Central to the U.S. strategy concerning cyberspace “is the effort to build digital solidarity – working together to offer mutual assistance to the victims of malicious cyber activity and other digital harms,” wrote Secretary of State Antony Blinken in the recently released United States International Cyberspace and Digital Policy Strategy.
An example of digital solidarity is the work undertaken by the United States when the Government of Germany reached out after it detected malicious cyber activity perpetrated by the Russian group APT28 that was targeting a German political party, said U.S. Principal Deputy Assistant Secretary for the Bureau of Cyberspace and Digital Policy Jennifer Bachus:
“It [Germany] came to us; it asked us to join in attributing this activity; it gave us information that we were able to verify, and we were very pleased to be able to support this attribution both bilaterally and through NATO. ... We came together with the EU and NATO Allies condemning the activity and supporting efforts to counter disruptive cyber activities and hold malicious cyber actors accountable.”
Principal Deputy Assistant Secretary Bachus pointed out that APT28 is part of the Russian Federation’s General Staff Main Intelligence Directorate, the GRU, “and is a well-known malicious cyber entity with a very long history of engaging in destabilizing and disruptive behavior.”
“The United States has previously indicted and sanctioned actors associated with APT 28 for their involvement in a wide range of malign cyber activities, such as the sustained hack-and-leak operations that targeted the World Anti-Doping Agency and cyber activities aimed at interfering in the 2016 U.S. presidential elections,” she said. “Of course, these are just a few of the many malign, disruptive, and destabilizing activities associated with APT28.”
In terms of the attack in Germany, the U.S. Department of Justice helped remediate the network of small office and home office routers that were used by APT28 to prosecute its attacks, and the United States helped to block the GRU from regaining access to the remediated devices.
“We all need to recognize that there are malicious, persistent cyber actors out there who will continue to seek opportunities to carry out destabilizing cyber intrusions,” said Principal Deputy Assistant Secretary Bachus. We need digital solidarity, which means “to work together on shared goals, to stand together, to help partners build capacity, and to provide mutual support.”