20 July 2018

Russia proved it is the greatest threat to our democracy

BY EILEEN M. DECKER

Special counsel Robert Mueller’s indictment of a dozen Russians is a staggering account of how Russian spies used modern cyber-crime techniques in a full-scale attack on American democracy. It should be required reading for every American. But what the indictment reveals about modern-day cyber espionage and the vulnerabilities of our electoral system is not the only reason it should be on all of our reading lists. Above all, Mueller’s indictment is a clear and compelling statement of the fundamentally dire cybersecurity threat we face as a nation. The very security of our country is at stake. This is the truth at the heart of Mueller’s indictment: It is in the interest of every American — regardless of party affiliation — to take this warning to heart.

The urgency of this warning only grows when we consider that it is not the first time we have been made aware of this threat. In fact, the indictment is one more chapter in a long narrative of American cyber-vulnerability.

In 2012, then-Defense Secretary Leon E. Panetta warned that the United States was facing the possibility of a “cyber-Pearl Harbor” because we were increasingly vulnerable to foreign hackers. He did not mince words in describing the threat: “We are facing the threat of a new arena in warfare that could be every bit as destructive as 9/11…” He named Russia, China and Iran as our three main cyber adversaries.

A year later, in 2013, James R. Clapper, Jr., then our nation’s director of National Intelligence, warned Congress that we faced the threat of a major cyber attack. He suggested that this threat posed the most dangerous immediate threat to the United States, even more pressing than an attack by global terrorist networks. He continued his warnings throughout his tenure, and in 2015 he testified to the Senate Armed Services Committee that: “Cyber threats to the U.S. national and economic security are increasing in frequency, scale, sophistication and severity of impact. The ranges of cyber threat actors, methods of attack, targeted systems and victims are also expanding,”

The 2017 change in administrations did not alter the cyber threat assessment. The National Threat Assessment released earlier this year by Dan Coats, our current director of National Intelligence, described the cyber threat as growing and “that some adversaries will conduct cyber attacks . . . against the United States in a crisis short of war.” The report describes Russia, China, Iran and North Korea as the main state actors who “are using cyber operations as a low-cost tool of statecraft, and we assess that they will work to use cyber operations to achieve strategic objectives unless they face clear repercussions for their cyber operations.”

Coats expanded on his warnings on Friday, the same day the indictment against 12 Russians was returned by a grand jury in the District of Colombia. Coats described the cyber threat as being at a “critical point.”

“The warning signs are there. The system is blinking”, referring to the pre-9/11 assessment that the system was blinking red. Coats added: “And here we are nearly two decades later, and I’m here to say, the warning lights are blinking red again.” He called Russia the “most aggressive foreign actor, no question. And they continue their efforts to undermine our democracy.” Coats’ statement was consistent with his earlier congressional testimony that the United States is under attack, and that Russia is seeking to “degrade our democratic values and weaken our alliances.”

His warnings are supported by the facts alleged in the indictment. The purpose of the Russian hacking conspiracy is succinctly and chillingly described on page 6 of the indictment, in that the Russians sought to “hack into the computers of U.S. persons and entities involved in the 2016 presidential election, steal documents from those computers, and stage releases of the stolen documents to interfere with the 2016 U.S. presidential election.”

In working toward this goal, the Russian cyber-spies deployed techniques that range from the simple to the complex, including: 
the use of a network of global servers and spoofed email addresses 
the monitoring of keyboard keystrokes 
the use of cryptocurrency to conceal purchases 
the development of custom malware and spearphishing 

As with many successful cyber intrusions, the Russians also used social engineering techniques that convinced email recipients to unwittingly open corrupted email attachments, and reveal confidential information such as passwords. The Russian operators also attempted to meticulously cover their tracks by erasing their cyber footprints, and demonstrated patience by waiting inside computers for months to get the information they sought.

Together Mueller’s indictment and the work of our national security agencies paint the picture of a multi-faceted, comprehensive threat that extends beyond attacks on our elections. Russia is a committed foe that has not just meddled in our elections, but has also attacked the electoral systems of allies such as Germany, France and Ukraine. They and other adverse countries have targeted key national institutions, including the White House, the State Department, the Joint Chiefs of Staff, and the Office of Personnel Management.

American political, economic and technical systems have been attacked. Our infrastructure remains, by all accounts, highly vulnerable. Our allies have been attacked. If there was ever a time to unite the nation’s government and its citizens, it is now.

If there is a silver lining in this case, it is that the prosecutors and the law enforcement investigators assigned to the case are among the best and brightest the Department of Justice has to offer. With their trademark doggedness and precision, they have painstakingly pieced together a complex conspiracy of actions committed by overseas actors. Having been involved in investigations and prosecutions involving overseas actors, I know these are among the most complex and challenging crimes to investigate. But the fact we can effectively investigate these crimes after the fact and identify the malicious actors is only the first step in safeguarding our national security.

We must also be able to successfully prevent these attacks before they happen, and thwart the bad actors before they cause harm to our infrastructure, industries, financial systems and our democracy. We need to look forward, and build our security systems to be the best in the world. We know we are, and have proven to be, vulnerable. We now must send a clear message, that we as Americans will not stand for these attacks, and that we will work together to prevent anyone from attacking the very foundations of our democracy and our free society.

Eileen M. Decker is the former United States attorney for the Central District of California. She is also the former deputy mayor for Homeland Security & Public Safety for the City of Los Angeles. She currently teaches Cybersecurity and Homeland Security at USC and UCLA Law Schools.

No comments: