February 23, 2018

Russian cyberwarfare worldwide


February 16 was notable for major news in the U.S. that coincided with Ukrainian President Petro Poroshenko’s address to the Munich Security Conference.

In Washington, the Justice Department announced the indictments of 13 Russians and three Russian companies linked to a notorious troll farm in St. Petersburg whose work was aimed at sowing discord in the U.S., particularly as the 2016 presidential elections approached, and influencing the vote. However, as reported by The New York Times, the work of this troll factory, created in 2013, was also intended to paint a “chaotic, morally corrupt West” and to focus “on Russian adversaries like Ukraine and the United States.”

That same day, Mr. Poroshenko underscored that Moscow is conducting a “full-fledged world hybrid war.” According to RFE/RL, he accused Russia of seeking to undermine Ukraine and Western democracies by supporting ultraleft and ultraright political parties abroad, as well as deploying “armies” of Internet trolls to spread disinformation to sow discord beyond Russia’s borders.

A day earlier, both the United Kingdom and the United States had formally blamed Russia for the NotPetya cyberattack of June 2017 – which struck Ukraine on the eve of its Constitution Day (June 28) but affected computers worldwide – accusing Moscow of “weaponizing information.” The White House press secretary’s statement called it “the most destructive and costly cyberattack in history” and noted that “It was part of the Kremlin’s ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia’s involvement in the ongoing conflict.”

Meanwhile, the House of Representatives on February 7 passed the Ukraine Cybersecurity Cooperation Act (H.R. 1997), authored by Reps. Brian Fitzpatrick (R-Pa.) and Brendan F. Boyle (D-Pa.), which promotes collaboration between the U.S. and Ukraine on cybersecurity and requires the State Department to report to Congress on best practices to protect against future cyberattacks. “H.R. 1997 sends a strong signal to Russia and all those who threaten the cybersecurity of America and its allies that we are ready and able to protect ourselves against this escalating threat,” Rep. Boyle commented. This crucial bipartisan legislation is now making its way through the Senate.

Finally, there was some good news this week, reported by Reuters on February 21: “The Trump administration is considering new sanctions against Russia in response to election meddling and a devastating cyberattack last year, senior U.S. officials said on Wednesday, pushing back against criticism that it has been slow to act.” Three “senior administration officials” said at a press briefing that work on sanctions is slow-moving process due to legal issues. “The process on sanctions is long; it’s arduous; it’s not pretty, but when the evidence is there and we’re ready, we go ahead with the sanctions,” one official said. Another official cited by Reuters said it’s a “certainty” that the U.S. will respond to the NotPetya attack.

That will be a welcome step. Observers have pointed to President Donald’s Trump’s strange reluctance – despite laudable statements and actions by members of his own administration – to call out Russian President Vladimir Putin and hold him accountable for Russian interference in U.S. elections and cyberwarfare worldwide. Indeed, Mr. Trump has repeatedly dismissed or ignored reports of Russian involvement in such acts, and he has yet to implement the sanctions called for by Congress. But now it’s way past time to call Russia what it is – our adversary – and to act accordingly.