U.S. Can’t Blame Russia as Easily as N. Korea in Latest Hack

  • FBI investigating breach, leak of Democratic campaign e-mails
  • Russia rejects accusations it was behind cyber intrusion
Photographer: Andrey Rudakov/Bloomberg

When President Barack Obama blamed North Korea in December 2014 for hacking Sony Pictures Entertainment, he had little to lose. The stakes are higher with Russia, as speculation swirls that Vladimir Putin’s government may be meddling in the U.S. election.

Russia is a leading suspect in an FBI probe of a hacking attack on the Democratic National Committee that resulted in the theft of e-mail and internal reports, according to a U.S. official with knowledge of the probe. Cyber specialists say the infiltration and last week’s release of almost 20,000 party e-mails bear the hallmarks of Russian hackers.

With an investigation underway, the Obama administration hasn’t publicly pinned blame on Putin’s government, whose cooperation it needs in dealing with a range of global hot spots and negotiations, from the battlefields of Syria to talks over North Korea’s nuclear program. Putin’s government has repeatedly rejected the accusations.

“They want to be very careful in blaming another nation for illegal activities and for cyber activities,” said Olga Oliker, director of the Russia and Eurasia program at the Center for Strategic and International Studies in Washington. “If you’re wrong, it’s embarrassing to you. If you’re wrong, you went after the wrong people.”

FBI Probe

Asked by reporters to comment on the hacking allegations as he began talks that focused on Syria with U.S. Secretary of State John Kerry in Laos on Tuesday, Russian Foreign Minister Sergei Lavrov replied: “I wouldn’t like to use English four-letter words.” Russia has previously rejected the accusations. Putin’s adviser on the internet, German Klimenko, said in June that “It’s easier to explain such things as intrigues of enemies than with one’s own incompetence,” according to state-sponsored newswire RIA Novosti.

As a sign of the political disruption hackers can have, the latest e-mail release forced DNC Chairwoman Debbie Wasserman Schultz to resign on the eve of the party’s national convention in Philadelphia. It also prompted the FBI to announce an investigation, fueled accusations by Hillary Clinton’s campaign that the hack was done to benefit Republican nominee Donald Trump and sparked concerns about foreign influence in the U.S. election.

If the allegations against Russia are true, “It’s troubling that they think they can shape and influence U.S. elections,” said Eugene Rumer, a former national intelligence officer for Russia and Eurasia at the U.S. National Intelligence Council. “If they think they can really affect the outcome of U.S. elections, it’s naive at best and possibly even dangerous.”

Bad Actors

In a brief statement Monday, the Federal Bureau of Investigation made no mention of Russia and offered no details on where it was focusing its investigation.

Lisa Monaco, Obama’s top homeland security and terrorism adviser, mentioned Russia among a small list of bad actors in cyberspace at a conference Tuesday in New York.

“Nations like Russia and China are growing more assertive and sophisticated in their cyber operations,” she said. She also cited Iran, North Korea and Islamic State.

The White House on Tuesday announced a plan to coordinate a federal government response to cyber-attacks, with the FBI taking the lead in responding to immediate cyberthreats and the Department of Homeland Security helping victims recover from attacks and prevent them from spreading.

How New Cool War With Russia Is Like the Old Cold One: Quick Take

An internal investigation of the DNC attack led by CrowdStrike Inc. traced the hack to two groups associated with Russian intelligence, possibly working independently. Two other cybersecurity firms, Fidelis Cybersecurity and FireEye Inc., also confirmed the attribution to the Russian hackers, based on malware samples and other data from the DNC network.

Russia’s modus operandi of meddling in other nations’ domestic politics has been documented in neighboring former Soviet republics of Ukraine and Moldova, and across Europe, including France and Germany, said Rumer, currently at the Carnegie Endowment for International Peace’s Russia and Eurasia Program. “The United States has perhaps the distinction up until now of being insulated from such influence.”

Unpredictable Putin

Yet unlike the 2014 Sony hack, which led to thousands of internal e-mails and sensitive employee and company data being published, Obama has more to weigh and more to lose if he decides to point fingers directly at Russia.

“It’s not that we have this beautiful, perfect relationship with Russia, but it’s already quite delicate and volatile,” said Julie Smith, director of the Center for a New American Security’s strategy and statecraft program. Putin has “been very unpredictable. Usually if you accuse him of something, there’s something that comes in response to that.”

While neither Putin nor Obama has made any secret of their distaste for each other, Obama still talks about his hopes for Russia bowing to the pressure of U.S. sanctions for its annexation of Ukraine’s Crimea and for Russia being a partner in prodding a government transition in Syria.

‘Difficult to Trace’

In addition, assigning blame for the leak is different than assigning blame for the original hack. Releasing the documents through WikiLeaks makes it difficult to directly link it to Russia, said Fiona Hill, director of the Brookings Institution Center on the United States and Europe and a former national intelligence officer for Russia and Eurasia at the National Intelligence Council.

“The hand of Russia is not 100 percent apparent in the dump of the materials to WikiLeaks,” she said. “Having somebody else put that out there makes it difficult to trace.”

It’s also harder to clearly identify Russia as directly behind cyber attacks, James C. Trainor, the assistant director of the FBI’s cyber division, said in New York.

"It’s not a checklist where we want to get one country versus another, it’s really fact-dependent on the targeted activity," Trainor said. Russia “has very, very sophisticated actor groups that probably are harder to target and to develop that sort of information."

The White House for now is stepping gingerly, saying the FBI is leading a probe into who did what and that it will defer to U.S. law enforcement agencies to figure out who is at fault.

“We know that there are a number of actors, both state and criminal, that are looking for vulnerabilities in the cybersecurity of the United States. And that includes Russia,” White House Press Secretary Josh Earnest said Monday after the FBI announced its probe.

Earlier Warnings

This isn’t the first U.S. presidential election to be hit by hackers and there were warnings about the likelihood of such attacks to both political parties earlier this year.

In late March and early April, U.S. officials informed both the Democrat and Republican parties and the presidential campaigns of Clinton, Trump and Bernie Sanders that sophisticated hackers were attempting to penetrate their computers, according to two people familiar with those briefings. By that time, however, much of the damage had already been done.

The DNC computers were infiltrated as early as last summer, an investigation by the Democrats found.

Trump, the Republican presidential nominee, has sent a series of tweets about the DNC e-mails and on Twitter Monday said accusations that Russia leaked the e-mail because they favor his candidacy is “the new joke in town.”

Punitive Action

If the U.S. does decide to blame Russia, or another foreign state, it will also have to decide what sort of punishment to mete out. Obama sometimes handles such matters privately, as he did with a hack of U.S. Office of Personnel Management records that was linked to China, and other times publicly as with North Korea and Sony. The U.S., which already sanctions Russia for its actions in Crimea, has the authority to apply further sanctions for cyber offenses, but European allies may not have an incentive to join in, making such an action less powerful.

If the U.S. decides to take punitive action, government agencies would be asked to submit ideas about what could be done, the Center for a New American Security’s Smith said.

“Every agency has a different bag of tricks. You want low cost, high impact,” she said. “You don’t want to jeopardize anything you care deeply about, but you want it to have an impact.”

— With assistance by Patricia Hurtado, Mike Dorning, Michael Riley, Chris Strohm, and Stepan Kravchenko

    Before it's here, it's on the Bloomberg Terminal.