Russian hackers target US tech companies with little accountability
Marietje Schaake, International Policy Director at Stanford's Cyber Policy Center, Eurasia Group senior advisor and former MEP, discusses trends in big tech, privacy protection and cyberspace:
Has Russian behavior in cyber changed after President Biden and President Putin's meeting earlier this year?
Well, unfortunately, we see ongoing assertiveness and aggression from the Russian side, targeting the US government, but also US tech companies. And the fact that there is so little accountability probably keeps motivating. Shortly before the Russian elections, Apple and Google removed an app built by opposition parties, to help voters identify the best candidate to challenge Putin's party. The company cited pressure on their employees in Russia, but of course, the pressure on the Russian population is constant. And after these dramatic events, the silence from Western governments was deafening.
What about US companies being targeted by attackers from Russia?
Well, it is a very inconvenient truth that the very companies whose software we all rely on is not secure enough to withstand these attacks. And again, the lack of accountability of attackers is a problem. Intelligence gathering currently does not violate international law and is rarely met with sanctions, even if the consequences of breaching systems, can be significant throughout an ecosystem. There is a legal vacuum and a political vacuum, in clarity around what is and is not acceptable. So, a combination of state accountability, and corporate liability standards are needed, to change the status quo.