Don’t allow Russia’s hacking to go unpunished, experts warn U.S.
Pressure is building on the Obama administration to publicly identify the Russian hackers officials believe are behind cyber espionage on both the Democratic and Republican national party organizations.
A bevy of former officials and experts, including several not known for their hawkish tendencies, are loudly urging the White House to publicly attribute the hacks, and announce some form of retaliation — sanctions against Moscow, or even retaliation in kind with our own cyber weapons.
The hacks are seen as particularly egregious because, via the selective leak of email pilfered from the Democratic National Committee, they appear to constitute an attempt by Russian intelligence to affect the outcome of the U.S. presidential election.
Covert action over the line
“Direct covert action aimed at regime change in a fellow nuclear power and [U.N. Security Council Permanent Five ] member state is a line that shouldn’t be crossed,” said Jason Healey, a former White House official who now is a senior research scholar at Columbia University’s School for International and Public Affairs.
Healey said that, even during the height of the Cold War, the two superpowers had “messed around at the periphery” when it came to regime change, but generally avoided direct efforts to alter each other’s government.
“That kind of sucks if you were an Angolan or a Nicaraguan,” Healey said, naming two countries in which the U.S. supported armed insurrection against the internationally recognized government, “And if you’re a universalist, it won’t fly, but in the real world of how nations actually do this stuff there is a line … And [the Russians] crossed it,” with the DNC hack.
[Read more: Random hackers are taking NSA-linked cyber weapons for a test drive]
In 2015, President Barack Obama signed an executive order authorizing U.S. sanctions against anyone tied to a “cyber-enabled” activity that adversely affected U.S. national security, foreign policy, or financial and economic stability.
The order, which followed North Korea being named as the perpetrator of the Sony Pictures Entertainment hack, was seen at the time as a shot across the bows of Beijing — a way of warning China to halt commercial cyber espionage against U.S. corporations.
But it provides the legal rationale for sanctions against Russians or anyone else U.S. officials believe was involved in an attempt to tilt the U.S. election.
Violating norms in cyberspace
“If there is no reaction to a hack, an opponent will take this as a green light to continue,” wrote James Lewis of the Center for Strategic and International Studies.
He added that imposing sanctions would be in line with the Obama administration’s advocacy for global norms of behavior in cyberspace. “A central goal for international cybersecurity is to establish consequences for malicious action; without consequences, malicious cyber actions will increase.”
White House and State Department officials declined to comment to FedScoop, citing the ongoing FBI investigation into the hacks. The bureau’s press office did not respond to a query about any anticipated timetable for the probe’s completion.
[Read more: Scammers promise video proof of fake Clinton scandal, victims get malware instead]
Lewis noted that criminal indictments had been issued against state sponsored hackers from China and Iran and that sanctions had been applied to North Korea over the Sony attack. “The evidentiary standards for sanctions are lower than for indictments,” he added.
“The United States has four primary opponents in cyberspace, but we have [taken] effective action against only three of them,” he wrote.
The hacks of American political organizations “are part of a larger Russian effort to shape politics in the West to advance Russian foreign policy goals and damage the United States … using misinformation, subsidies, and Internet trolls,” he stated.
Other reports have linked the hacks to Russian support for extreme nationalist parties in Europe and its promotion of conspiracy theories about U.S. policy through fringe news organizations like RT.
And that has led some to conclude sanctions would be not be enough.
Beyond sanctions to cyberwarfare
Healey said that, while he would support “a vigorous and muscular response” from U.S. policymakers, “The problem is that Moscow may be insensitive to additional sanctions, so you’ve got to get into dirty tricks.”
He advocated using the military Cyber Mission Forces that U.S. Cyber Command has been assembling. “That’s what they’re for,” he said, advocating “getting into close [cyber] combat with these [Russian hackers.]”
Healey said that was not something he’d ever “be happy doing with the Chinese,” but the relationship with Russia was different.
“At some point, this is a Russia problem, rather than a cyber problem,” he said.
But that is precisely why U.S. policymakers need to weigh their response so carefully, argued Jim Ludes, a former policy adviser to then-Sen. John Kerry and now a vice president at Salve Regina University in Rhode Island.
“There was not much to lose in the relationship with North Korea” when the U.S. hit them with sanctions for the Sony hack, he said. “With Russia, there’s a whole lot more at stake. Look at Syria, look at Iran. The price [of sanctions or other responses] will be much higher.”
Even former Clinton State Department senior official P.J. Crowley says he supports retaliatory sanctions.
“Putin is going to be a problem for the next president in any event, but we are going to have to find a way to cooperate in some areas, such as arms control and Syria, even as we increase the costs to Russia regarding its activity in Ukraine and the DNC hack,” he said.
“We have to find a way to do both.”
Less ambiguity, more options
Because of the delicacy of that relationship, the precise quality of the evidence about the hack matters a great deal.
“The question that is still outstanding in my mind is the linkage from the hackers to the [Russian] government,” said Crowley. Russia is the most cyber-proficient U.S. adversary, and in the past, the Kremlin has used hacktivist or criminal organizations as fronts or cut-outs in cyber operations.
“What we don’t know is whether these guys did this as a target of opportunity or as something more strategic,” Crowley said, adding that their exact motivation mattered. “It very well could be a personal vendetta. Putin viewed Clinton’s comments [about demonstrations in Moscow protesting electoral fraud] in 2012 as interference in the Russian electoral system and could have encouraged these guys to look for an opportunity to return the favor.”
On the other hand, as one U.S. intelligence veteran is fond of saying, “Just because it’s a state actor, doesn’t make it a state act,” underlining the potential for state-sponsored hackers to moonlight, perhaps for their own financial gain.
[Read more: Thailand approves cyber plan, including offense for deterrence]
In any case, “The less ambiguity there is [in the evidence linking Russian intelligence to the attack], the more it frees up the president’s options” for retaliation, said Healey, adding “I want the government to talk more publicly about this and be real clear about what we know.”
But, as Ludes points out, being up front about the evidence might be difficult. “Potentially, we’re revealing our own sources and methods” of intelligence gathering. “There are going to be some really difficult judgment calls about how much we reveal.”
Healey recalled that, following a South Korean airliner being taken down by the Soviets in 1983, then-President Ronald Reagan overruled his intelligence chiefs and released U.S. recordings and transcripts of the Soviet pilot’s exchange with his controllers — revealing the U.S. had access to them.
“At some point, you have to say, ‘The American people — and the world — needs to know,'” he said.
Considerations at home
Ludes fears there might also be domestic political considerations at play in the administration’s thinking.
“I wonder if there’s a segment of the population who might see any action by the president through a partisan lens, as him lashing out on behalf of his party.”
It doesn’t help that the administration has previously dealt with these issues on a case-by-case basis: publicly attributing the Sony hack, but remaining silent about the Sands Casino hack, for example. The casino chain, owned by prominent conservative donor Sheldon Adelson, was crippled by a cyber attack in 2014, which has largely been independently attributed to Iran.
That’s why, Healey said, the president should pull together key members of Congress for a conversation about the next steps. “He has to make it bipartisan,” he said, “It has to be about defending democracy, not the Democrats.”