Saturday, July 30, 2016

If Russia Did Hack, How Should Obama Retaliate?

If Russia Did Hack, How Should Obama Retaliate?
If you know anything at all about Cyber Warfare which has been ongoing since before the Internet existed both governmental and private hackers are making life in places like Russia and China hell already because of those attacks on our election system. It will not show up in the news because of Russia and China saving face but it is happening and will get worse and worse in both directions. There is a cyber shit storm all over the world right now of attacks and counter attacks. But don't expect to hear about it in the news.
 
 
 begin quote from:
ASPEN, Colo. — It has been an open secret throughout the Obama presidency that …

If Russia Did Hack, How Should Obama Retaliate?

Photo
President Obama during a visit to a government cybersecurity center in Arlington, Va., in 2015. Credit Stephen Crowley/The New York Times
ASPEN, Colo. — It has been an open secret throughout the Obama presidency that world powers have escalated their use of cyberpower. But the recent revelations of hacking into Democratic campaign computer systems in an apparent attempt to manipulate the 2016 election is forcing the White House to confront a new question: whether, and if so how, to retaliate.
So far, the administration has stopped short of publicly accusing the Russian government of President Vladimir V. Putin of engineering the theft of research and emails from the Democratic National Committee and hacking into other campaign computer systems. However, private investigators have identified the suspects, and American intelligence agencies have told the White House that they have “high confidence” that the Russian government was responsible.
But suspecting such meddling is different from proving it with a certainty sufficient for any American president to order a response.
Even if officials gather the proof, they may not be able to make their evidence public without tipping off Russia, or its proxies in cyberspace, about how deeply the National Security Agency has penetrated that country’s networks. And designing a response that will send a clear message, without prompting escalation or undermining efforts to work with Russia in places like Syria, where Russia is simultaneously an adversary and a partner, is even harder.
The Russians tried to make it tougher still on Saturday when they declared that they had found evidence of American activity in their government systems.
It was hardly a shocking revelation; anyone who leafed through Edward J. Snowden’s revelations saw evidence of daily efforts to break into Russian spy agencies, nuclear installations and leadership compounds.
But in a talk on Friday evening at the Aspen Security Forum, an annual gathering that draws many of the nation’s top intelligence and military officials, John O. Brennan, the director of the Central Intelligence Agency, made clear that while spying on each other’s political institutions is fair game, making data public — in true or altered form — to influence an election is a new level of malicious activity, far different from ordinary spy vs. spy maneuvers.
Continue reading the main story
“When it is determined who is responsible for this,” Mr. Brennan said, choosing his words carefully to avoid any direct implication of Russia, there “will be discussions at the highest levels of government about what the right course of action will be. Obviously interference in the U.S. election process is a very, very serious matter.”
The Russia problem is thorny, and persistent. Just four months into his presidency in 2009, President Obama and his top national security advisers received a warning from American intelligence agencies: Of all the nations targeting America’s computer networks, Russia had the most “robust, longstanding program that combines a patient, multidisciplinary approach to computer network operations with proven access and tradecraft.”
Mr. Obama might have been a bit distracted at the time. While setting up his new administration, he was also learning the dark arts of cyberwar, descending into the Situation Room to oversee a complex American-Israeli offensive operation to disable Iran’s nuclear centrifuges. He expressed concern to his aides that the operation would help fuel the escalation of cyberattacks and counterattacks.
The concern was justified. Since then, Iran has attacked Saudi Arabia, Russia has brought down a power grid in Ukraine, the North Koreans have attacked the South. The list gets longer every month.
But deterrence has been spotty. In the D.N.C. case, two senior administration officials spoke on the condition of anonymity to discuss the options being considered by midlevel officials, ranging from counter cyberattacks on the F.S.B. and the G.R.U., two competing Russian spy agencies at the center of the current hacking, to economic, travel and other sanctions aimed at suspected perpetrators.
But each approach has downsides: A counterattack, for example, one senior official said, “brings us to their level, and their moral code.”
At the same time, the cost of doing nothing could be high. As the United States and other nations move to more electronic voting systems, the opportunities for mischief rise exponentially. Imagine, for example, a vote as close as the 2000 presidential election between George W. Bush and Al Gore, but with accusations about impossible-to-trace foreign manipulation of the ballots or the vote count, leaving Americans wondering about the validity of the outcome.
For Mr. Obama, the president who has done the most to raise alarms about the risks of cyberattacks and the most to build up the United States Cyber Command, this territory is fraught with politics, intelligence trade-offs and questions of American values.
“I think that the administration needs to be ironclad on the evidence here to convince the American people that this is about policy, not politics,” said Jason Healey, a scholar at Columbia University who specializes in cyberconflict between nations. “This has got to be about defending a constitutional process, not a party.”
Mr. Obama often says the world of cyberconflict is still “the Wild West.” There are no treaties, no international laws, just a patchwork set of emerging “norms” of what constitutes acceptable behavior.
For example, Mr. Obama has pressed President Xi Jinping of China to work with the United States and other nations to develop rules about the theft of intellectual property, and about not interfering with a nation’s efforts to bring attacked systems back online. Attacking another nation’s power grid in peacetime is considered out of bounds.
But every new case brings a new and imaginative way to weaponize cyberpower. Until November 2014, when North Korea hacked into the computers at Sony Pictures Entertainment in retaliation for a comedy that portrayed a C.I.A. plot to assassinate Kim Jong-un, the country’s leader, no one seriously considered a movie studio to be “critical infrastructure.”
Yet the attack on Sony — which melted down 70 percent of its computing power — was the only case that brought the president to the White House press room to accuse another nation of launching a deliberate cyberattack, and to promise retaliation. Mr. Obama said he was driven to go public by the fact that North Korea was trying to suppress free speech and intimidate Americans with threats if they went to the theater.
It is unclear how the United States may have retaliated against the North in secret, if it even did so. But the public punishment, the announcement of some mild economic sanctions, seemed highly ineffective. They were lost in the sea of other sanctions imposed on the North since the signing of the armistice that halted, but did not end, the Korean War 63 years ago.
Yet the decision to name North Korea — a country with which the United States does no other real business — was an outlier.
China was never formally named in the theft of the security clearance files on more than 21 million Americans, revealing fingerprints, personal financial details and the personal data about family, friends and former lovers. To James R. Clapper Jr., the director of national intelligence, that wasn’t an “attack,” it was just very good espionage. Given the chance, he said last year, “we would have done the same thing.”
Similarly, the administration decided not to call out Russia when the same intelligence agencies implicated in the D.N.C. attack were believed to be behind the siphoning of tens of thousands of unclassified emails from the systems of the State Department and the White House. There was also a more targeted cyberespionage operation, which investigators attributed to the same actors, aimed at the Joint Chiefs of Staff. But again, it was considered within the bounds of spy vs. spy.
Speaking at the Aspen forum on Thursday, Mr. Clapper, while stepping around who had conducted the hack, said that in Mr. Putin’s mind, the United States had meddled in Russian politics, in Ukraine and Georgia — all part of former Soviet territory. (Mr. Putin complained that Hillary Clinton, in 2011, helped spark protests over a Russian parliamentary election that the United States considered riddled with voter fraud.)
“Of course they see a U.S. conspiracy behind every bush and ascribe far more impact than we’re actually guilty of, but that’s their mind-set,” Mr. Clapper said. “And so I think their approach is they believe we are trying to influence political developments in Russia, trying to effect change, and so their natural response is to retaliate and do unto us as they think we’ve done unto them.”
He later described Mr. Putin as “paranoid” and said “he is less of a throwback to the Communist era, than to the czars.” He added later: “He wants to be seen as the leader of a great power, coequal with the United States.”
Continue reading the main story

Related Coverage

 

No comments: