Obama slaps sanc­tions on Rus­sia, ex­pels agents over elec­tion hacks

Trump faces dilemma with pres­sure from Moscow, Congress

The Washington Times Daily - - FRONT PAGE - BY DAVE BOYER

The Obama ad­min­is­tra­tion hit Rus­sia with sanc­tions Thurs­day and ex­pelled 35 Rus­sian in­tel­li­gence agents over sus­pected cy­ber­at­tacks aimed at in­flu­enc­ing the U.S. pres­i­den­tial elec­tion, a move that high­lighted an­other rift be­tween Pres­i­dent Obama and Pres­i­dent-elect Don­ald Trump, who urged the ad­min­is­tra­tion to move on from the episode.

The se­ries of re­tal­ia­tory mea­sures against Moscow marked the first time that the U.S. has named in­di­vid­ual Rus­sians in­volved in cy­ber­at­tacks. The ad­min­is­tra­tion calls the pun­ish­ment a pro­por­tional re­sponse to a hack­ing op­er­a­tion that U.S. of­fi­cials said was an ef­fort to de­feat Demo­cratic pres­i­den­tial nom­i­nee Hil­lary Clin­ton.

“All Amer­i­cans should be alarmed by Rus­sia’s ac­tions,” Mr. Obama said in a state­ment. “These data theft and dis­clo­sure ac­tiv­i­ties could only have been di­rected by the high­est lev­els of the Rus­sian gov­ern­ment. More­over, our diplo­mats have ex­pe­ri­enced an un­ac­cept­able level of ha­rass­ment in Moscow by Rus­sian se­cu­rity ser­vices and po­lice over the last year. Such ac­tiv­i­ties have con­se­quences.”

The gov­ern­ment also re­leased a re­port with some de­clas­si­fied de­tails of the Rus­sian hack­ing op­er­a­tions, which the U.S. gov­ern­ment is

call­ing “Griz­zly Steppe.”

Mr. Trump, in a state­ment late Thurs­day, said that “it’s time for our coun­try to move on to big­ger and bet­ter things.”

“Nev­er­the­less, in the in­ter­est of our coun­try and its great peo­ple, I will meet with lead­ers of the in­tel­li­gence com­mu­nity next week in or­der to be up­dated on the facts of this sit­u­a­tion,” he said.

The pres­i­dent’s ex­ec­u­tive or­der sanc­tioned nine en­ti­ties and in­di­vid­u­als: the GRU and the FSB, two Rus­sian in­tel­li­gence ser­vices; and four in­di­vid­ual of­fi­cers of the GRU. In ad­di­tion, the Trea­sury des­ig­nated two Rus­sians for us­ing cy­ber-en­abled means to cause mis­ap­pro­pri­a­tion of funds and per­sonal iden­ti­fy­ing in­for­ma­tion.

The State Depart­ment is also shut­ting down two Rus­sian com­pounds, in Mary­land and New York, used by Rus­sian per­son­nel for in­tel­li­gence gath­er­ing, and de­clared the 35 Rus­sian in­tel­li­gence op­er­a­tives as “per­sona non grata.” The per­son­nel and their fam­i­lies, from the Rus­sian Em­bassy in Washington and the Rus­sian Con­sulate in San Fran­cisco, were given 72 hours to leave the U.S.

A spokesman for Rus­sian Pres­i­dent Vladimir Putin said the Krem­lin re­grets the U.S. ac­tions and will con­sider re­tal­ia­tory mea­sures.

“You re­al­ize, of course, re­cip­ro­cal steps will be made and the U.S. Em­bassy in Moscow and, quite pos­si­bly, the con­sulates will be cut down to size as well,” Vladimir Dzhabarov, deputy chair­man of the for­eign pol­icy com­mit­tee in the Rus­sian Duma, told the Tass news agency af­ter the sanc­tions were an­nounced.

The Rus­sian Em­bassy in Lon­don posted a photo on Twit­ter of a duck­ling with the word “lame” on it, a ref­er­ence to Mr. Obama. The tweet also called his ac­tions “Cold War deja vu.”

“Ev­ery­body, incl [Amer­i­can] peo­ple, will be glad to see the last of this hap­less Adm.,” the tweet said.

A Rus­sian For­eign Min­istry spokes­woman said any ac­tion against Rus­sian diplo­matic mis­sions in the U.S. “will im­me­di­ately bounce back on U.S. diplo­mats in Rus­sia.”

Mr. Obama has vowed to carry out other covert re­tal­ia­tory cy­ber­mea­sures against Rus­sia, but he said those ac­tions may never be re­vealed pub­licly.

U.S. of­fi­cials told the Reuters news agency that the ad­min­is­tra­tion will avoid any moves such as in­ter­fer­ing with Rus­sian in­ter­net mes­sag­ing that ex­ceed Rus­sia’s in­volve­ment in the U.S. elec­tion and risk an es­ca­lat­ing cy­ber­con­flict that could spi­ral out of con­trol.

The pres­i­dent said Thurs­day that his ad­min­is­tra­tion “will con­tinue to take a va­ri­ety of ac­tions at a time and place of our choos­ing.”

Aside from the diplo­matic ex­pul­sions and public “nam­ing and sham­ing,” the ac­tion will al­low the Trea­sury to freeze as­sets of in­di­vid­u­als ac­cused in the op­er­a­tion.

House Speaker Paul D. Ryan, Wis­con­sin Repub­li­can, said he sup­ports the sanc­tions and called them over­due.

“Rus­sia does not share Amer­ica’s in­ter­ests,” Mr. Ryan said. “It has con­sis­tently sought to un­der­mine them, sow­ing dan­ger­ous in­sta­bil­ity around the world. While to­day’s ac­tion by the ad­min­is­tra­tion is over­due, it is an ap­pro­pri­ate way to end eight years of failed pol­icy with Rus­sia.”

Sen. Ben Sasse, Ne­braska Repub­li­can, called the sanc­tions “too lit­tle, too late.”

“These mea­ger steps will not de­ci­sively change Putin’s cal­cu­la­tion that his ag­gres­sions are worth the risk,” Mr. Sasse said.

In­deed, Mr. Obama fa­mously ridiculed Repub­li­can chal­lenger Mitt Rom­ney’s no­tion that Rus­sia was a ma­jor threat dur­ing one of the 2012 pres­i­den­tial de­bates with the punch line, “The 1980s are now call­ing to ask for their for­eign pol­icy back. Be­cause the Cold War has been over for 20 years.”

Im­pos­ing the sanc­tions was also an at­tempt to box in Mr. Trump. He will need to de­cide whether to lift the penal­ties af­ter he is in­au­gu­rated Jan. 20, with law­mak­ers in both par­ties sup­port­ing the sanc­tions and lib­er­als in­creas­ingly de­rid­ing Mr. Trump as a Rus­sian pup­pet.

Mr. Trump has re­jected U.S. in­tel­li­gence as­sess­ments that Rus­sia was re­spon­si­ble for the theft of Demo­cratic of­fi­cials’ cam­paign emails and other doc­u­ments, which were pub­li­cized on­line by Wik­iLeaks.

Sen. Charles E. Schumer, New York Demo­crat and in­com­ing mi­nor­ity leader, said he hopes the Trump ad­min­is­tra­tion, “which has been far too close to Rus­sia through­out the cam­paign and tran­si­tion, won’t think for one sec­ond about weak­en­ing these new sanc­tions or our ex­ist­ing regime.”

“Both par­ties ought to be united in stand­ing up to Rus­sian in­ter­fer­ence in our elec­tions, to their cy­ber­at­tacks, their il­le­gal an­nex­a­tion of Crimea and other ex­trale­gal in­ter­ven­tions,” Mr. Schumer said. “I strongly sup­port the steps the ad­min­is­tra­tion is tak­ing to fight back against Rus­sia’s in­ter­fer­ence in our elec­tion. We need to punch back against Rus­sia and punch back hard.”

Rus­sian For­eign Min­istry spe­cial en­voy An­drey Krut­skikh said Moscow hopes Mr. Trump will lift any sanc­tions that Mr. Obama im­poses.

A se­nior ad­min­is­tra­tion of­fi­cial said Mr. Trump could re­verse some of the ac­tions but warned against such a move.

“These are ex­ec­u­tive ac­tions, so if a fu­ture pres­i­dent de­cided that he wanted to al­low in a large tranche of Rus­sian in­tel­li­gence agents, pre­sum­ably a fu­ture pres­i­dent could in­vite that ac­tion,” the of­fi­cial said on a con­fer­ence call with re­porters.

“We think it would be in­ad­vis­able. The of­fi­cials who were sanc­tioned were par­tic­i­pat­ing in ma­li­cious cy­ber­at­tacks on U.S. crit­i­cal in­fra­struc­ture and in­ter­fer­ing [with] our demo­cratic process. Hy­po­thet­i­cally, you could re­verse those sanc­tions, but it wouldn’t make a lot of sense,” the of­fi­cial said.

Trump tran­si­tion spokesman Sean Spicer, asked about the sanc­tions, told re­porters that “a lot of folks on the left that con­tinue to un­der­mine the le­git­i­macy of his win — that’s un­for­tu­nate,” but “if the U.S. has clear proof of any­body in­ter­fer­ing in our elec­tions, we should make that known.”

CIA of­fi­cials said anony­mously this month that they had “high con­fi­dence” that Rus­sian hack­ers tried to sway the elec­tion in Mr. Trump’s fa­vor. The ad­min­is­tra­tion up un­til Thurs­day hadn’t pro­vided doc­u­men­ta­tion to sup­port its Oc­to­ber assess­ment of Moscow’s in­ter­fer­ence.

The White House said Thurs­day that the Rus­sian GRU “is in­volved in ex­ter­nal col­lec­tion us­ing hu­man in­tel­li­gence of­fi­cers and a va­ri­ety of tech­ni­cal tools, and is des­ig­nated for tam­per­ing, al­ter­ing, or caus­ing a mis­ap­pro­pri­a­tion of in­for­ma­tion with the pur­pose or ef­fect of in­ter­fer­ing with the 2016 U.S. elec­tion pro­cesses.”

The ad­min­is­tra­tion also re­leased some de­clas­si­fied tech­ni­cal in­for­ma­tion on Rus­sian civil­ian and mil­i­tary in­tel­li­gence ser­vices’ ma­li­cious cy­ber­ac­tiv­ity, to bet­ter help net­work se­cu­rity of­fi­cials “iden­tify, de­tect, and dis­rupt Rus­sia’s global cam­paign of ma­li­cious cy­ber ac­tiv­i­ties.”

The re­port from the FBI and Depart­ment of Home­land Se­cu­rity said the Rus­sian cy­ber­op­er­a­tions in­cluded spear-phish­ing cam­paigns tar­get­ing po­lit­i­cal or­ga­ni­za­tions, think tanks, gov­ern­ment agen­cies, uni­ver­si­ties and cor­po­ra­tions.

Us­ing dozens of names such as En­er­getic Bear, EVILTOSS and SOURFACE, Rus­sian ac­tors sent emails con­tain­ing a ma­li­cious link to more than 1,000 re­cip­i­ents in the sum­mer of 2015, the re­port said.

The first group, known as Ad­vanced Per­sis­tent Threat 29, en­tered the Demo­cratic Party’s sys­tems in sum­mer 2015, and the sec­ond, known as APT28, en­tered this spring.

“In the course of that cam­paign, APT29 suc­cess­fully com­pro­mised a U.S. po­lit­i­cal party,” the re­port said. “At least one tar­geted in­di­vid­ual ac­ti­vated links to mal­ware hosted on op­er­a­tional in­fra­struc­ture of opened at­tach­ments con­tain­ing mal­ware. APT29 de­liv­ered mal­ware to the po­lit­i­cal party’s sys­tems, es­tab­lished persistence, es­ca­lated priv­i­leges, enu­mer­ated ac­tive di­rec­tory ac­counts, and ex­fil­trated email from sev­eral ac­counts through en­crypted con­nec­tions back through op­er­a­tional in­fra­struc­ture.”

This spring, the gov­ern­ment said, APT28 com­pro­mised the same po­lit­i­cal party, again via spear-phish­ing.

“This time, the spear-phish­ing email tricked re­cip­i­ents into chang­ing their pass­words through a fake web­mail do­main hosted on APT28 op­er­a­tional in­fra­struc­ture,” the re­port said. “Us­ing the har­vested cre­den­tials, APT28 was able to gain ac­cess and steal con­tent, likely lead­ing to the ex­fil­tra­tion of in­for­ma­tion from mul­ti­ple se­nior party mem­bers. The U.S. gov­ern­ment as­sesses that in­for­ma­tion was leaked to the press and pub­licly dis­closed.”

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.