Trump must stop denying Russia complicity in attack
WASHINGTON — Both Secretary of State Mike Pompeo and Attorney General William Barr say Russia was behind the massive cyberattack that compromised 18,000 U.S. companies and government agencies, but President Donald Trump isn’t buying it. “Russia, Russia, Russia is the priority chant when anything happens” Trump tweeted, adding “it may” be China or “a hit on our ridiculous voting machines during the election, which is now obvious that I won big.”
No, it wasn’t either of these things. And by tweeting this nonsense, Trump is not only failing to respond forcefully and restore deterrence in cyberspace — he is missing an opportunity to claim vindication concerning Washington’s obsession with Russian electoral interference.
Were U.S. intelligence officials so focused on detecting and deterring Moscow’s election interference that they missed the Kremlin’s real target — a massive cyber penetration of U.S. businesses and government agencies? That’s the case Trump should be making. Undetected, Russian hackers penetrated SolarWinds, a company that produces network management software used by many Fortune 500 companies and government agencies, in October
2019, and began attaching a computer virus to the software updates the company pushed out to its clients.
SolarWinds updates acted like a superspreader, allowing Russia to create “back doors” in targeted networks that, according to The New York Times, gave Moscow the ability “to come and go, steal data and — though it apparently has not happened yet — alter data or conduct destructive attacks.” Russia penetrated not only thousands of businesses but also the U.S. Department of State, Homeland Security, Treasury, Commerce and Energy — including the National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile. We still do not know the full extent of the damage. Some national security experts have suggested that this attack could actually be a subset of a much larger operation.
The Russian hack was discovered by accident, when an employee at a compromised company saw their credentials had been used to log into the company’s network from an unrecognized device. In other words, our intelligence community was overly focused on the wrong target. Rather than deny what took place, Trump should be arguing that Washington’s four-year fixation with Russian interference in our elections provided the perfect cover for this unprecedented Russian cyberattack.
The lesson is that cyberattackers are like terrorists — they take advantage of our free and open society to infiltrate and attack America. And the lesson we learned after Sept. 11, 2001, is that we cannot defend perfectly in every place and at all times against every possible technique. The only way to stop or deter them is to go on offense. “What’s our response to the Russians?” asks retired fourstar Army Gen. Jack Keane. He points out that the United States has the most powerful offensive cyber-capabilities in the world. “We cannot let this stand. We have the capability to attack back and we should … When you impose costs … your adversary is going to think twice before doing something.”
Based on what is now in the public sphere, Trump appears to have used America’s offensive cyber capabilities more than any previous president. In August 2019, The New York Times reported that he ordered “a secret cyberattack against Iran in June (that) wiped out a critical database used by Iran’s paramilitary arm to plot attacks against oil tankers.” In an interview with me last fall, Trump acknowledged for the first time that he had launched a cyberattack on Russia to prevent its interference in the 2018 midterm elections. But he has clearly not used them nearly enough to deter attacks like this one. If an adversary had launched a kinetic attack on us this massive, we would take out whatever weapon was used to harm us. But too often, we allow adversaries to get away with attacks in the cyber domain that would not be tolerated in any other domain.
If we want to restore cyber deterrence, that has to change. The primary reason we have gone almost two decades without another
9/11-style attack on the homeland is because America has been on offense across the world, taking out terrorists with targeted drone strikes, denying them sanctuary. We need to do the same in cyberspace. Our adversaries need to know that attacks on America in cyberspace will not be tolerated, and will be met with a swift and disproportionate response — and that the United States will preemptively take out cyber capabilities of state or non-state actors we believe threatens us.
Trump has pulled the trigger in cyberspace before. He can do it again. But to do so, he must stop denying Russia’s complicity, stop obsessing with overturning the election, defend our country and restore deterrence in cyberspace.