These Recent Hacks Look Really Bad. How Should America Respond?

Politicians and cybersecurity experts weigh the options.

Andrew Brookes/Image Source via ZUMA Press

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.

In the wake of a massive, potentially catastrophic hack that is reportedly affecting numerous federal agencies and large US corporations (the scope of the intrusion is not yet fully known), a growing number of government officials, including President-Elect Joe Biden, are calling for an aggressive response. 

But what that should be is up for debate. Experts in the information security field are characterizing the deep penetration of important computer networks as acts of espionageearly signs point to Russia—but some politicians are casting the hacks in much starker terms. Sen. Dick Durbin (D-Ill.) called it “virtually a declaration of war by Russia.” Sen. Marco Rubio (R-Fla.), interim chair of the Senate Intelligence Committee, urged patience with attribution but, “America must retaliate, and not just with sanctions.” Biden said his administration would “elevate cybersecurity as an imperative,” and added that “a good defense is not enough; we need to disrupt and deter our adversaries,” and let potential attackers know that “I will not stand idly by in the face of cyber assaults on our nation.”

President Donald Trump has not said a word about the hack publicly, but his press secretary, Kayleigh McEnany, insisted the government was “taking all necessary steps to identify and remedy any possible issues related to the situation.”

It’s not as though the federal government has entirely sat on its hands, says Javed Ali, a University of Michigan professor focused on national security and cybersecurity policy. In the wake of Russia’s 2016 election meddling, Congress imposed sanctions and President Barack Obama’s administration expelled Russian “diplomats” suspected of intelligence activities. The US government has also grown more aggressive in conducting its own cyber operations and naming and indicting foreign hackers—as Special Counsel Robert Mueller did with certain Russian military hackers and the Justice Department did more recently, accusing Chinese military hackers of conducting operations related to COVID-19 research. Ali told me that if the hacks can be tied back to Moscow, they are just the latest in a string of significant and aggressive cyber operations perpetrated by elements of the Russian government against local, state, and federal governments and corporate entities. “We clearly have not imposed the right level of costs,” says Ali, who previously served at the Department of Homeland Security, the FBI, and the National Security Council.

Shortly after the November elections, the New York Times reported on the apparent success of American policy that relied on “persistent engagement” and “defend forward” tactics to stay ahead of foreign adversaries. In a recent piece, however, the Times pointed out that the “tens of billions” the US spent on its cyber capabilities was not sufficient to thwart “among the greatest intelligence failures of modern times.”

“We did a victory lap after the election,” Ali says. “Putin must have been laughing … the whole time. He’s like ‘You guys have no idea what we’re really doing to you.’”

The FBI, the Cybersecurity Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence issued a joint statement Wednesday acknowledging “a significant and ongoing cybersecurity campaign” dating back to March 2020 that has affected multiple federal agency networks. The announcement came a little more than a week after FireEye, a major cybersecurity firm, revealed it had been the victim of a hack, and that the tools it used to investigate cyber activities were stolen. Subsequent reports suggest that Homeland Security, Energy, and Treasury were among the departments compromised, along with local governments in Texas and Arizona. 

The hackers, whoever they are, implanted malware into an update for a product supplied by the IT services company SolarWinds that’s used by many government and private-sector organizations. The malware appears to have been downloaded and installed by more than 17,000 customers. Officials don’t know, or have yet to reveal, exactly what the malware allowed the attacker to do—whether it was used simply to access information, or rather to establish a foothold for more serious future activity, such as the modification or deletion of important data, or destruction of infrastructure.

Brad Smith, the president of Microsoft, wrote in a blog post Thursday that the activity represents “a broad and successful espionage-based assault on both the confidential information of the US Government and the tech tools used by firms to protect them.”

In an op-ed this week, Alex Stamos, the former chief information security officer for Yahoo and Facebook, and now director of the Stanford Internet Observatory, wrote that, beyond retaliation, the US government needs to up its own cyber game. He suggests the creation of a new government division to track attacks, investigate incidents, and issue recommendations. Stamos also called for stronger laws to force government agencies or private corporations to publicly disclose breaches that now fly under the radar, a strengthening of CISA’s abilities to defend public and private networks, and the appointment to key government roles of people with actual experience defending computer networks from attacks.

