Biden imposes sanctions for computer breach
Stringent financial penalties to be applied; 10 diplomats are expelled
The Biden administration Thursday announced tough new sanctions on Russia and formally blamed the country’s premier intelligence agency for the sophisticated hacking operation that breached U.S. government agencies and the nation’s largest companies.
In the broadest effort yet by President Joe Biden to give more teeth to financial sanctions — which in recent years have failed to deter Russian activity — the actions are aimed at choking off lending to the Russian government.
In an executive order, Biden announced a series of additional steps — sanctions on 32 entities and individuals for disinformation efforts and for carrying out Moscow’s inter
ference in the 2020 presidential election. Ten Russian diplomats, most of them identified as intelligence operatives, were expelled from the Russian Embassy in Washington. The U.S. also joined with European partners to impose sanctions on eight people and entities associated with Russia’s occupation of Crimea.
For the first time, the U.S. government squarely placed the blame for the hacking known as SolarWinds on the Kremlin, saying it was masterminded by the SVR, one of the Russian intelligence agencies that was also involved in the intrusion of the Democratic National Committee six years ago. The finding comports with the findings of private cybersecurity companies.
In Moscow, the Foreign Ministry’s spokeswoman, Maria Zakharova, said a response would be “inevitable” but did not immediately disclose what it would entail. The U.S. ambassador was summoned to a meeting with Russian officials, she said.
“Such aggressive behavior will of course receive a decisive response,” Zakharova said. “In Washington, they should know there will be a cost for the degradation of bilateral relations. Responsibility for what is happening lies wholly with the United States.”
Widely anticipated, the sanctions come amid a large Russian military buildup on the borders of Ukraine and in Crimea, the peninsula that Moscow annexed in 2014.
They comprise the public elements of what U.S. officials described as “seen and unseen” steps in response to the SolarWinds hacking and to Russia’s longstanding effort to interfere in U.S. elections on behalf of former President Donald Trump. The effectiveness of the sanctions, officials say, rests in part on implying that the United States could extend the ban to cut off financial institutions around the world from dealing in Russian bonds, much as it enforced “secondary sanctions” against those who do business with Iran.
In a conversation with President Vladimir Putin on Tuesday, Biden warned that the United States would act to protect its interests, but he also raised the prospect of a summit between the two leaders.
Inside U.S. intelligence agencies there have been warnings that the SolarWinds attack — which enabled the SVR to place “back doors” in the computer networks — could give Russia a pathway for malicious activity against government agencies and corporations.
Jake Sullivan, Biden’s national security adviser, has often said that sanctions alone will not be sufficient. Before he took office, Biden suggested the United States would respond in kind to the hacking, which seemed to indicate some kind of clandestine response. But it may take weeks or months for any evidence of that to come to light, if it ever does.
The order also designates six Russian companies for providing support to the cyberactivities of the Russian intelligence service.
Administration officials said the actions also were a response to intelligence reports that Russia had paid bounties to encourage Taliban attacks on U.S. troops, adding that they had sent diplomatic messages to Russia expressing concern about the reports. But a senior official said intelligence agencies only had low-to-moderate confidence in their assessment because it was based in part on information from detainees.
In the SolarWinds breach, Russian government hackers infected network-management software used by thousands of government entities and private companies in what officials believe was, at least in its opening stages, an intelligence-gathering mission.
The SVR, or the Russian Foreign Intelligence Service, is primarily known for espionage operations. In a statement, the administration said U.S. intelligence agencies had “high confidence in its assessment of attribution” of responsibility to Russia.
The United States also described specific details about the software vulnerabilities that the Russian intelligence agencies used to infiltrate the systems of companies and governments. Most of those have been widely known since FireEye, a private security company, first found evidence of the hacking in December. Until then, the U.S. government had not noticed the actions, largely because the attack was initiated from inside the United States, where, as the Russians know well, U.S. intelligence agencies are prohibited from operating.
Sanctions against Russia in recent years have been more narrowly drawn and have largely affected individuals. As such, the Kremlin has largely appeared to absorb or shrug off the penalties without changing its behavior. Broader sanctions targeting sectors of the Russian economy were imposed for Russia’s military intervention in Ukraine in 2014.