It's a story like something out of a bad detective novel. A series of crimes occurs and the police always find the same suspect at the scene of the crime. He would have a motive, but he always maintains his innocence and nothing can ever be proven.
Sounds corny? But in reality, it's more or less the same. When it comes to politically motivated attacks via the Internet, they are almost always associated with Russia. A cyberattack on the German Bundestag in 2015 - the suspect: Russia. That same winter, just before Christmas, the power grid of a utility in western Ukraine is remotely shut down. The suspect: Russia. A large-scale DDoS attack on Estonia in 2007, a 2018 interception of documents from the German Foreign Ministry, or even an intrusion into the computer systems of the Swiss defense contractor Ruag starting in late 2014. The suspect in each case: Russia.
A motive does not always seem hard to find. The DDoS attack on the Estonian parliament, media and banks in 2007 was preceded by a bitter dispute over a Soviet monument in Tallinn. The power cut in Ukraine seems like a side effect of the conflict in eastern Ukraine. Even in the 2016 U.S. presidential campaign, Russia allegedly interfered in the form of cybercrime to damage the reputation of candidate Hillary Clinton. The latter had previously publicly questioned the legitimacy of the Russian elections of 2011. A late revenge?
The search for the reason for the Ruag hack, which only became public in 2016, is less clear. "Russian hackers expose secret Swiss elite force," ran the headline in the Neue Zürcher Zeitung in May 2016. But why? From secret documents, the attackers had possibly been able to view covert personnel details of the AAD 10 intervention force. Federal Councilor Guy Parmelin and Ruag had initially suspected industrial espionage. But political motives were not ruled out either. For example, Switzerland supported Western sanctions against Russian oligarchs. Russia saw this as a violation of neutrality.
So could the much-discussed scenario come true, that the conflicts of the future will no longer be fought on the battlefields but in the networks? In an interview with the "Tagesanzeiger" last October, Parmelin paints a bleak picture: "It is conceivable that one day an enemy will attack us and paralyze our critical infrastructures, the hospitals, the nuclear power plants, the traffic. There comes a moment when our vital interests are affected, like a bombing."
Defense would then primarily mean defense against cyberattacks, securing networks and infrastructure so that public life cannot collapse. And here, the question of who is to blame would suddenly become secondary. It does matter who is attacking, but it can rarely be determined beyond doubt anyway.
Thus, in the case of the paralyzed Ukrainian power grid, there is also an alternative theory to "Moscow is to blame." Ukraine harbored efforts to nationalize the privatized power grid, writes the Bulletin, referring to U.S. security expert Robert Lee. That may have drawn the ire of an oligarch who owns some of Ukraine's private utilities. A Russian oligarch indeed, and the whole thing certainly also a concomitant of the conflict in eastern Ukraine, but primarily an economic motive, not a political one.
Either way, Parmelin sees an increased need for cyber specialists. One surprising problem here: Google. The IT search giant wants to expand further in Switzerland - which is actually good news. However, of 250 IT experts who graduate from ETH each year, a large proportion went directly to Google. The remaining graduates, he says, are far too few for the cyber war, even if they could all be convinced to join the defense.