This story is over 5 years old.


How the US can retaliate if Kremlin hackers tried to influence the presidential election

US intelligence and private cybersecurity firms say Russia almost certainly hacked the Democratic National Committee and leaked documents, and now the question is whether the US government is going to do something about it.
Russian President Vladimir Putin attends a meeting with US Secretary of State John Kerry at the Kremlin in Moscow, Russia, July 14, 2016. (Sputnik/Kremlin/Alexei Druzhinin/via Reuters)

The US intelligence community and private cybersecurity firms say Russia almost certainly hacked the Democratic National Committee and leaked documents that enraged Bernie Sanders supporters, embarrassed Democratic donors and senior party officials, and led to the resignation of DNC chairwoman Debbie Wasserman Schultz.

The US government hasn't publicly accused Russia of responsibility for the leak, but President Barack Obama noted on Tuesday that Russia has a history of interfering in other countries' elections.


Now the question is whether the US government is going to do something about it.

If confirmed, Kremlin responsibility for the DNC hack and leak would mark the first time a foreign government has interfered in a US election on this grand a scale.

"If Russian involvement is true, it shows how far they will go to get involved in our internal affairs," said former US Ambassador to Russia Michael McFaul. "That's something new. I don't think anything remotely close to that happened during the Cold War."

"We all do espionage," he said, "but it's one thing to practice intelligence gathering, and another to use those means to affect an electoral outcome."

McFaul says all the evidence points to Russia deliberately seeking to interfere in a US election on behalf of Donald Trump, a candidate it believes would be more friendly to its interests.

Related: Trump condones Russian hacking — if it means Clinton's emails are exposed

For example, Trump's team removed language from the Republican platform that called for supplying Ukraine with lethal weapons to battle Russian-backed secessionists, and torpedoed a platform amendment that called for maintaining or increasing sanctions against Russia. Trump has also questioned the usefulness of US membership in NATO. On Tuesday, he even called on Russian hackers to leak Hillary Clinton's deleted emails from her tenure as secretary of state.

"If I worked in the Kremlin and i was working for President Putin, I would want see a President Trump," McFaul said. "He says we need to rethink our relationship with NATO, and that's exactly what Putin and his people want."


So, what could the US do to deter Russia from conducting an operation like this again?

"There should be some public response, including sanctions, or some kind of reaction that says, 'We caught you doing this and we are going to make you pay a price,'" said McFaul. "How to define that price, I don't have a good answer to, but to let it go and move on is a big mistake."

McFaul and other experts said there are precedents that involve North Korea, China, and Russia.

In response to North Korea's alleged hack of Sony Pictures in January 2015, Obama ordered new sanctions against the country that shut access to the US financial system for 10 North Koreans and three of the country's agencies – including the Reconnaissance General Bureau, an intelligence agency the administration said ran the cyber operation against Sony.

The DNC email hack forced former committee chairwoman Debbie Wasserman Schultz to resign. (Photo by Reuters)

Just two years ago, the US imposed sanctions on individuals in the Russian government and on its business sector after Russia invaded and annexed Ukraine's Crimean Peninsula.

"The US government could add some of the senior [Russian intelligence] officers to the financial sanctions list, or evict the [intelligence] liaison officer from the Washington, DC embassy," said Matt Tait, a cybersecurity expert and former information security specialist at GCHQ, the British equivalent of the NSA. "All of those would send a message that this isn't okay, without actually responding in kind."


Another possibility would be to indict the officers working for Russia's foreign intelligence service, the FSB, if US government officials believe they were involved in the hack.

This follows a precedent set in May 2014 when the Justice Department indicted five Chinese People's Liberation Army officers for stealing trade secrets and sensitive internal communications from US companies.

P.W. Singer, a security expert at the New America foundation and author of Cybersecurity and Cyberwar, said it's unlikely the five Chinese officers will ever be arrested, but the indictment allowed the US to use diplomatic, financial, and other levers to put pressure on Beijing to back off.

