A “situational awareness room” in Washington, DC will help states identify cyberthreats and defend themselves against attempts by foreign cyberhackers to disrupt next month’s midterm elections, says Homeland Security Secretary Kirstjen Nielsen.
The room, set to go live on election day, will be capable of information-sharing that is “faster, quicker and more tailored” than during the 2016 federal election, which U.S. intelligence agencies have confirmed was the target of sustained cybersabotage by Russian hackers acting under the directions of Moscow.
“States are taking this very seriously all the way to the county level,” Nelson told a cyber-security summit sponsored by the Washington Post Oct. 2.
But despite the assurances of federal officials, security and intelligence experts at the summit warned that the country has fallen into such a “deep deterrence hole” that cyberwarriors in Russia, China and other nation states could be emboldened to step up their attempts to undermine the U.S. election process over the coming weeks.
“Over the past 20 years there have been a series of escalating attacks by both actors that have undermined U.S. interests, (but) both Russia and China have not found our pain point yet,” said James Mulvenon, a China expert with Stanford University’s Hoover Institution.
“For a long time (our declared) policy has been that we will only respond if there is a loss in human life, (but) there is a heck of a lot of terrible damage you can do to American interests short of killing someone.”
During 2016, even as U.S. intelligence officials acknowledged that Russian cybersaboteurs were actively attempting to undermine the electoral process through measure such as leaking stolen emails from Democratic Party officials, they refused to say whether and how they would respond⸺arguing that they didn’t want to signal their strategy, but also privately conceding their concerns that a tough counter-response by the Russians could do even deeper damage to the more vulnerable American economy.
The lingering uncertainty about the U.S. response may have weakened our ability to deter even more sustained and systematic cyber meddling by Russia, China and other foreign actors⸺creating in effect a “deterrence hole,” Mulvenon explained.
Echoing President Donald Trump’s recent warning that Chinese government-supported hackers posed a threat to the U.S. election process, Mulvenon said, “What Washington’s confronting is something they had not really paid a lot of attention to for a long time, which is that China has a global influence operations campaign of fairly large scale.”
At the Oct. 2 summit, Nielsen said she was unaware of any “direct attacks on [U.S.] election infrastructure” by China⸺or by any other foreign player for that matter⸺during this election cycle.
“We currently have no evidence that a foreign adversary intends to disrupt our election’s infrastructure,” but she conceded that “we know that they have the capability and they have the will, so we’re constantly on alert.”
On the question of foreign governments trying to disrupt or spy on the U.S. midterms, Gen. David Petreus, former director of the Central Intelligence Agency, said Tuesday that he suspected “that there will be attempts, keeping in mind this is 50 different state election apparatuses that are out there, some of which have been shown to have vulnerabilities.”
He added, “we’ve seen what happened in 2016 very, very clearly, so I think the prospects of some of this happening [again] are real.”
Petreus said a “message clearly has to be sent to Russia,” but he did not say how the message should be delivered.
Aside from cyber-disruption of elections, panelists discussed the recent Facebook hack, with Microsoft’s Ann Johnson saying that Facebook’s swift public announcement of the personal information of 50 million users being exposed highlights a problem with the new privacy laws.
“You’re notifying, but you’re notifying with an incomplete set of information, one that is going to dynamically change,” said Johnson. “And I think that is the biggest challenge for corporations right now: They will be forced to notify by some of these privacy laws, but they are going to be notifying a large consumer base of folks who are not necessarily technologically savvy, which could then send panic.”
Lisa Monaco, who served as adviser to President Obama for Homeland Security and Counterterrorism from 2013 to 2017, earning the nicknamed “Doctor Doom,” said that apart from concerns in Washington about a “Cyber 911,” she fears the results of unseen cyber attacks that could shake American confidence “in the integrity of the markets.” She discussed the possibility of a cyber actor altering information “to make us question the trades that go on every day.”
The cyber summit comes in the wake of the release of the Trump administration’s “National Cyber Strategy of the United States.” With this, wrote President Trump, “the United States now has its first fully articulated cyber strategy in 15 years.”
The national strategy is intended to boost deterrence against any adversaries in the digital domain. In the 40-page report, the White House unveiled efforts to strengthen federal cybersecurity and deter malicious actors from launching digital attacks.
There was measured praise for the Trump Administration report at the D.C. summit. Gen. Petreus said it represented “a regaining of momentum and an acceleration of what’s going on.”
In a separate interview with The Crime Report, Prof. Robert Chesney, a writer on cybersecurity issues and the Charles I. Francis Professor in Law and Associate Dean for Academic Affairs at the University of Texas School of Law, called the strategy a “high-altitude document that has plenty of good, though not novel, things in it.”
He added: “Perhaps most notable is the extent to which it includes very positive words about the importance of international law and even international ‘norms.’ Not what one would expect.”
Interestingly, the Department of Defense (DOD) last week released its own “Cyber Strategy 2018”–one that outlined its plans to defend U.S. interests.
In it, the DOD said:
We are engaged in a long-term strategic competition with China and Russia. These States have expanded that competition to include persistent campaigns in and through cyberspace that pose long-term strategic risk to the Nation as well as to our allies and partners. China is eroding U.S. military overmatch and the Nation’s economic vitality by persistently exfiltrating sensitive information from U.S. public and private sector institutions. Russia has used cyber-enabled information operations to influence our population and challenge our democratic processes.
Comparing the DOD report to the Trump Administration report, Chesney said that the DOD document “has more granular content, as you would expect.”
Chesney analyzed the DOD report in a post on his Lawfare blog, saying, “It’s gotten lots of attention for calling for a ‘defense forward’ approach in which CYBERCOM would be active in getting into adversary networks overseas in order to disrupt hostile activities at the source.”
“Defending forward” is definitely the phrase of the day when discussing America’s heightened response to cyber threats.
“Great-power strategic competition, defend forward, and prepare for war: These are the three central tenets of the newly released summary of the 2018 Department of Defense Cyber Strategy,” wrote Nina Kollars, an associate professor within the Strategic and Operational Research Department at the Naval War College, and Jacquelyn Schneider, an assistant professor in the Strategic and Operational Research Department at the Naval War College, for “War on the Rocks,” of the Texas National Security Network of the University of Texas.
“The new [DOD] strategy document is decidedly more focused, risk-acceptant, and active,” declared Kollars and Schneider. “It centers on China and Russia, arguing that the United States must actively counter these state actors with a strategy that seeks to preempt, counter, deter, and win.”
A recording of Tuesday’s livestream report from the summit is available here.
Nancy Bilyeau is Deputy Editor of The Crime Report. She welcomes comments from readers.