The New York Times ran a front page scoop in its Sunday paper that was clearly with the approval of the U.S. intelligence community which wanted to send a public message to Russia. U.S. Escalates Online Attacks on Russia’s Power Grid:
The United States is stepping up digital incursions into Russia’s electric power grid in a warning to President Vladimir V. Putin and a demonstration of how the Trump administration is using new authorities to deploy cybertools more aggressively, current and former government officials said.
In interviews over the past three months, the officials described the previously unreported deployment of American computer code inside Russia’s grid and other targets as a classified companion to more publicly discussed action directed at Moscow’s disinformation and hacking units around the 2018 midterm elections.
Advocates of the more aggressive strategy said it was long overdue, after years of public warnings from the Department of Homeland Security and the F.B.I. that Russia has inserted malware that could sabotage American power plants, oil and gas pipelines, or water supplies in any future conflict with the United States.
See, for example, Russia Hacked U.S. Power Grid — So What Will The Trump Administration Do About It? (NPR 3/23/2018); DHS and FBI Say Russia Hacked the U.S. Electric Grid (Electrical Contractor (April 2018); Russian Hackers Appear to Shift Focus to U.S. Power Grid (New York Times 7/27/2018); Russian Hackers Haven’t Stopped Probing The US Power Grid (Wired 11/28/2018).
But it also carries significant risk of escalating the daily digital Cold War between Washington and Moscow.
In fact, the New York Times reports today that the Kremlin Warns of Cyberwar After Report of U.S. Hacking Into Russian Power Grid in response to the Times’ reporting on Sunday. Message received:
The Kremlin warned on Monday that reported American hacking into Russia’s electric power grid could escalate into a cyberwar with the United States, but insisted that it was confident in the system’s ability to repel electronic attacks.
Remember, Russian hackers have already gained access to the U.S. power grid, and they have the capability to cause disruptions. Try to imagine Arizona’s power grid shutting down during our peak summer heat in June and July. Vulnerable individuals will die from the heat. Russia can engage in this kind of tit-for-tat cyber warfare.
Since at least 2012, current and former officials say, the United States has put reconnaissance probes into the control systems of the Russian electric grid.
But now the American strategy has shifted more toward offense, officials say, with the placement of potentially crippling malware inside the Russian system at a depth and with an aggressiveness that had never been tried before. It is intended partly as a warning, and partly to be poised to conduct cyberstrikes if a major conflict broke out between Washington and Moscow.
The commander of United States Cyber Command, Gen. Paul M. Nakasone, has been outspoken about the need to “defend forward” deep in an adversary’s networks to demonstrate that the United States will respond to the barrage of online attacks aimed at it.
“They don’t fear us,” he told the Senate a year ago during his confirmation hearings.
But finding ways to calibrate those responses so that they deter attacks without inciting a dangerous escalation has been the source of constant debate.
Mr. Trump issued new authorities to Cyber Command last summer, in a still-classified document known as National Security Presidential Memoranda 13, giving General Nakasone far more leeway to conduct offensive online operations without receiving presidential approval.
But the action inside the Russian electric grid appears to have been conducted under little-noticed new legal authorities, slipped into the military authorization bill passed by Congress last summer. The measure approved the routine conduct of “clandestine military activity” in cyberspace, to “deter, safeguard or defend against attacks or malicious cyberactivities against the United States.”
Under the law, those actions can now be authorized by the defense secretary without special presidential approval.
Excuuuse me? Cyber warfare is an act of war, and this cannot be delegated to the Secretary of Defense under our Constitution.
The critical question — impossible to know without access to the classified details of the operation — is how deep into the Russian grid the United States has bored. Only then will it be clear whether it would be possible to plunge Russia into darkness or cripple its military — a question that may not be answerable until the code is activated.
Both General Nakasone and Mr. Bolton, through spokesmen, declined to answer questions about the incursions into Russia’s grid. Officials at the National Security Council also declined to comment but said they had no national security concerns about the details of The New York Times’s reporting about the targeting of the Russian grid, perhaps an indication that some of the intrusions were intended to be noticed by the Russians.
Speaking on Tuesday at a conference sponsored by The Wall Street Journal, Mr. Bolton said: “We thought the response in cyberspace against electoral meddling was the highest priority last year, and so that’s what we focused on. But we’re now opening the aperture, broadening the areas we’re prepared to act in.”
He added, referring to nations targeted by American digital operations, “We will impose costs on you until you get the point.”
But wait … it get’s worse! Apparently Donald Trump has been “kept in the dark,” pun intended, by Cyber Command because the intelligence community considers him to be a national security risk, given his unnatural close relationship with Vladimir Putin of Russia.
Two administration officials said they believed Mr. Trump had not been briefed in any detail about the steps to place “implants” — software code that can be used for surveillance or attack — inside the Russian grid.
Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction — and the possibility that he might countermand it or discuss it with foreign officials, as he did in 2017 when he mentioned a sensitive operation in Syria to the Russian foreign minister. [Here he is doing it, right].
Today’s Times report suggests Trump’s Russian handlers are concerned:
Dmitri S. Peskov, President Vladimir V. Putin’s spokesman, also raised concerns that President Trump was reportedly not informed about the effort, which was the subject of a New York Times report on Saturday that detailed an elaborate system of cybertools deployed by the United States inside Russia’s energy system and other targets.
Because the new law defines the actions in cyberspace as akin to traditional military activity on the ground, in the air or at sea, no such briefing would be necessary, they added.
Again, cyber warfare is an act of war, and this cannot be delegated to the Secretary of Defense under our Constitution.
The intent of the operations was described in different ways by several current and former national security officials. Some called it “signaling” Russia, a sort of digital shot across the bow. Others said the moves were intended to position the United States to respond if Mr. Putin became more aggressive.
So far, there is no evidence that the United States has actually turned off the power in any of the efforts to establish what American officials call a “persistent presence” inside Russian networks, just as the Russians have not turned off power in the United States. But the placement of malicious code inside both systems revives the question of whether a nation’s power grid — or other critical infrastructure that keeps homes, factories, and hospitals running — constitutes a legitimate target for online attack.
Already, such attacks figure in the military plans of many nations. In a previous post, General Nakasone had been deeply involved in designing an operation code-named Nitro Zeus that amounted to a war plan to unplug Iran if the United States entered into hostilities with the country.
“It’s 21st-century gunboat diplomacy,” said Robert M. Chesney, a law professor at the University of Texas, who has written extensively about the shifting legal basis for digital operations. “We’re showing the adversary we can inflict serious costs without actually doing much. We used to park ships within sight of the shore. Now, perhaps, we get access to key systems like the electric grid.”
Russian intrusion on American infrastructure has been the background noise of superpower competition for more than a decade.
The Times then goes into the historical development of cyber warfare by Russia.
Russian foreign policy commentators said that the report about American efforts to insert software code into Russia’s energy system might jeopardize a potential Putin-Trump meeting at the G20 Summit in Japan at the end of June.
“This is a direct challenge that Moscow cannot leave unanswered,” Ruslan Pukhov, an arms expert and head of the Center for Strategies and Technologies, told Kommersant, a Russian business daily.
The two leaders might meet briefly on the sidelines of the summit, Mr. Peskov said, adding that Washington has not reached out to Moscow to organize a full-scale meeting.
Trump’s annual job performance review with his boss Vladimir Putin is not going to be delayed over this. If anything, now that he knows about this cyber warfare program, he may demand the files and turn over the secret codes to his pal Putin. Trump remains the greatest national security threat to the U.S.