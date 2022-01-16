



A missing ingredient, some intelligence officials say, is an explicit message from Washington about the consequences Russia would face in the event of a cyber attack on critical targets such as the US power grid.

Sen. Mark Warner (D-Va.) speaks with reporters at the United States Capitol on October 6, 2021 in Washington, DC | Kevin Dietsch/Getty Images

While I think the red lines have been clear for several years now and highlighted most recently in the President’s signal to President Putin that infrastructure targeting remains a clear red line for the United States, what is less clear has been the United States’ articulation of specific consequences for crossing those red lines, Senate Intelligence Chairman Mark Warner (D-Va.) said in a statement to POLITICO.

At a meeting in Geneva last year, Biden handed Putin a list of 16 infrastructure sectors the United States has long defined as critical, telling him they should be barred from cyberattacks. The sprawling list includes energy, dams, food, hospitals, financial services, communications and government facilities.

I pointed out to him that we have significant computing capacity, and he knows that, Biden told reporters afterwards. Biden added, “He knows I’m going to act.

But on Friday came the hacking of Ukrainian websites with early indications related to Russia that Putin might be willing to test those borders.

Biden must be prepared to react aggressively if Russia crosses the line, said Rep. Jim Langevin (DR.I.), chair of the House Armed Services Committees’ cybersecurity subcommittee.

If Russia or the criminal hackers Putin allows to operate freely within its borders threaten American hospitals, utilities or other critical infrastructure, the United States must consider using all instruments of the state in response to such egregious aggression, Langevin said in a statement Thursday.

Russia and other countries, including China, Iran and North Korea, have not been shy about attacking American companies and agencies over the past decade, penetrating targets such as banks, insurance companies, the power grid and the US agency that maintains the nations nuclear weapons.

Russia has long asserted its place as a key cyber adversary. US authorities have charged her with two major breaches of State Department email, as well as the unclassified email system used by the Joint Chiefs of Staff. In 2018, the Cybersecurity and Infrastructure Security Agency warned that Russian hackers were actively targeting groups in the energy, nuclear, water, aviation and critical manufacturing sectors.

Most serious of all was Russia’s massive effort to influence the 2016 US presidential election, which included the theft and release of treasure troves of internal Democratic Party and Hillary Clinton campaign emails. in the months leading up to Donald Trump’s upset victory. Then-President Barack Obama responded by expelling dozens of Russian diplomats and imposing sanctions, but only after the election, fueling complaints that his administration had been too timid.

The Trump administration then took more direct action against Russia, including an operation by US Cyber ​​Command that shut down a St. Petersburg-based troll farm midterm in 2018. But Trump himself even undermined the US position by using a 2018 summit with Putin in Helsinki to say he did not believe Russia was responsible for the 2016 interference.

I spoke to a Russian friend who has connections to the FSB Russias Federal Security Service and he said that after the 2016 election interference we kept waiting to see what the Americans would do in return, and when they didn’t do anything, we decided we had overestimated the risk,” said James Lewis, director of the strategic technologies program at the Center for Strategic and International Studies.

We need to rebuild that credibility, Lewis stressed. The Russians and the Chinese are not afraid of us, so why would they stop.

Biden and his administration have taken steps to begin this effort over the past year. Biden took office as the government was still struggling to assess the full extent of the SolarWinds hack, a massive Russian spy effort that compromised at least nine federal agencies. His first year in office also saw an unprecedented rise in ransomware attacks, many linked to Russian hacking groups, including breaches that disrupted much of America’s gas and meat supplies.

Bidens’ responses included imposing sanctions on Russia in April as part of SolarWinds. The White House also hosted a virtual Anti-Ransomware Initiative meeting in October that brought together more than 30 countries to discuss ways to counter these disruptive attacks, and cybersecurity is an ongoing topic of discussion between Washington and Moscow. .

Those talks may have advanced in Moscow, with Russia’s FSB announcing on Friday that it had arrested members of the Russia-linked REvil ransomware group and confiscated hundreds of thousands of dollars in victim payments. The group was linked to attacks on major meat processor JBS and software maker Kaseya last year, and was among groups the administration had asked Moscow to rein in.

Later Friday, the White House said the arrested hackers also included a perpetrator of May’s Colonial Pipeline ransomware attack, which authorities blamed on the Russia-based gang DarkSide.

Everyone is wondering how to fend off the Russians, Lewis said. The greatest success of the Biden administrations has been in this collective effort, but I think Putin got the message at high-profile events.

The administration is also clearly aware of the potential for Russia to use cyberattacks to retaliate against the United States should tensions escalate further. The FBI, CISA and the National Security Agency on Tuesday issued a joint alert highlighting potential Russian threats to the country’s critical infrastructure.

Oil storage containers are displayed at the entrance to the Colonial Pipeline Company. | Chris Carlson/AP Photo

Russia has shown its ability to destroy critical infrastructure in the past, particularly in Ukraine, where Moscow-linked hackers turned off the lights of nearly a quarter of a million people for several hours over the winter. 2015, followed by a similar attack the next day. year.

John Hultquist, vice president of threat intelligence at cybersecurity group Mandiant, said his firm has been tracking an increase in Russia-linked cyberaggression against Ukraine.

We’ve certainly seen a lot of Russian cyber activity targeting Ukraine, Hultquist said. It is absolutely to be expected, they are in the midst of a very tense situation. I’m sure both sides collect as much as possible.

Lawmakers are also increasingly calling for stronger deterrence against cyberattacks, especially as more of their constituents fall victim to ransomware attacks linked to Russian groups.

As I have argued since 2018, the United States should, together with our allies, impress upon foreign adversaries the specific forms of response, whether or not [persona non-grata] decisions, sanctions, criminal prosecutions or retaliatory actions related to particular violations of international cybersecurity standards, Warner said.

In the House, top Republican Homeland Security John Katko argued for policy logic and strong, consistent adherence to policy to ensure that malicious actions are either too costly politically or impractical on the operational plan.

Rep. John Katko speaks during a House Homeland Security Committee meeting on Capitol Hill on July 22, 2020. | Andrew Harnik/AP Photo

Threats to critical infrastructure are real and growing, the New York Republican said. The only way to address these threats is to have a strong homeland security posture that allows us to identify the highest risks and work with private industry to mitigate them as much as possible.

The Cyberspace Solarium Commission, created by Congress, also examined the issue of deterrence by assessing the cyber needs of nations, ultimately issuing more than 100 recommendations that led to actions such as the creation of a National Cyber ​​Director to the White House. Sen. Angus King (I-Maine), co-chair of the commission, told POLITICO last month that the biggest unfinished business was and is the president’s release of a clear declarative cyber deterrence policy.

That hasn’t happened yet, King said during a Q&A with POLITICO. It must be clear and unequivocal that if this country is attacked in cyberspace, there will be a costly and costly response for the attacker. And so far, in our recent history, that has not been the case.

Amid Russia’s rise, National Security Advisor Jake Sullivan told reporters the administration would respond vigorously to any naked aggression that might occur.

Yet the United States must also deal with the risk that Russia will have its own robust response, such as a cyber attack, to any punishment imposed by Washington for an invasion of Ukraine.

It’s one of the ways the Russians project their power, so given our reliance on computer networks, it certainly wouldn’t be surprising to respond that way to sanctions they don’t like, said Christopher Painter, the former coordinator for cyber issues at the State Department. under the Obama and Trump administrations.

We have to show strength, Painter said. You lay down red lines, you say things are unacceptable, then they post it and do it, you have to react. You can’t just sit down.

