cyberwarfare, espionage and information operations. Cooperative efforts among free nations and free peoples can build the connective cybertissue, interoperability and resilient critical infrastructure necessary to maintain an effective global, layered cyber defense.
This piece originally appeared in The Washington Times