Red Square

Image from Pixabay

You rent a small plane, fly it to Moscow, and park it on Red Square. Back in 1987, 18-year-old German Mathias Rust embarrassed the Soviet Union in spectacular fashion.

At the time, the Iron Curtain was still firmly in place, and Soviet air defense was ruthless. Just five years earlier, Korean Air Flight 007, a Boeing 747 en route from New York to Seoul, made a navigational error and entered restricted Soviet airspace. It was mercilessly shot down, killing all 269 people on board.

Naturally, the world was outraged. Rust benefited from that outrage, as the Red Army became more cautious about potentially civilian flights. He was detected by air defense and even accompanied by a MiG fighter jet, but no permission was given to shoot him down. Apparently, communication between military units was lacking, because further along his route, they had no idea and assumed the radar blip was a student pilot who forgot to turn on his transponder (a device that identifies aircraft). Elsewhere, they thought it was a rescue helicopter or a training aircraft.

And so it happened that Rust circled over the Kremlin on the evening of May 28, 1987, and landed his Cessna in the heart of Russia. He did so as a peace activist, and according to historians, his stunt accelerated the fall of the Soviet Union by giving President Gorbachev arguments to dismiss political and especially military opponents. Rust’s hero status quickly faded after serving fifteen months in prison and returning to Germany, where the media portrayed him as eccentric and mentally unstable, and he got into legal trouble.

Let’s pause to consider Russian defense. Their radar spotted Rust within minutes, but it took an hour before a fighter jet joined him—and did nothing. Despite the Cessna clearly being a West German aircraft, they simply left—allegedly due to confusion caused by a plane crash the day before. At each point where Rust was noticed, incorrect assumptions led to ignoring a potential threat.

And from the Soviet perspective, it certainly was a threat. How would our own defense react if a Russian drone appeared over our parliament buildings? Hopefully, that’s the wrong question—ideally, such a drone would be intercepted long before reaching that point, even far beyond our borders. But if an (armed) drone did make it that far, it would pose a serious threat to national leadership. That’s likely how it felt in the Kremlin, too. No wonder Gorbachev could easily dismiss hundreds of top military officials. They had failed.

This historical tale offers lessons beyond the military domain. First: you need oversight. If a threat is repeatedly detected but consistently dismissed as unimportant and not reported, its true scale remains unclear. An example from my world: a virus on a few computers that gets neutralized by antivirus software is no big deal. But if infections multiply, you’re facing an outbreak and need different measures. But that requires visibility.

Making assumptions (“it’s probably a rescue helicopter”) is also dangerous. Was there a lack of clear instructions, or just indifference? Again, in the realm of cybersecurity: if you receive a suspicious email and yet assume it’s fine, and then click the link or open the attachment, you’re making the same mistake as those Soviet radar operators—you see the threat but choose to ignore it.

If Rust’s stunt truly accelerated the fall of the Soviet Union, it’s a prime example of a small action with massive consequences. Today, we see that with ransomware: one careless click by a single employee can bring down an entire organization.

Let’s make sure the lessons from Rust’s flight don’t, well, rust away. Protect your own Red Square.

2025-09-26

Red Square

And in the big bad world…

No comments: