For Russia to face one accusation of involvement in an incident of international intrigue may be seen as a misfortune; two within two days may look like carelessness.
Russian fingerprints are said to be all over the hack of SolarWinds software used by U.S. government networks, including the Treasury and Commerce Departments, the Department of Home Security (DHS), and several others, according to Reuters.
The allegations implicating Russia's external security service the SVR came just as an investigative website outlined the extensive role that Russia's internal security service, the FSB, played in the Novichok poisoning of President Vladimir Putin's most prominent opponent, Alexei Navalny.
The Bellingcat report identified a group of operatives from the FSB, including medics, who tracked the opposition leader and anti-corruption activist on more than 30 trips over three years.
Moscow denies any involvement in both cases which are sure to focus the minds of the incoming administration of President-elect Joe Biden.
Recent western efforts to contain Russia's behavior, such as the expulsion of diplomats, appear to have had little success. The Navalny poisoning had sparked EU sanctions, but the hacking of U.S. federal systems could prompt a sterner response.
"The scale of the hackers' attack is a much bigger thing than the new information about Navalny," Arkady Moshes, director of the EU's Eastern Neighbourhood and Russia program at the Finnish Institute of International Affairs think tank, told Newsweek.
"It is much more dangerous for Russia, for Russian-western relations, and if even for international stability because this is when both sides can start playing really nasty."
Ties between Moscow and Europe had already hit a low in 2018 following the Novichok poisoning of former Russian spy Sergei Skripal in Salisbury, England.
But the actions of agents—both secret and nerve—did not seem to dent the push for the west to re-engage with Russia, which got backing to return to the Council of Europe in June 2019, after its expulsion for the 2014 seizure of Crimea.
It means that further information about how Navalny was tracked and targeted is unlikely to change the calculus of any western response to Moscow, but the hacking attack just might.
"I don't expect Europe to change its position because Europe is afraid to provoke Russia," said Moshes, "but the hacking attack is a different story because it affects the United States and the United States can react differently."
He continued: "They will not ask for a court in the Hague to start an investigation, they might respond in kind.
"I believe Americans know how to send certain signals to Russia and make the Russian government understand that the consequences might be quite severe," he said.
"The new American administration might just simply need to show that it also can play hardball, and show that it might deal with Russia differently to its predecessor."
Former U.S. ambassador to Moscow, and vocal critic of President Donald Trump, Michael McFaul, signaled the difficulty faced by the incoming Biden administration in how to tackle Russia.
"It's very important reminder that the Russian threat—not just China—will be a central challenge for the Biden administration and our allies for many years to come," McFaul tweeted.
It’s very important reminder that the Russian threat — not just China — will be a central challenge for the Biden administration and our allies for many years to come. https://t.co/crxooFFgBr
— Michael McFaul (@McFaul) December 14, 2020
Meanwhile, cybersecurity expert Dmitri Alperovitch told the Associated Press that the hack which compromised the corporate software management tool SolarWinds could be "one of the most impactful" espionage campaigns ever.
The next move by the U.S. could depend on whether Russia had simply carried out a clandestine information gathering hack or made a definite move to destabilize the country.
"It is unlikely to yield any substantive reply from the U.S. other than to redouble its own efforts to gain access to similar Russian systems," Alan Mendoza, executive director of the Henry Jackson Society think tank, told Newsweek.
"Of course, should it be discovered that there was a Russian intention to destabilize systems as with the various 2016 hacks," he said, "then we can expect a much tougher U.S. response, perhaps even during the transition given the Trump State Department's record of firm action for previous serious incursions."
Much like with the Navalny case, the Russian embassy in Washington DC has been strident in its denial. It said in a statement that Russia "does not conduct offensive operations in the cyber domain."
Amid the likelihood that similar attempts by the NSA and GCHQ to crack Russian state communications were being made, "it is really about recalibrating and enforcing the etiquette of international behavior," said Mark Galeotti, honorary professor at University College London's School of Slavonic and East European Studies.
"There is 'some' sense of limits. The problem is that too often the United States in particular gives the appearance that its problem is with what Russia is, not what it does. There's little that can be done on that basis," he told Newsweek.
The graphic below from Statista outlines President Vladimir Putin's time in power.
