You are here

As Obama Plans Retaliation Against "Russian Hacking", A Problem Emerges

In a fiery press conference on Friday, shortly before departing for his last Hawaiian vacation, president Obama accused the press of being responsible for Hillary Clinton's loss, slammed "domestic propagandists" who he said were responsible for the risk of "fake news" and assisting foreign counter-US propaganda, but more importantly Obama vowed to “send a clear message to Russia” in retaliation for its election hacking - of which the CIA still has to demonstrate evidence - as both a punishment and a deterrent. However, a problem has emerged as the outgoing president plans how to "punish or deter" Russia - according to the NYT, some of the options were rejected as ineffective, others as too risky.

If the choices had been better, one of the aides involved in the debate noted recently, the president would have acted by now, although the fact that he hasn't demonstrates just how ineffective US counter-cyberwar planning has been despite spending billions of dollars in preparation for just this eventuality.

In its latest expose on US-Russian cyberrelations, the NYT writes that over the past four months, American intelligence agencies and aides to Obama had assembled a menu of options to respond to Russia’s hacking during the election, ranging from the obvious — exposing President Vladimir V. Putin’s financial ties to oligarchs, and something which has already been done on various occasions in the past — to the innovative, including manipulating the computer code that Russia uses in designing its cyberweapons.

Obama has refused to effect any of the options, however, because, as the NYT adds, "in his last weeks in office, that Situation Room debate has confronted a naturally cautious president with a complex calculus that President-elect Donald J. Trump will soon inherit: how to use the world’s most powerful cyberarsenal at a moment when the United States, as the election showed, remains highly vulnerable."

The underlying concern is that, in a time when cyberwarfare is the modern equivalent of the "nuclear arms race" (even as the old, familiar "nuclear" cold war has been quietly reignited in Europe between Russia and NATO), all the legacy "game theory" caveats have emerged, including "tit-for-tat" escalation, and - in the most extreme - mutual assured destruction.  David H. Petraeus, the former CIA director captured much of that sentiment on Friday, at a conference here sponsored by Harvard’s Belfer Center for Science and International Affairs: “Is there something we can do to them, that they would see, they would realize 98 percent that we did it, but that wouldn’t be so obvious that they would then have to respond for their own honor? The question is how subtle do you want it, how damaging do you want it, how do you try to end it here rather than just ratchet it up?"

It is, according to the NYT, this fear of retaliation to various escalating response that has paralyzed Obama from moving forward. Furthermore, the options provided to the US president appear to be insufficient for the task at stake.

On one hand, the idea of exposing Putin’s links to oligarchs was set aside after some aides argued that it "would not come as a shock to Russians." Still, there are proposals to cut off leaders in Putin’s inner circle from their hidden bank accounts in Europe and Asia. There is an option to use sanctions under a year-old executive order to ban international travel for senior officials in the G.R.U., the Russian military intelligence unit that American spy agencies say stole emails from the Democratic National Committee and Hillary Clinton’s campaign chairman, then doled them out to WikiLeaks, betting that media outlets eager for insider details would amplify them, doing the Kremlin’s work for it.

There have been other options proposed by the NSA and its military cousin, the United States Cyber Command, which is responsible for computer-network warfare, though many have been rejected by the Pentagon.

Those plans could deploy the world-class arsenal of cyberweapons assembled at a cost of billions of dollars during Mr. Obama’s tenure to expose or neutralize some of the hacking tools favored by Russia’s spies — the digital equivalent of a pre-emptive strike. But the selection of targets by Americans and the accuracy of that retaliation could also expose software “implants” that the United States has patiently inserted and nurtured in Russian networks, in case of future cyberconflicts.

However, using the extreme approach presents a new host of challenges: the revelation in August about some of the N.S.A.’s own tools for breaking into foreign computer networks has raised the possibility that the Russians are already inside American networks and are sending a warning that they can respond in kind.

Which leads to the troubling conclusion that, when it comes to retaliating against the Kremlin, Obama is stuck.

"All of this has led Mr. Obama to ask how the Russians might escalate the confrontation, and whether the United States in the end may have more to lose than Russia. “He doesn’t have great options,” said Michael D. McFaul, formerly one of Mr. Obama’s top national security aides and then his ambassador to Moscow."

Which, according to the NYT, means that the president has reached two conclusions:

The only thing worse than not using a weapon is using it ineffectively. And if he does choose to retaliate, he has insisted on maintaining what is known as “escalation dominance,” the ability to ensure you can end a conflict on your terms.

 

Mr. Obama hinted as much at his news conference on Friday, as he was set to leave for his annual Hawaii vacation, his last as president.

 

“Our goal continues to be to send a clear message to Russia or others not to do this to us because we can do stuff to you,” he said. “But it is also important to us to do that in a thoughtful, methodical way. Some of it, we will do publicly. Some of it we will do in a way that they know, but not everybody will.”

Continuing to justify Obama's paralysis, the paper of record adds that the president "rejected calls for a big, symbolic show of power, dismissing the idea that if the United States “thumped our chests about a bunch of stuff, that somehow that would potentially spook the Russians.” The goal, Mr. Obama said, was to come up with a response “that increases costs for them for behavior like this in the future but does not create problems for us.”

In other words, the damage has already been done, so there is little point in escalating it further, however - the thinking in the administration goes - the US hopes to "teach the Kremlin a lesson" and prevent it from interfering again in the future. That is, assuming of course, that it was Russian authorities that interfered in the first place, something they vehemently deny, and an allegation the CIA has failed to convince the general public by not presenting credible, conclusive evidence so far that it was indeed Putin directly orchestrating it (as the WaPo claimed). Indeed, many allusions to the fake allegation of Iraq's Weapons of Mass Destruction have emerged in response to the latest CIA accusations, suggesting that the public refuses to be swayed purely on the basis of emotion appeals to "listen to experts and sources."

* * *

Meanwhile, and perhaps most ironically, it is the NYT itself that admits that there is not much new in tampering with elections, except for the technical sophistication of the tools, and further writes that "for all the outrage voiced by Democrats and Republicans in the past week about the Russian action... it is worth remembering that trying to manipulate elections is a well-honed American art form," something we noted last week in "The CIA Is Accusing Russia Of Doing Exactly What The CIA Does."

In short, America is furious that someone has allegedly finally done something to it that it, itself, has been doing to others for decades. Some examples:

The C.I.A. got its start trying to influence the outcome of Italy’s elections in 1948, as the author Tim Weiner documented in his book “Legacy of Ashes,” in an effort to keep Communists from taking power. Five years later, the C.I.A. engineered a coup against Mohammad Mossadegh, Iran’s democratically elected leader, when the United States and Britain installed the Shah.

 

“The military coup that overthrew Mosaddeq and his National Front cabinet was carried out under CIA direction as an act of U.S. foreign policy, conceived and approved at the highest levels of government,” the agency concluded in one of its own reports, declassified around the 60th anniversary of those events, which were engineered in large part by Kermit Roosevelt Jr., a grandson of President Theodore Roosevelt.

 

There were similar interferences over the years in Guatemala, Chile and even in Japan, hailed as a model of post-World War II democracy, where the Liberal Democratic Party owes its early grip on power in the 1950s and 1960s to millions of dollars in covert C.I.A. support.

The only differences this year are that the effort was directed at the United States, and that it was cyberenabled, giving Moscow a tool to amplify its efforts through the echo chamber of social media and news organizations that quoted from the leaked emails.

The bottom line, embarrassing as it may be, is that "over the past few months, an administration that prided itself on its work on cyberoffense and cyberdefense has learned a hard lesson: When it came to the 2016 election, an economically failing Russia, dismissed by Mr. Obama on Friday for its inability to grow or to innovate, exploited giant holes in the American system."

Even more embarrassing, is how the Democratic Party, and John Podesta, confident in their security, allowed themselves to be hacked, whether by the Russiansor some hacker operating in New Jersey.

As a detailed account in The New York Times last Wednesday revealed, the D.N.C. had virtually no protections for its electronic systems, and Mrs. Clinton’s campaign chairman, John D. Podesta, had failed to sign up for the “two-factor authentication” on his Gmail account. Doing so probably would have foiled what Mr. Obama called a fairly primitive attack.

Then there the delays within the chain of command:

Mr. Obama conceded that he first heard about the attack on the Democratic National Committee “early last summer,” or nine months after the F.B.I. first alerted low-level D.N.C. officials about what had happened. That now appears to be critical lost time.

 

If Mr. Obama had confronted the Russians immediately, in public or in the kind of private warning he said he delivered to Mr. Putin only three months ago during a meeting in China, the United States might have derailed the hacking campaign before it harvested and revealed thousands of emails.

Obama's failure and reticence has sparked anger within his own rank and file, further putting pressure on the president to act lest he appears weak.

Obama’s comments on Friday have led Democrats to demand further action. Representative Adam B. Schiff of California, the ranking Democrat on the House Intelligence Committee, said the response should mix “additional economic sanctions along with our allies, and clandestine means of exacting a cost on the Russians for their flagrant meddling in our election.” “I have little confidence,” he continued, “that the incoming president will take the actions necessary to make the Russians pay any price for the most consequential ‘active measures’ campaign against us in history.”

Others, like republican neocon John, accused Obama of having "no strategy and no policy" of how to deal with the Russian hacking.

 

So what happens now? The biggest question facing Obama, the NYT concludes, is how public a retaliation to execute (if any, of course).

In his press conference, Obama laid out a case on Friday for acting with subtlety, so as not to start a tit-for-tat conflict. But as Joseph Nye, a strategist on so-called soft power, noted on Friday, “The reason to make some of this public is not just to deter the Russians, it is to deter others as well,” in future elections. It is possible, said Mr. McFaul, the former ambassador to Russia, that Mr. Obama’s most lasting contribution may be to get the details of the Russian hack declassified and to publish a report he has instructed the intelligence community to assemble before he leaves office.

“Given that Obama only has a few more weeks in office, I think he needs to focus his remaining time on attribution — that is declassification of intelligence so that there is no ambiguity about the Russian actions,” Mr. McFaul said. That “is completely within his powers,” he added, and would spur more congressional investigations regardless of the stance taken by Mr. Trump on the hack.

In the end, however, the simplest solution may also be the correct one: the US has so far not retaliated (and will not retaliate) against Russia, because despite the constant populist pandering and the jawboning, it was never the Russian government that was responsible for the attack (something a Spiegel report from Saturday hinted at), something which the US government would be aware of - despite the media onslaught to deflect attention to Russia as the cause for Hillary's loss.

If this is indeed the case, the consequence of launching a cyberwar with Russia, one which Moscow did not start, would be constant escalation leading to adverse consequences for both countries, much more "dirty laundry" emerging a la the Podesta emails, complicated by its timing. A cyberwar would come at a time of a historic shift within the US administration, one in which a regime that has doggedly tried to suppress Putin and waged a long-running PR campaign against the Kremlin, will soon be replaced with a Trump administration whose stated foreign intentions are to restore friendly relations with the Kremlin.

Ultimately, despite all the bluster and posturing, Obama will most likely do nothing.