This is probably not the last step the White House will take before its occupants change next month. And these are the implications for US-Russia relations
In what appears to be the first of the Obama Administration’s formal moves against Russia’s alleged interference in the 2016 elections, the outgoing president has amended Executive Order 13694, which sanctions several named Russian nationals, agencies, and companies for reported interference against US computer systems governing critical infrastructure and government communications.
Alongside this, a report titled “Grizzly Steppe” from the FBI and Department of Homeland Security outlines how two hacking groups backed by the Russian intelligence community, APT28 and APT29, used spearphishing to enter the email accounts of top US officials, and then in the case of APT28 allegedly leaked the data.
The report does not name names here, but it clearly refers – among other things – to the DNC leaks, at least with respect to APT28. These cyber attacks, while expertly carried out under the radar, were also indicative of poor cyber security practices within the DNC, and not simply effective tradecraft that couldn’t have been countered in time because it was not foreseen. (Though it was.)
The report makes no mention of allegations about hacks against the voting process itself, or disinformation campaigns, though the conclusion that APT28 leaked material in the public domain is obviously meant as a dig at WikiLeaks, which denies it knowingly received anything from the group.
The lack of formal attribution and more concise details reflects both a reluctance to disclose too much about how the report was compiled (sources and methods), and the fact that whatever review is being undertaken is not complete, so what is available is being released without more analysis.
I.e. It’s not all connected data, not all related to the election, & a mix of campaigns that likely should not have been mixed in together.
— Robert M. Lee (@RobertMLee) December 29, 2016
Wide-ranging implications for US-Russia relations
The fact that the entire Russian Main Intelligence Directorate (GRU) and Federal Security Service (FSB) have been listed on the sanctions has more far-reaching applications than just cyber security, though.
This would affect these security services’ international supply chains with contractors, and their overall place with the Russian economy. Under such sanctions, it would not be possible for companies to legally do business with these entities without risking American ire. For example, had Hacking Team, an Italian surveillance technology company, kept up its relationship with the FSB it would now run up against this issue since it’s done business in the US, too.
And given that the Russian equivalents of the NSA’s National Centers of Academic Excellence are under FSB oversight, this could have implications for international academic collaboration in the scholarly fields of telecommunications, cryptography, and mathematics. US and Russian scholars have to consider where and how the sanctions impact conferences and joint work.
The move also complicates, at least on paper, any formal contacts that US nationals, including spies, would pursue with their counterparts in the GRU and FSB, though not Russia’s Foreign Intelligence Service (SVR). This would not just be apparent in cyber security, but on other issues like counterterrorism.
President-elect Trump’s response unclear
The Obama Administration has also declared 35 Russian nationals here in the US to be persona non grata and given then 72 hours to leave. This is a fairly common practice, and follows the mass expulsions of other Russian nationals from foreign missions among NATO members recently. (It is is further shutting down two Russian-owned compounds in the US, both country retreats for the Russian diplomatic corps.)
The US insists the expulsions are related to harassment of US officials in Russia, which is basically cover for the real, unstated purpose: Most countries keep excess diplomatic staff spots open abroad not to back up their consular services, but to serve as cover for espionage.
When an operation is exposed, or bilateral relations deteriorate enough, a number of these individuals are then told to leave so as to curtail their operations.
Russia has promised a response in kind, which, again, is usually the case when countries expel members of diplomatic missions known or assumed to be spies working undercover.
Both nations, though, will insist the expulsions are unrelated, so as to avoid a further dust-up. And Russia, which hopes for something of a reset under the incoming Trump Administration, will not want to push too hard, especially as its official line is that it is guilty of nothing. Going overboard would not only suggest something to hide, but make it harder to do business with the new White House in 2017, especially given how much more intransigent Congress is being on the subject than the President-elect and his team:
— Eric Geller (@ericgeller) December 29, 2016