Editorial Board

What to Do About Russia’s Hacking

Putin must pay a price. But let’s not wage cyberwar just yet.

Weaker than you think.

Photographer: Hannah Peters/Getty

Amid this divisive and miserable (and thankfully almost over) U.S. presidential campaign, one menacing subplot hasn’t received the kind of attention it deserves: the Russian government’s effort to disrupt the American political and electoral process.

In July, hackers dumped a trove of stolen e-mails from the Democratic National Committee, leading its chairwoman to resign. A few weeks later, the personal e-mail addresses and phone numbers of almost 200 lawmakers turned up online. Last month, so did e-mails from Hillary Clinton’s campaign chairman, John Podesta. Across the U.S., hackers have been prying into state electoral machinery, probing for weaknesses.

Added up, it all amounts to unprecedented meddling in an American election. And it all has been attributed -- by analysts public and private -- to Russia. What kind of response does such audacious interference call for?

Not panic, for starters. Podesta is justifiably upset about his e-mails, and it’s disturbing to think that the leaks may influence voters. But no one has been killed and democracy hasn’t been derailed. Election officials are aware of the dangers, and the potential for serious fraud is small. The republic will endure.

Further, there are some indications that the U.S. and its allies are already responding. Attributing the attacks to Russia may well be the first step toward imposing sanctions. Last month Vice President Joe Biden suggested that more covert efforts may be on the way.

All of which, and more, would be justified. One thing the White House should be wary of, however, is employing its own arsenal of cyberweapons. Such implements are inherently unpredictable. They risk revealing capabilities that might later come in handy. And the U.S. has far more to lose from an escalating cyber conflict than does Russia. Better to use the tools -- legal, diplomatic and political -- that have proved effective in the past.

China offers an instructive example. After enduring years of escalating attacks against American corporations, the U.S. indicted five hackers from the Chinese military in 2014. The White House also threatened sanctions, applied diplomatic pressure and generally raised hell. Eventually, the two sides came to a much-touted agreement on the issue last year, and attacks by Chinese-linked hackers have since declined substantially.

A Lack of Hacks

Successful network attacks by China-based groups.

Source: FireEye

There’s some debate over exactly how much of this reduction can be attributed to U.S. pressure. But the message was clearly sent. Top officials on both sides now share information on cybercrime and a “hotline” is being established to improve communication. Cheating, dissembling and assorted chicanery will surely continue. Slowly and fitfully, however, the two countries are hashing out mutually beneficial norms of behavior in cyberspace.

The U.S. has no such understanding with Russia. Getting there will require a similar combination of threats and compromises, carrots and sticks. Russia is a much-diminished power, and its intrusions signify only weakness. But the U.S. still needs its cooperation on many issues, from space to Syria. It should make clear that interfering with an American election will have a price. But the price shouldn’t be needlessly steep.

    --Editors: Timothy Lavin, Michael Newman.

    To contact the senior editor responsible for Bloomberg View’s editorials: David Shipley at davidshipley@bloomberg.net .

    Before it's here, it's on the Bloomberg Terminal.
    LEARN MORE
    Comments