As Trump remains silent, revenge for the hack may fall on Python

WASHINGTON (AP) – All fingers point to Russia as evidence of the worst hack of US government agencies. But President Donald Trump, who has long been wary of blaming Moscow for cyber attacks, has so far remained silent.

The absence of any statement seeking to hold Russia accountable raises doubts about the possibility of a speedy response and any retaliation – whether through sanctions, criminal charges or cyber activities – will be left in the hands of the incoming administration of President-elect Joe Biden.

“I can only imagine what the incoming administration would like the menu to be, and then I’m going to choose,” said Sarah Mendelssohn, professor of public policy at Carnegie Mellon University and former U.S. ambassador to the UN Economic and Social Council. “Is there a graduated attack? Is there an all-out attack? How much do you want to do outside the gate? ”

Of course, it is not uncommon for administrations to avoid accusing the public of hacks until they have sufficient evidence. Here, U.S. officials were recently aware of catastrophic violations in several government agencies, in which foreign intelligence agents were rooted undetected for up to nine months. But Trump’s response, or lack thereof, has been meticulously noted for his interest in a futile attempt to overturn last month’s election results and his refusal to publicly acknowledge the involvement of Russian hackers in the 2016 presidential election in his favor.

It is unclear what action Biden could take, or how his response could be shaped by criticism that the Obama administration has not acted aggressively enough to prevent it from intervening in 2016. In a statement on Thursday he provided clues that his administration would be active in preventing cyber attacks and impose costs on any of the enemies behind them.

US government reports do not yet mention Russia. When asked about Russia’s involvement in a radio interview on Monday, Secretary of State Mike Pompeo acknowledged that Russia was constantly trying to infiltrate US servers, but quickly gave way to threats from China and North Korea.

Democrats Dick Durbin and Richard Blumenthal, who explained Tuesday about the hacking campaign at a classified Armed Services Group session, were unquestionably blaming Russia.

There are other indications in the administration for clearly identifying the severity of the attack, which occurred after elite cyber spies injected malicious code into the software of a company providing network services. The Public Internet Security Agency warned in a consultation on Thursday that the hack posed a “major threat” to both public and private networks.

One response may begin with the public declaration that Russia is believed to be responsible, which is already a widely shared assessment in the US government and the cyber security community. Such statements are often not immediate. It has been a few weeks since the Obama administration’s finger-pointing of North Korea at the Sony Pictures Entertainment hack in 2014, when National Intelligence Director James Clapper confirmed China as a “leading suspect” in the hacking of the Personnel Management Office. .

Public naming and embarrassment has always been a part of the playbook. Trump’s former Homeland Security adviser, Thomas Fossert, wrote in a New York Times poll this week that “the United States and its allies must publicly and systematically claim responsibility for these hacks.” Republican Sen. In a SiriusXM radio interview with Mitt Romney, the White House did not say it was “unusual.”

Another possibility is a federal indictment, which investigators believe could gather enough evidence to identify individual hackers. Such cases are laborious and often take many years, and although they have slim chances in courtroom cases, the judiciary considers them to have powerful preventive effects.

Obstacles, the punishment that is respected over time, may bite more and more, and it will certainly weigh on Pita. President Barack Obama expelled Russian diplomats in connection with the 2016 election intervention, and the Trump administration and Western allies have taken similar action against Moscow for allegedly poisoning a former intelligence official in Britain.

Exposing the Kremlin to corruption could lead to even stronger retaliation, including how Russian President Vladimir Putin obtains and hides his wealth.

Former Ambassador Mendelssohn said: “This is not about typing once or hacking back into their systems.” It says, ‘We’re going to go over the things you really care about, what you really care about is saving money, and revealing the big network, how it is connected to the Kremlin. ‘”

The United States can retaliate in cyberspace, the easiest way, thanks to the Trump administration’s approval of some of the measures already in place.

Former National Security Adviser John Bolten told reporters at the 2018 conference that offensive cyber activities against foreign rivals would now be part of the U.S. arsenal, and that the US response would no longer be primarily defensive.

Jason Healy, a cyberconfig scholar at Columbia University, says: “We can completely melt their home networks. “At any moment we see their operators progressing and they know we are going to follow them wherever they are.”

U.S. Cyber ​​Command has taken more proactive steps, describing what officials call “forward hunting” activities that allow cyber threats in other countries to be detected before they reach the desired target. For example, in the weeks leading up to the US presidential election, military cyber militants engaged in a joint operation with Estonia aimed at identifying and protecting Russia’s threats.

The United States is abundant in its offensive Internet intelligence collection – tapping the phones of friendly foreign leaders and inserting spyware into business routers, for example – such efforts measure up to 18,000 public and private sector organizations infected with solar winds hack, Healy said.

The best answer – since spying is not a crime – is to triple defensive cyber security, Healy said.

David Simon, a cybersecurity expert and former defense adviser, said there should be consequences for those responsible for the attacks – and that the Trump administration was “far less accountable to the Kremlin.”

“There is unlikely to be a material change in the Kremlin’s behavior,” he said in an email.