With Trump silent, reprisals for hacks may fall to Biden
WASHINGTON — All fingers are pointing to Russia as the source of the worst-ever hack of U.S. government agencies. But President Donald Trump, long wary of blaming Moscow for cyberattacks, has been silent.
The lack of any statement seeking to hold Russia responsible casts doubt on the likelihood of a swift response and suggests any retaliation — whether through sanctions, criminal charges or cyber actions — will be left in the hands of President-elect Joe Biden’s administration.
“I would imagine that the incoming administration wants a menu of what the options are and then is going to choose,” said Sarah Mendelson, a Carnegie Mellon University public policy professor and former U.S. ambassador to the U.N.’s Economic and Social Council. “Is there a graduated assault? Is there an all-out assault? How much out of the gate do you want to do?”
It’s not uncommon for administrations to refrain from leveling public accusations of blame for hacks until they’ve accumulated enough evidence. Here, U.S. officials say they only recently became aware of devastating breaches at multiple government agencies in which foreign intelligence agents rooted around undetected for as much as nine months.
But Trump’s response, or lack thereof, is being watched because of his preoccupation with a fruitless effort to overturn the results of last month’s election and because of his reluctance to consistently acknowledge that Russian hackers interfered in the 2016 presidential election.
Exactly what action Biden might take is unclear, or how his response might be shaped by criticism that the Obama administration did not act aggressively enough to thwart interference in 2016. U.S. government statements so far have not mentioned Russia.
Asked about Russian involvement in a radio interview Monday, Secretary of State Mike Pompeo acknowledged that Russia consistently tries to penetrate American servers, but quickly pivoted to threats from China and North Korea. Speaking to reporters Friday, Trump economic adviser Larry Kudlow did not commit to blaming the Kremlin, saying, “People are saying Russia. I don’t know that. It could be other countries.”
Democratic Sens. Dick Durbin and Richard Blumenthal, who were briefed Tuesday on the hacking in a classified Armed Services Committee session, were unequivocal in blaming Russia.
There are other signs within the administration of a clear-eyed recognition of the severity of the attack, which happened after elite cyberspies injected malicious code into the software of a company that provides network services. For instance, the civilian cybersecurity agency warned in an advisory Thursday that the hack posed a “grave risk” to government and private networks.
A response could start with a public declaration that Russia is believed responsible, already a widely shared assessment in the U.S. government and cybersecurity community.
Such statements often aren’t immediate.
Public naming-andshaming is always part of the playbook. Trump’s former homeland security adviser Thomas Bossert wrote this week in a New York Times opinion piece that “the United States, and ideally its allies, must publicly and formally attribute responsibility for these hacks.” Republican Sen. Mitt Romney said in a SiriusXM interview that it was “extraordinary” the White House has not spoken out.
Another possibility is a federal indictment, assuming investigators can accumulate enough evidence to implicate individual hackers.
Such cases are labor-intensive and often take years, and though they may carry slim chances of courtroom prosecution, the Justice Department regards them as having powerful deterrent effects.
Sanctions, a time-honored punishment, can have even more bite and will almost certainly be weighed by Biden. President Barack Obama sanctioned Russian intelligence services after the 2016 election interference and expelled Russian diplomats. The Trump administration and Western allies similarly expelled diplomats over Moscow’s alleged poisoning of an ex-intelligence officer in Britain.
The lack of any statement seeking to hold Russia responsible casts doubt on the likelihood of a swift response and suggests any retaliation — whether through sanctions, criminal charges or cyber actions — will be left in the hands of President-elect Joe Biden’s administration.
“I would imagine that the incoming administration wants a menu of what the options are and then is going to choose,” said Sarah Mendelson, a Carnegie Mellon University public policy professor and former U.S. ambassador to the U.N.’s Economic and Social Council. “Is there a graduated assault? Is there an all-out assault? How much out of the gate do you want to do?”
It’s not uncommon for administrations to refrain from leveling public accusations of blame for hacks until they’ve accumulated enough evidence. Here, U.S. officials say they only recently became aware of devastating breaches at multiple government agencies in which foreign intelligence agents rooted around undetected for as much as nine months.
But Trump’s response, or lack thereof, is being watched because of his preoccupation with a fruitless effort to overturn the results of last month’s election and because of his reluctance to consistently acknowledge that Russian hackers interfered in the 2016 presidential election.
Exactly what action Biden might take is unclear, or how his response might be shaped by criticism that the Obama administration did not act aggressively enough to thwart interference in 2016. U.S. government statements so far have not mentioned Russia.
Asked about Russian involvement in a radio interview Monday, Secretary of State Mike Pompeo acknowledged that Russia consistently tries to penetrate American servers, but quickly pivoted to threats from China and North Korea. Speaking to reporters Friday, Trump economic adviser Larry Kudlow did not commit to blaming the Kremlin, saying, “People are saying Russia. I don’t know that. It could be other countries.”
Democratic Sens. Dick Durbin and Richard Blumenthal, who were briefed Tuesday on the hacking in a classified Armed Services Committee session, were unequivocal in blaming Russia.
There are other signs within the administration of a clear-eyed recognition of the severity of the attack, which happened after elite cyberspies injected malicious code into the software of a company that provides network services. For instance, the civilian cybersecurity agency warned in an advisory Thursday that the hack posed a “grave risk” to government and private networks.
A response could start with a public declaration that Russia is believed responsible, already a widely shared assessment in the U.S. government and cybersecurity community.
Such statements often aren’t immediate.
Public naming-andshaming is always part of the playbook. Trump’s former homeland security adviser Thomas Bossert wrote this week in a New York Times opinion piece that “the United States, and ideally its allies, must publicly and formally attribute responsibility for these hacks.” Republican Sen. Mitt Romney said in a SiriusXM interview that it was “extraordinary” the White House has not spoken out.
Another possibility is a federal indictment, assuming investigators can accumulate enough evidence to implicate individual hackers.
Such cases are labor-intensive and often take years, and though they may carry slim chances of courtroom prosecution, the Justice Department regards them as having powerful deterrent effects.
Sanctions, a time-honored punishment, can have even more bite and will almost certainly be weighed by Biden. President Barack Obama sanctioned Russian intelligence services after the 2016 election interference and expelled Russian diplomats. The Trump administration and Western allies similarly expelled diplomats over Moscow’s alleged poisoning of an ex-intelligence officer in Britain.
PREVIOUS ARTICLE
