Yesterday, Jason Healy, Director of the Cyber Statecraft Initiative at the Atlantic Council, blogged about how the United States (U.S.) can "beat" a Russian cyber assault on the Ukraine. Today, we have reports of communications issues within the Ukraine. Specifically, there are reports that Russian troops are using jamming equipment to disrupt communication between Ukraine forces, and that Russian troops allegedly cut Internet cables inside Crimea. As Shane Harris at Foreign Policy reports, there may also be signs of cyber attacks, though nothing is yet confirmed. What we do see is evidence of Russia's plan to disrupt, degrade and deny communications to Ukraine. This is not surprising given that at the moment, Russia's activities amount to a bloodless invasion, and bloodless or no, an invasion of any country requires prepping the battlefield to your advantage. The first thing to do, therefore, is to cut as many lines of communication your enemy has.
While we are still watching events in Crimea closely, we should think about possible options to aid Ukraine. Given Healy's expertise in the cyber realm, perhaps we should listen to his advice. Unfortunately, Healy's message was mixed. First he claims that some cyber attacks that are low-level denial of service attacks ought to be overlooked. Others, though, that cause "major disruption to government services of critical infrastructure must be considered as crossing a line." Though, he leaves us wondering what types and degrees of attacks against which government services would constitute an act of war. Second, the he claims that:
Some steps to help a nation facing a strategic assault require strong government action. The U.S. president, NATO secretary general and European leaders could call Putin to warn that they are not fooled by his use of nationalist proxies [to launch cyber assaults] and will hold him to account. Since warnings won't sway Putin, they should be backed with harder options. The U.S. Department of Defense could order its muscular Cyber Command to prepare to disrupt the attacks if asked to do so by Ukraine's government.
Here is the rub: if the U.S. decides to enter the conflict between Ukraine and Russia it becomes a belligerent party to that conflict. In other words, the U.S. is no longer a neutral party and is subject to attack by Russia. We can think of it in simpler terms. For example, a much larger and stronger person is bullying your friend. The bully is threatening to take something that belongs to your friend. You have the option of staying out of it, or perhaps shaking a fist from afar, or even trying to dissuade the bully through discussion or even threats. But once you decide to fight the bully on behalf of your friend, you open yourself to the bully attacking you too. That is the law of neutrality at work. Any state that assists, aside from diplomatic efforts, one side in a conflict is no longer neutral party. Thus if the U.S. were to put "harder options" on the table, the U.S. would become a party to the Ukraine/Russian conflict.
Given that the U.S. is so far very reluctant to discuss overt military measures against Russia, and has moved to coerce Putin only diplomatically and economically, we might be hard pressed to see any "harder" options. While some might believe that putting the U.S. Cyber Command into action is not a belligerent act, this is not so. It would be no different than the U.S. European Command marshaling troops to send to Ukraine. For if we believe that the use of cyber weapons against another state constitutes an act of war, then using cyber weapons in defense of others would constitute an act violating neutrality. I am not certain that President Obama would be very comfortable painting a giant target on U.S. networks and infrastructure, no matter how unjust Russia's actions against the Ukraine are. Thus we should be wary of suggestions like Healy's.