"An indictment gave the government the groundwork for potential activity in other domains the Chinese cared about, like the World Trade Organization," he said. "The [US government] can say, 'This is going to cost you in a trade deal.'"

"We all do espionage — but it's one thing to practice intelligence gathering, and another to use those means to affect an electoral outcome."

Singer said the US can press Russian diplomats and officials on other sensitive "pressure points," such as threatening foreign officials with revoking their children's visas to study at US schools.

The fourth option, Singer said, is to fight fire with fire by responding with exactly the same type of hack and document dump. This, he reasoned, could be more damaging to the Kremlin, since Russia's government is less transparent and thus more vulnerable to leaks of sensitive state secrets.


"The US government could say, 'If you do this to us, we're going to dump where your oligarchs' holdings are, or your kids' real estate holdings in London that you've bought by funneling money out the country," he said. '"You thought the Panama Papers were bad? That's only one law firm — we've got a lot more than that.'"

The US could also attack Russian government networks and servers in the agencies responsible for the DNC hack, or stage other malicious attacks against Russian interests at home and abroad.

Although Tait, the cybersecurity expert, believes that it's "beyond a reasonable doubt" that Russia is responsible for the DNC hack, there's still a chance the Kremlin didn't provide the documents to Wikileaks. So before doing anything, the US needs to prove that Russia did it — and that won't be easy.

Jack Goldsmith, the assistant attorney general for legal counsel under president George W. Bush, said accruing enough evidence to publicly attribute the leak to Russia would be difficult, since the US government would need to rest its case on human and electronic intelligence that could reveal spies' top secret sources and methods — "the details of which the United States government is understandably very leery to divulge."

"It may be very hard to present a clinching public case of attribution in this context," Goldsmith wrote on the national security-focused Lawfare blog, which he co-founded.


Related: The US and Russia just expelled two of each other's diplomats

McFaul fears the Russians have more documents that haven't been released, and that more damaging information will be dropped throughout the election.

"Where will it end?" he asked. "Is there an October surprise, in terms of Clinton? But even beyond that? What if a newly elected president is in the White House, and the Russians have data on them from things in the past? We're in a new era in terms of how data can be used to affect our internal process."

Singer believes the US government should prioritize domestic cybersecurity, which he says is just as important as deterring foreign governments from attempting to use cyber warfare to influence US politics and policies.

He said one key aspect of this is encouraging political parties to cooperate with the FBI to increase their cybersecurity defenses against hackers.(Ironically, one of the leaked emails featured a senior DNC communications official criticizing a Buzzfeed report that questioned the online security of both parties' national committees).

In light of the highly partisan election season, Singer worries that the public will lose sight of how threatening the hack and dump of the DNC documents is to all Americans' national security.

Related: Eric Holder Now Says Edward Snowden Performed 'Public Service' in Leaking Documents

"This is some deep dark terrible stuff that's happening, that cuts to the core of national security concerns and democracy with capital 'D' concerns," he said. "It's Watergate as if it was done by the KGB."


On Thursday, Director of National Intelligence James Clapper said that the US is involved in a tit-for-tat cyberwar with Russia and, if the Russians were behind the DNC hack and leak to Wikileaks, it wasn't clear what the goal was.

"Was this to just stir up trouble or was this ultimately to try to influence an election? Of course, that's a serious — a serious — proposition," Clapper said. "We don't know enough [yet] to … ascribe a motivation, regardless of who it may have been."

Clapper said if it was intended to influence the election, the hack "philosophically isn't terribly different than what went on in the heyday of the Cold War," Clapper said. "We didn't have the cyber business as a part of this. As far as their approach and philosophy to this, cyber just represents another tool."

It's not clear if Clapper meant that Russia tried to influence US elections during the Cold War, or if he was referring to the US government's history of interfering in other nations' internal affairs, including meddling in elections and backing coups against democratically-elected officials.

Follow Benjamin Gilbert on Twitter: @benrgilbert