Last week, for the first time, the Trump administration publicly blamed Moscow for cyberattacks stretching back at least two years that targeted the U.S. power grid, including nuclear facilities.
And it backed up its accusation with sanctions on 19 individuals and five entities, including Russian intelligence services.
Russian interference in the 2016 presidential elections has been convincingly demonstrated as well, and the administration has concurred with Britain, Germany and Frances’ conclusion that blame for the recent nerve gas attack on a Russian ex-double agent in London and his daughter also deserved to be laid at the feet of the Russian government. In the wake of that attack, British Prime Minister Theresa May expelled 23 Russian diplomats and announced other retaliatory measures.
At the end of his term, President Obama expelled 35 Russian diplomats, seized a pair of diplomatic properties and imposed sanctions in response to the election interference. But the measures announced last Thursday represented the first time President Trump has taken action against Russian interests.
The sanctions utilize a law Congress passed in June to, among other things, punish Russia for its election-year interference. President Trump, though he initially opposed the bill, finally signed it into law. And now he has put it into action.
The sanctions targeted the same three Russian organizations and 13 individuals indicted by special counsel Robert S. Mueller III for spreading disinformation and propaganda during the election, and added two other organizations and six individuals, in response to various cyberattacks dating to March 2016, including a previously unconfirmed attempt to penetrate the American energy grid.
Those targeted by the new sanctions may not travel into the United States, and all their assets under U.S. jurisdiction are frozen. U.S. individuals are barred from engaging in transactions with them.
Treasury Secretary Steven Mnuchin called the sanctions “part of a broader effort to address the ongoing nefarious attacks emanating from Russia.”
The attacks compromised the business networks of several American energy, water and nuclear plants — including the Wolf Creek Nuclear Operating Corporation, which runs a nuclear plant near Burlington, Kansas — mapping out their corporate structures and computer networks.
In the Wolf Creek case, and those of other nuclear operators infiltrated by Russian hackers, the infiltrators had not made the leap from business networks into the actual nuclear plant controls. But analysts have suggested that the Russians were seeking inroads to conduct espionage, or even sabotage.
In a report made public in October, cybersecurity software maker Symantec noted that a Russian hacking unit “appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves.” Researchers at the company discovered that Russian hackers had begun taking screenshots of the machinery used in energy and nuclear plants, and stealing detailed descriptions of how they operated — suggesting they were conducting reconnaissance for a future attack.
Russia certainly has the technical capability to do infrastructure cyberdamage, as it demonstrated in 2015 and last summer in the Ukraine when, in each case, hundreds of thousands of people and entities were cut off from electricity. Intriguingly, in 2014, Russian hackers infiltrated the website of Ukraine’s central election committee and rigged it to show the wrong winner of the election, confusing the public and sowing distrust of the media.
The sanctions also address Russia’s role in 2017’s “NotPetya” cyberattack, a massively destructive global malware effort that first appeared to be ransomware — a means of financial extortion — but was later determined to have been an effort sow mass chaos in Europe, Asia and the U.S. by disrupting airports, banks and industrial targets. “The Russian military,” the State Department stated bluntly, “was also directly responsible for the NotPetya cyber-attack.”
Cyberwarfare is part of the modern world. Our own country partnered with Israel to create the Stuxnet program and undermine Iran’s then-raging nuclear program. More recently, before the signing of the Iran nuclear accord in 2015, the U.S. bored deeply into Iran’s infrastructure, placing digital “implants” in systems that would enable it to bring down power grids, command-and-control systems and other infrastructure in case a conflict broke out. That operation was code-named “Nitro Zeus,” and its revelation made clear that getting into the critical infrastructure of adversaries is now a standard element of preparing for possible conflict.
But Iran was and remains a threat to its neighbors and to Israel. The U.S. poses no threat to Russia, and does not deserve to be treated like an enemy.
Russian President Vladimir V. Putin was re-elected yesterday to a new 6-year term. He is a strong leader and a clear majority of Russian citizens want him to remain at the helm of their country.
With strength, though, must come responsibility, and we must hope that the new sanctions will aid in convincing the Russian government to fully absorb that fact.