Empowered US Cyber Command Goes on Offense Against Russia
The United States is increasing its cyber attack warfare against Russia, according to an in-depth report from The New York Times based on a wealth of interviews with government officials privy to the matter. Specifically, the Pentagon has deployed computer code within the Russian power grid system in retaliation for Russian interference in the 2016 presidential election. Cyber warfare is nothing new, but the information within Special Counsel Robert Mueller’s report to the Department of Justice detailed the extent of Moscow’s activities designed to influence the election.
Volume I of the two-part report analysed the impact and methods of Russian hacking. The most notable case was the hacking and subsequent publication of Democratic National Committee emails. A month later, US President Donald Trump invited Moscow to dig up more information on his opponent, Hillary Clinton.
“Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing,” Trump said on live television at a campaign rally. “I think you will probably be rewarded mightily by our press.”
While Trump attempted to downplay the effects of Russian involvement in the election, the Mueller Report made it abundantly clear that Moscow was behind it all.
“I will close by reiterating the central allegation of our indictments—that there were multiple, systematic efforts to interfere in our election,” Mueller said at a press conference.
Attempts to hack electoral databases and even voting machines were also successful, proving the lengths to which Russia was willing to go to sway the election in Trump’s favor. Systems in at least one Florida county were hacked before the election and malware was even planted in systems through their manufacturer. In the State of Maryland, ownership of the machines and data center was called into question when the Federal Bureau of Investigation revealed that the supplier was partially owned by Vladimir Potanin, a Russian business magnate and friend of Russian President Vladimir Putin. It later prompted an ownership change to a new firm, and the shifting of the data center to Virginia-based Intelishift.
Legislation designed to boost election security and enhance the sharing of cyber information between government agencies has been stalled in the US Senate. Majority Leader Mitch McConnell, a staunch Republican ally of Trump, has refused to even hold votes on the bills which would provide more than $1 billion to enhancing cyber security. US elections are, by design, remarkably decentralized, with states and counties having full control of the process. A severe lack of federal control makes it difficult for states to properly secure their systems, particularly when information on threats is not disseminated adequately. Even if a local government has information on possible cyber attacks, they often lack the funds to act on them in a responsible way, threatening the sanctity of the democratic process.
With efforts to enhance election security roadblocked by McConnell, government agencies have turned to attacking back and putting Moscow on notice. The first step was a military authorisation bill passed last year. This gave power to the Secretary of Defense to authorize “clandestine military activity” virtually through the internet. Notably, the new powers do not require presidential approval and Trump is possibly kept in the dark about such acts of cyber warfare.
Trump himself also granted more power to the US Cyber Command, which allows the commander, General Paul Nakasone, to carry out his own cyber offensive operations. These too do not require Trump’s approval.
According to the Times report, Cyber Command began striking back at the Internet Research Agency, located in St. Petersburg, Russia. This group spread disinformation via Facebook and Twitter prior to the 2018 midterm elections. Cyber Command also targeted the G.R.U., Russia’s military intelligence agency, and even individual officers by sending them text messages that, in essence, amounted to threats.
“They sent text messages to individual Russian officers and hackers, saying ‘we know who you are. We know where you live. We know your phone number, and if you mess with us, you’re going to pay a price’,” said David Sanger, New York Times national security correspondent.
Attacking Russia’s power grid has been on the menu since at least 2012, according to government officials. Empowered by new authority, Nakasone has led his agency to pursue more of an offensive nature. Reconnaissance probes embedded within Russian power grid systems proved that they were vulnerable. Little is known about the malware that has been reportedly installed under Nakasone’s command, but presumably it has the capabilities of flipping the switch on the Russian power grid.
Trump was reportedly not briefed on the recent incursions into Moscow’s power grid out of fear he might order the operation to a halt or worse, leak the classified details. As a result, he lashed out on Twitter against The New York Times, simultaneously accusing it of treason and also labeling it as fake news. It’s the latest development in his war against unfavorable news outlets, a war that has seen federal regulatory agencies retaliate by denying media mergers, extradition warrants for leakers such as Julian Assange, and efforts by Trump himself to portray the media as fake news.
The New York Times publisher, A.G. Sulzberger, responded with an editorial for the Wall Street Journal.
“There is no more serious charge a commander in chief can make against an independent news organization. Which presents a troubling question: What would it look like for Mr. Trump to escalate his attacks on the press further?” Sulzberger asked.
He defended the accuracy of the report, stating that the newspaper ran it by the White House National Security Council, National Security Agency, and Cyber Command before publication. None of the agencies objected to the report’s content. A free press is the bedrock of democracy, and attacking it by sowing distrust plays directly into Russia’s cards.