The Arkin Group

March 4, 2021

The Biden administration has made good on threats of new sanctions on Russia over the poisoning and imprisonment of opposition leader Alexey Navalny, designating seven individual Russian officials and more than 12 government entities. These include the head of Russia’s federal security service, the head of the country’s prison system, the Russian prosecutor general, and other officials in the Kremlin and the Russian defense apparatus. The sanctions announced thus far were designed to work in coordination with EU sanctions, and the Biden administration is also planning new sanctions related to Russian hacking of U.S. government entities and private sector companies. Separately, the U.S. announced a $125 million military aid package for Ukraine, which will include two patrol boats for the defense of its territorial waters, radar equipment, satellite imagery and analysis, and military training. Another $150 million is congressionally approved for military aid to Kyiv for in 2021, conditional upon demonstrable progress on military reforms, including improved transparency in procurement. U.S. actions thus far this year address two of the major flashpoints in the U.S.-Russia relationship – cyberattacks on the U.S. and military aggression in Ukraine. These are and should continue to be top security priorities for the U.S. However, they are not the only instances of Kremlin aggression that merit U.S. and its European allies’ focus. Results of an investigation by U.S., Russian, German, and Estonian media and anti-corruption outfits suggest that Russia has mounted aggressive influence operations throughout the Baltics, Eastern Europe, and Africa. These operations, spearheaded by Kremlin-linked oligarch Yevgeniy Prigozhin (who is on the FBI Most Wanted list for conspiracy to defraud the U.S.), are serving to disseminate pro-Russian “expert opinion” and attempt to help bring about election outcomes seen as favorable to Russia. The U.S. and its allies in Europe should take note that Russia is not confining its grandiose influence ambitions to countries with the defense capabilities to detect and counter them, and that a broad, multilateral defense structure may prove essential to containing Kremlin aggression.

U.S. President Joe Biden’s virtual bilateral meeting with Mexican President Andrés Manuel López Obrador (AMLO) this week marked a pivot on U.S. immigration policy, with Biden signaling a desire to return to full cross-border trade relations and openness to expanding pathways to legal immigration. However, despite Biden’s intention to reverse a number of the previous administration’s immigration policies, he has left in place a Trump-era policy that authorizes immigration enforcement agents to immediately deport persons found to have crossed the border illegally back to Mexico before providing them with a chance to request asylum, likely to prevent a flood of new entrants large enough to trigger a border crisis. In the days leading up to the meeting, AMLO expressed support for large increases in the number of work visas available to migrants from Mexico and Central America more broadly, though no concrete agreements were reached on that issue. Also conspicuously absent from the two countries’ official statement on the talks was any specific mention of Covid-19 vaccines, though AMLO had indicated interest beforehand in securing a U.S. commitment to share its supply or push U.S. pharmaceutical companies to sell more to Mexico. AMLO has been largely pragmatic in his dealings with the U.S. and will need to work with the new administration to tackle the pandemic, which has killed nearly 190,000 people in Mexico so far, to accelerate economic recovery following a staggering 8% GDP contraction last year.

A U.S. contractor was killed in a rocket attack yesterday on the Ain al-Asad air base in Anbar province, which houses U.S., Coalition, and Iraqi troops. Official Iraqi sources report that ten rockets were fired at the base, while other sources put the number slightly higher, at more than a dozen. No one has yet claimed responsibility for the attack. However, it comes just a few days after a U.S. airstrike on facilities in Syria tied to the operations of Iran-backed militia groups (and just two days before Pope Francis is scheduled to land in Baghdad for his first official visit to Iraq). Ongoing, elevated U.S.-Iran tensions are continuing to erupt in proxy battles in Iraq and elsewhere in the region, even as the U.S. attempts to chart a new course in the relationship by pivoting from the confrontational approach of the Trump administration to a return to the negotiating table. Tehran rejected an offer this week by the U.S. and the EU to restart nuclear talks with the aim of the U.S returning to the multilateral agreement that it signed in 2015 and then exited in 2018. Tehran’s refusal is widely understood to be a bid for opening concessions, specifically a degree of certainty that restarting talks would trigger sanctions relief. This latest attack on U.S. forces – for which the White House has warned that a military response could be forthcoming – will make the Biden administration’s intended policy shift on Iran more difficult. But de-escalation is in Iran’s best interest, both as the clearest path forward for a relaxation of sanctions, and as its neighbors in the region have moved to set aside their historic animosities aside with the goal of more effectively countering the threat of destabilizing actions by Tehran.

February 25, 2021

The U.S. and EU are coordinating new sanctions on Russia for the poisoning and imprisonment of political dissident Alexey Navalny, and the U.S. is also planning sanctions related to the SolarWinds hack and other recent cyber incidents traced back to Moscow. The EU sanctions, set to take effect sometime next week, entail an asset freeze and travel ban on the heads of Russia’s national guard and its prison service – the organizations it says are responsible for Navalny’s detention and prosecution. U.S. Secretary of State Anthony Blinken discussed the new sanctions with EU officials via teleconference, in which they also covered broader Russia and China issues and a possible revival of the Iran nuclear deal from which the U.S. withdrew in 2018. The U.S. plans to announce new sanctions on Russia in coming weeks for Navalny’s poisoning and imprisonment in coordination with the EU, but also as a broader response to various Russian activities, including the SolarWinds hack that targeted nine U.S. government agencies and ~100 private sector firms and efforts to influence U.S. electoral politics and steal vaccine research. The U.S. is simultaneously developing stronger defensive cyber measures to complicate Russian efforts to penetrate both public and private sector networks. Part of the U.S. approach is to label Russia’s hack of SolarWinds as “indiscriminate”, contrasting it with legitimate, state-vs-state cyberespionage activities. This classification also forms the basis of international limitations on certain classes of weaponry – like chemical and biological weapons – that do not distinguish between combatant and civilian targets. This approach provides clues to how the U.S. may seek to engage allies and other like-minded entities in establishing multilateral rules of the road for cyberwarfare.

Petrobras shares took a tumble following the sacking of the Brazilian oil and gas giant’s CEO by President Jair Bolsonaro. Last Friday, Bolsonaro fired Petrobras chief executive Roberto Castello Branco and has replaced him with an army general, Joaquim Silva e Luna, who has no experience in the oil and gas sector but is considered a loyalist to the president. The abrupt firing of the CEO came after a dispute over pricing and the company’s policy of setting fuel prices in accordance with international levels at a time when energy prices are increasing globally. The move resulted in a tumultuous week in trading for the São Paulo-listed company – its stock fell 20% on Monday – and the broader market, with the Bovespa index falling as well. Petrobras has recovered some ground in the days since, but investors have reacted negatively to the move by Bolsonaro, which they see as government interference in Petrobras specifically and free markets more generally. In what has become typical Bolsonaro style, he denied interfering and doubled down on his populist message by seemingly threatening government intervention in the electricity sector next, saying: “If the press is worried about yesterday’s switch [in CEO], next week there will be more.” Economists are now concerned that Bolsonaro could remove the finance minister, Paulo Guedes, who has been in favor of reducing the role of the state in the economy. At the same time, the Petrobras situation raises real concerns for Brazil’s economic recovery as it emerges from the pandemic.

India and Pakistan have announced their shared intentions to observe conditions of a cease-fire agreement reached in 2003 which, if upheld, would bring an end to regular skirmishes across the two countries’ shared border. The directors general of the Indian and Pakistani militaries held discussions over the phone this morning, and the two sides agreed to a cease fire along the Line of Control – the 460-mile de facto border between the two countries in the disputed region of Kashmir – and all other border areas from midnight tomorrow. While violence at the border is mostly limited to small-scale confrontations, these occur regularly and cause dozens of fatalities annually, including civilian deaths. There were more than 5,000 incidents last year involving the trading of fire across the Line of Control in Kashmir alone. Decades of simmering conflict between the two nuclear-armed neighbors has long posed a major risk to regional stability, and if localized hostilities were to meaningfully escalate, they could trigger a larger conflict with global repercussions. This latest announcement should be regarded as a positive sign, but it is by no means a guarantee of a lasting peace. A definitive end to regular confrontations will require that both sides uphold their end of the bargain. Historical precedent offers plenty of reason for skepticism.

February 18, 2021

The Justice Department has charged three North Koreans in connection with some of the highest-profile cyberattacks in recent history, including the Sony hack, the theft of more than $80 million from Bangladesh’s central bank, and the WannaCry ransomware attack that impacted more than 200,000 computers worldwide. The indictment accuses the three men of attempted theft/extortion of more than $1 billion. Separately, South Korean officials have released information based on a briefing from the country’s intelligence apparatus that North Korean hackers targeted Pfizer and other leading pharmaceutical companies for information on Covid-19 treatments and vaccines (despite Pyongyang’s dubious claim that the country has had no Covid-19 cases). U.S. and international sanctions on North Korea have effectively cut it off from international financial systems and beggared the country in the process. However, this has not yet engendered policy shifts on Pyongyang’s part. The North Korean regime maintains its political and economic stranglehold on the country and is also continuing to advance its nuclear program. However, sanctions have forced the regime to employ any means at its disposal to finance that program – along with other government spending – including counterfeiting, smuggling drugs and other illicit goods, and now cybertheft. While North Korea’s embrace of hacking as a fundraising tool is no surprise, its capabilities and sophistication are noteworthy and concerning and strengthen the argument for multilaterally agreed rules-of-the-road on cyberespionage and cyberwarfare.

A White House statement indicates that the SolarWinds hack took place from inside the United States, though U.S. officials still see the attack as being perpetrated by the Russians. According to the White House, launching the attack from within the country added an extra layer of protection to the hackers by complicating efforts to detect and monitor their activity. Information about the SolarWinds hack, which was both highly sophisticated and wide-ranging (affecting multiple U.S. agencies and ~100 private sector companies), was first made public in December 2020 and continues to emerge as the attack’s scope and scale come into focus. Reporting from earlier this month indicates that Chinese hackers also discovered and exploited flaws in SolarWinds software, though their efforts were separate from the Russians’, which adds another dimension to the cybersecurity threat the U.S. is facing. The Biden administration’s appointment of former NSA cybersecurity director Anne Neuberger to lead the SolarWinds response is a positive sign that it considers the breach to be among its most pressing priorities. It is critical in the wake of this attack that the U.S. commit the resources necessary to bolstering both our defensive and offensive capabilities in this sphere and push for greater multilateral cooperation on holding bad national actors to account.

Below-normal temperatures in the southern U.S. triggered a broad swath of power outages and systems failures that have cut oil production by as much as 4 million barrels per day, the equivalent of ~40% of total U.S. output and ~4% of global output. Infrastructure in oil-producing states like Texas and New Mexico was not designed to withstand severe cold, which has forced the shutdown of wells, pipelines, and refineries and iced over roads used for trucking. U.S. natural gas production has also suffered severe disruptions to upstream and downstream facilities, prompting Texas’s Governor to shut off gas exports outside the state. The brunt of the impact is being felt domestically, both in terms of commodity prices (natural gas prices at the main U.S. Gulf Coast Hub briefly spiked to $30/million British thermal units from less than $3.25 a week prior) and impact on companies throughout the oil and gas value chains. However, the effect is also being felt internationally. Mexico, which relies heavily on U.S. pipeline gas, saw supply interruptions that suspended work at two auto manufacturing plants in the northern part of the country. Oil price benchmarks in both the US and Europe have reached levels not seen for over a year, driven in part by changing forecasts for the duration of the outages, which were initially expected to be short-lived. The discovery of methods for extracting oil and gas from tight rock formations at reasonable prices marked a dramatic change in the world energy order and moved the U.S. back into a position of being a major global supplier after many years of being at the mercy of global market conditions. And as weather patterns shift and startling weather events grow more common, they represent another shift – a growing threat to critical infrastructure designed specifically for the climactic conditions common in the locations where they were built, or built to withstand events that fit within previous patterns of “normal”. The U.S. military referred to climate change as a “threat multiplier” as far back as 2014. The real impact is now coming into focus, and plans to shore up our critical infrastructure against an evolving physical threat must be a priority.