Pages

Monday, January 9, 2017

Thank you Russia

According to President Obama and the Director of National Intelligence (DNI) a foreign government penetrated presidential campaign computers and stole files and emails.  The method used was spear phishing in which a harmless appearing email is sent with an attached file that, if opened by a user, installs software that gains access to the network in which the computer is connected.  The foreign government used the information obtained not only to gather information, but to influence U.S. policy.

This didn’t happen in 2016.  It happened in 2008.  Both the Obama and McCain campaigns were penetrated by China in the same manner used by Russia in the 2016 campaigns.

The two events are not fully alike.  In 2016 only one Party was successfully penetrated though attempts were made against both.  The Russians released their take to the world through WikiLeaks and other paths while the Chinese used the information privately – boldly confronting Senator John McCain about a letter he wrote to the president of Taiwan that they stole through the penetration.

The intentions were also likely somewhat different.  The Chinese do not like to be surprised – just like every other government.  So they make attempts to collect information in nearly every sphere to inform leaders as accurately as possible in order to formulate policy.  It is called espionage and we do plenty of it.



The Russians went a step beyond.  By releasing the information they were supporting a broader effort to disparage and diminish Western democracies.  They are continuing the disinformation so common in the Soviet era, but by other, more up to date means.   A full reading of the Declassified Intelligence Community Assessment of Russian Activities and Intentions in Recent U.S. Elections, January 6, 2017, reveals the major effort was on disinformation and propaganda through online RT America TV, a Kremlin-financed on-line channel operated from within the United States.

The greatest difference we see is in the post penetration public debate in 2016.  There was little to no information in the public domain about the Chinese penetration in 2008 until years later.  In large part this difference results from domestic political rivalry.  Those disappointed in the election result used any way in which to at first invalidate the 2016 election result, and when that failed, to disparage and diminish the winner.

At first this hue and cry seemed a distraction to the real cyber threats that face the nation.  But following a complete read of the Intelligence Community reports on the Russian effort from October, December, and most recently January 7, 2017, and watching the testimony of the Director of National Intelligence, James R. Clapper and the head of the NSA and Cyber Command Admiral Mike Rogers on January 5, 2017, and reading their formal written testimony submission, the post event publicity, regardless of its intent, may open a window to look more closely at our national cyber defense policy.

Cyber warfare poses an existential threat to the United States.  An existential threat is one that poses a threat to the nation’s very survival or existence.   The only other existential threat we face is nuclear warfare. Terrorism is not.  Rogue states with a handful of nuclear weapons are not.  Non-state actors with a dirty bomb are not.  Foreign conventional military forces are not.  Yet, our focus and expenditures are disproportionately on those lesser threats.

In 2010, former Director of National Intelligence Admiral Michael McConnell warned that the United States was already engaged in a cyber war – and that we were losing.  The reason he said was not lack of resources, but lack of a cohesive strategy.  His proposed strategy looked to the nuclear strategy of the Cold War of deterrence and preemption.  Despite this alarm cry from one of our most respected Intelligence professionals in 2010 our nation still does not have a cyber defense policy.

Senator John McCain, during the hearing on Russian hacking last week expressed frustration in questioning Undersecretary of Defense for Intelligence Marcel Lettre about the lack of an Administration Cyber Defense Policy, saying in part, “I don’t think any of our Intelligence people know what to do if there is an attack besides report it.”

Secretary Lettre responded with a wholly unacceptable answer on this important issue, saying in part, “we have a lot of work to do…the next Administration would be well served to focus very early on those questions.”  In other words – despite the magnitude of this threat and the passage of eight years we failed the American people on this most basic of our responsibilities.

The Senate Armed Services hearing last week stood in stark contrast to the submitted written testimony of DNI Clapper and Admiral Rogers.   The hearing questions focused largely on the political theater.  The written testimony was a hard cold assessment of the cyber threat the U.S. faces from Russia, China, Iran, North Korea, terrorist groups, and criminals - all of whom have executed significant and direct cyber assaults against U.S. interests and companies.

Our vulnerability in this realm is greater than any other nation.  Cyber dependence will only grow with time – increasing that vulnerability.  The incoming administration must make cyber defense the priority of its efforts appropriate to what it represents – an existential threat to our nation.

Ironically, we can thank the Russians for the unintended consequence of their actions – placing a bright light on this most serious of vulnerabilities faced by our nation.

2 comments:

  1. Several references are important to a full understanding of this specific issue:
    1. Joint statement of DNI and DHS on election security Oct, 2016 https://www.dni.gov/index.php/newsroom/press-releases/215-press-releases-2016/1423-joint-dhs-odni-election-security-statement
    2. Joint DNI, DHS, FBI statement on Russian Malicious Cyber Activity Dec, 2016 https://www.dni.gov/index.php/newsroom/press-releases/215-press-releases-2016/1463-joint-dhs,-odni,-fbi-statement-on-russian-malicious-cyber-activity
    3. IC report on Russian Activities in the 2016 election, Jan 6, 2017 https://icontherecord.tumblr.com/post/155494946443/odni-statement-on-declassified-intelligence
    4. Written testimony submitted to the Senate Armed Services Committee by USecDef, DNI, and NSA Director https://www.dni.gov/files/documents/OKSASC_SFR_UNCLASSIFIED_3JAN2016%20FINAL.pdf
    5. CSPAN video of Senate Armed Services Committee hearing on Russian cyber activities in the 2016 election. https://www.c-span.org/video/?420936-1/senior-intelligence-officials-resolute-russian-role-electionyear-hacking

    ReplyDelete
  2. Wikileaks recently released CIA documents and extensive information about U.S. hacking methods. This increases our vulnerability because those who would do us harm can turn these same tools against us. https://wikileaks.org/ciav7p1/

    ReplyDelete

Comments to blog postings are encouraged, but all comments will be reviewed by the moderator before posting to ensure that they are relevant and respectful. Hence, there will be a delay in the appearance of your comment. Thank you