Security experts agree the feds need to get better at defense. Less clear is how the government should retaliate to these latest attacks. No option is perfect, Ali says. These hacks seem to be “a dramatic escalation,” so the question is how aggressive the response should be, and whether it should be made public.

“Proportional response, whatever that is, loses some of its value if people don’t know that something has happened,” he says. “Even if you’re able to conduct the operation and achieve the effects that you want, are we then willing to publicly acknowledge them and then incur the consequences?”

WE'LL BE BLUNT

It is astonishingly hard keeping a newsroom afloat these days, and we need to raise $253,000 in online donations quickly, by October 7.

The short of it: Last year, we had to cut $1 million from our budget so we could have any chance of breaking even by the time our fiscal year ended in June. And despite a huge rally from so many of you leading up to the deadline, we still came up a bit short on the whole. We can’t let that happen again. We have no wiggle room to begin with, and now we have a hole to dig out of.

Readers also told us to just give it to you straight when we need to ask for your support, and seeing how matter-of-factly explaining our inner workings, our challenges and finances, can bring more of you in has been a real silver lining. So our online membership lead, Brian, lays it all out for you in his personal, insider account (that literally puts his skin in the game!) of how urgent things are right now.

The upshot: Being able to rally $253,000 in donations over these next few weeks is vitally important simply because it is the number that keeps us right on track, helping make sure we don't end up with a bigger gap than can be filled again, helping us avoid any significant (and knowable) cash-flow crunches for now. We used to be more nonchalant about coming up short this time of year, thinking we can make it by the time June rolls around. Not anymore.

Because the in-depth journalism on underreported beats and unique perspectives on the daily news you turn to Mother Jones for is only possible because readers fund us. Corporations and powerful people with deep pockets will never sustain the type of journalism we exist to do. The only investors who won’t let independent, investigative journalism down are the people who actually care about its future—you.

And we need readers to show up for us big time—again.

Getting just 10 percent of the people who care enough about our work to be reading this blurb to part with a few bucks would be utterly transformative for us, and that's very much what we need to keep charging hard in this financially uncertain, high-stakes year.

If you can right now, please support the journalism you get from Mother Jones with a donation at whatever amount works for you. And please do it now, before you move on to whatever you're about to do next and think maybe you'll get to it later, because every gift matters and we really need to see a strong response if we're going to raise the $253,000 we need in less than three weeks.

payment methods

WE'LL BE BLUNT

It is astonishingly hard keeping a newsroom afloat these days, and we need to raise $253,000 in online donations quickly, by October 7.

The short of it: Last year, we had to cut $1 million from our budget so we could have any chance of breaking even by the time our fiscal year ended in June. And despite a huge rally from so many of you leading up to the deadline, we still came up a bit short on the whole. We can’t let that happen again. We have no wiggle room to begin with, and now we have a hole to dig out of.

Readers also told us to just give it to you straight when we need to ask for your support, and seeing how matter-of-factly explaining our inner workings, our challenges and finances, can bring more of you in has been a real silver lining. So our online membership lead, Brian, lays it all out for you in his personal, insider account (that literally puts his skin in the game!) of how urgent things are right now.

The upshot: Being able to rally $253,000 in donations over these next few weeks is vitally important simply because it is the number that keeps us right on track, helping make sure we don't end up with a bigger gap than can be filled again, helping us avoid any significant (and knowable) cash-flow crunches for now. We used to be more nonchalant about coming up short this time of year, thinking we can make it by the time June rolls around. Not anymore.

Because the in-depth journalism on underreported beats and unique perspectives on the daily news you turn to Mother Jones for is only possible because readers fund us. Corporations and powerful people with deep pockets will never sustain the type of journalism we exist to do. The only investors who won’t let independent, investigative journalism down are the people who actually care about its future—you.

And we need readers to show up for us big time—again.

Getting just 10 percent of the people who care enough about our work to be reading this blurb to part with a few bucks would be utterly transformative for us, and that's very much what we need to keep charging hard in this financially uncertain, high-stakes year.

If you can right now, please support the journalism you get from Mother Jones with a donation at whatever amount works for you. And please do it now, before you move on to whatever you're about to do next and think maybe you'll get to it later, because every gift matters and we really need to see a strong response if we're going to raise the $253,000 we need in less than three weeks.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate