White House Takes Action Against Russia Over Election Cyberattacks
President Barack Obama took action Thursday against Russia for its involvement in hacks and cyberattacks against the IT systems at the Democratic National Committee and other U.S. institutions aimed at affecting the outcome of the 2016 presidential election. Some in Congress are seeking a formal investigation over Russia’s election-related hacks, including calls for both the House and Senate to create select committees with consolidated jurisdiction over a range of cybersecurity policy issues (see 1612190061 and 1612200044).
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Obama amended his April 2015 cybersecurity executive order to allow the Treasury Department to impose sanctions on individuals and entities “responsible for tampering, altering, or causing the misappropriation of information with the purpose or effect of interfering with or undermining election processes or institutions.” Those sanctions are targeted against the Russian intelligence agencies FSB and GRU, four GRU officials and Russian companies that work with GRU, the White House said, referring to Russia's Federal Security Service and its Main Intelligence Directorate. The original April 2015 executive order authorized the attorney general and secretaries of State and Treasury to impose sanctions on foreign-based individuals and entities that launch malicious cyberattacks against U.S.-based entities’ networks (see 1504010057).
The Department of Homeland Security and FBI declassified technical information on Russian-led cyberattacks to help U.S. networks protect themselves from Russia’s “global campaign of malicious cyber activities,” the White House said. Those activities also included cyberattacks against U.S. critical infrastructure entities and harassment of U.S. diplomats in Russia, senior administration officials said during a conference call with reporters. The DHS-FBI “Grizzly Steppe” joint analysis report includes the IP addresses and other technical indicators associated with Russian government entities have used to engage in cyberattacks against U.S. interests, a DHS official told reporters. DHS also released samples of Russia-originated malware to U.S. cybersecurity firms, the official said.
The White House-led actions announced Thursday “are not the sum total of our response to Russia’s aggressive activities,” Obama said in a statement. “We will continue to take a variety of actions at a time and place of our choosing, some of which will not be publicized.” Administration officials alluded Thursday to the possibility of unpublicized cyber actions against Russia but didn’t provide details. The White House also plans to release additional information on Russia’s cyber activities against the U.S. in a forthcoming report. Administration officials acknowledged Thursday that many of the White House’s actions could be undone by President-elect Donald Trump's incoming administration, though one official told reporters reversal of those actions “would be inadvisable” due to Russia’s malicious intent.
Russia regrets the U.S. sanctions and may consider a retaliatory response, a spokesman for Russian President Vladimir Putin said in a statement. A senior White House official told reporters the actions “should come as no surprise to the Russian government” given the White House’s public statements and a personal warning Obama delivered to Putin promising a response to the cyber incidents. “We’ve been very clear about our intent here,” the official said.
The White House’s actions were likely “overdue” given the seriousness of the attacks Russia engaged in, though it’s a stretch to label them as a “cyber Pearl Harbor,” said Venable cybersecurity and telecom lawyer Jamie Barnett in an interview. The Obama administration may have felt the need to “clearly make their case” on Russia’s involvement in the hacks before Obama leaves office Jan. 20, particularly since publication of the information in the DHS-FBI report makes it more difficult for the incoming Trump administration to subsequently roll back the White House’s actions, Barnett said. The actions could increase the pressure on Congress to launch a formal investigation of Russia’s cyber activities, particularly if Russia does choose to retaliate, Barnett said.