SEPT. 8, 2016 — Fifteen years after the Sept. 11, 2001, attacks on the United States, the day’s images remain vivid, and Americans are still vigilant about the threat of terrorism. But in the larger national security picture, there are other areas where U.S. vigilance is just as necessary. The most obvious example is our cyberspace cold war with Russia.
Last week, The Washington Post reported that U.S. intelligence and law enforcement authorities have determined that Russia has launched a broad covert operation to influence both the U.S. presidential election and perceptions about the trustworthiness of America’s leaders and institutions. While some of the recent high-profile hacks of U.S. institutions are murky, security experts believe, despite Kremlin denials, that the hack of the Democratic National Committee revealed in June was perpetrated by Moscow — not by the anti-secrecy group WikiLeaks, which released a trove of embarrassing DNC documents. It is not clear whether Vladimir Putin might be actively trying to promote the candidacy of Republican presidential nominee Donald Trump or just to sow chaos.
Writing in The Hill last month, cybersecurity expert Tomer Weingarten said it appeared that Moscow and Washington no longer were attempting to hide the fact that a de facto war is being waged online — by both sides. He likened Moscow’s recent aggressiveness to Soviet attempts to put nuclear missiles in Cuba in 1962 — an attempt to determine how far it could go in challenging Washington. This ominous appraisal was underscored last week at the G-20 summit in China, when President Obama said that he had warned Putin that the U.S. cyber arsenal has “more capacity than anybody, both offensively and defensively” and had told him to “act responsibly and start instituting norms.”
There is a real danger that this cold war could turn hot. Russia’s cyber harassment of former Soviet states dramatically escalated in December when hackers that the U.S. government believes were working for Moscow launched an attack with destructive malware on six Ukraine power providers that played havoc with the nation’s power grid. If Russia were held or found to be responsible for a similar attack in the United States, it is easy to see how matters could quickly escalate. It’s also easy to imagine a scenario in which it could be difficult to establish who was ultimately to blame.
A further complicating factor is that if the United States were hit with such an attack, it won’t necessarily be seen as holding the moral high ground. Beginning in 2008, U.S. and Israeli officials used what WIRED magazine called “the world’s first digital weapon” — the ultrasophisticated Stuxnet virus — to break Iranian centrifuges and hinder Tehran’s nuclear program. The U.S. also has a long history of trying to influence events and elections in other nations, and a more recent history of mass spying on friends and foes alike.
With WikiLeaks founder Julian Assange promising more leaks of secret Hilary Clinton documents next week, the remaining 61 days until the presidential election could see tensions ratchet up considerably between Washington and Moscow. This is a tricky, dangerous time. Americans need the Obama administration to rise to the occasion and to respond to Russian cyber provocations with both nuance and resolve — while also continuing to prevent the possibility of what then-Homeland Security czar Janet Napolitano dubbed in 2013 a “cyber 9/11.”