From Russia with Love: Understanding the Russian Cyber Threat to U.S. Critical Infrastructure and What to Do about It

19 Pages Posted: 2 Jun 2017 Last revised: 3 Dec 2017

See all articles by Scott Shackelford

Scott Shackelford

Indiana University - Kelley School of Business - Department of Business Law; Harvard Kennedy School Belfer Center for Science & International Affairs; Center for Applied Cybersecurity Research; Stanford Center for Internet and Society; Stanford Law School

Michael Sulmeyer

Harvard University, Harvard Kennedy School (HKS), Belfer Center for Science and International Affairs (BCSIA)

Amanda Craig

Indiana University Maurer School of Law

Ben Buchanan

Harvard University, Harvard Kennedy School (HKS), Belfer Center for Science and International Affairs (BCSIA)

Brian Micic

Indiana University Bloomington, Mauer School of Law, Students

Date Written: May 31, 2017

Abstract

In December 2016, the U.S. Department of Homeland Security disclosed that malicious software (malware) found on a computer system owned by a Vermont utility called the Burlington Electric Company was the same variant as that used to breach the Democratic National Committee (DNC). This admittedly overhyped episode is the latest in a string of cybersecurity incidents that involve U.S. critical infrastructure (CI) and that have been linked to Russia. Already, a number of nations have seen their systems compromised by such attempts, such as Ukraine, which experienced several of its substations crashing in December 2015 in β€œthe first-ever confirmed cyberattack against grid infrastructure.” Unfortunately, the same pattern played out in Ukraine on December 23, 2016. This Article examines the most recent such hacks and investigates the current state of U.S. efforts to advance cybersecurity, including to what extent the recently released draft Version 1.1 of the National Institute of Standards and Technology (NIST) Cybersecurity Framework will contribute to safeguarding vulnerable U.S. CI, and what further steps β€” such as an effective deterrence strategy β€” are needed going forward.

Keywords: Cybersecurity, Critical Infrastructure, Cyber Attack, Russia, NIST Cybersecurity Framework

Suggested Citation

Shackelford, Scott J. and Sulmeyer, Michael and Craig, Amanda and Buchanan, Ben and Micic, Brian, From Russia with Love: Understanding the Russian Cyber Threat to U.S. Critical Infrastructure and What to Do about It (May 31, 2017). Nebraska Law Review, Vol. 96, 2017; Kelley School of Business Research Paper No. 17-42. Available at SSRN: https://ssrn.com/abstract=2978305

Scott J. Shackelford (Contact Author)

Indiana University - Kelley School of Business - Department of Business Law ( email )

Bloomington, IN 47405
United States

Harvard Kennedy School Belfer Center for Science & International Affairs ( email )

79 JFK Street
Cambridge, MA 02138
United States

Center for Applied Cybersecurity Research ( email )

Wylie Hall 105
100 South Woodlawn
Bloomington, IN 47405
United States

Stanford Center for Internet and Society ( email )

Palo Alto, CA
United States

Stanford Law School ( email )

Stanford, CA 94305
United States

Michael Sulmeyer

Harvard University, Harvard Kennedy School (HKS), Belfer Center for Science and International Affairs (BCSIA) ( email )

Cambridge, MA 02139
United States

Amanda Craig

Indiana University Maurer School of Law ( email )

211 S. Indiana Avenue
Bloomington, IN 47405
United States

Ben Buchanan

Harvard University, Harvard Kennedy School (HKS), Belfer Center for Science and International Affairs (BCSIA) ( email )

Cambridge, MA 02139
United States

Brian Micic

Indiana University Bloomington, Mauer School of Law, Students ( email )

Bloomington, IN
United States

Register to save articles to
your library

Register

Paper statistics

Downloads
308
rank
96,147
Abstract Views
844
PlumX Metrics