OPINION – The blowback from what appears to be a massive, and possibly ongoing, hack of the U.S. government by Russia’s Foreign Intelligence Service (SVR), continues to grow. The cyber-attack against American government agencies and private companies could be the largest single electronic spying operation in history against the United States.
The attack may have penetrated the Department of Homeland Security (DHS), State and Commerce Departments, the National Nuclear Security Administration (NNSA), and maybe the Pentagon itself. Not to mention one of America’s top cybersecurity firms, FireEye — as I wrote earlier — and even Microsoft.
This is as close to an act of war in the cyber world as one can get, barring a direct cyber-attack on U.S. military or civilian infrastructure.
The Office of the Director of National Intelligence (DNI), led by DNI John Ratcliffe, issued a statement on Wednesday describing the incident as “significant.” U.S. Secretary of State Mike Pompeo on Friday described the hack as “a very significant effort” and said the U.S. could “say pretty clearly that it was the Russians engaged in this activity.”
The time for business as usual is over. The U.S. must retaliate. And do so forcefully.
But it must first confirm it was Russia, and only Russia, that was behind the attack. Security experts have said the hacker group Cozy Bear, managed by the Russian SVR, appears responsible for this attack. And this seems very likely.
However, it cannot be discounted that China piggy backed or was also somehow involved. President Trump has downplayed the attack and made some allegations that China may be behind the attack.
While it is doubtful China led this attack, China is extremely active and aggressive in hacking U.S. targets and conducting massive espionage against the United States.
Recall China has conducted extremely damaging espionage hacks against the U.S. before. Most notably the Office of Personnel Management (OPM) hack between 2013 and 2015 compromised an unknown number of highly sensitive security background investigation reports for U.S. government employees and intelligence officers.
Until now, this China hack, which was far worse than most people know, was one of the most damaging to date.
But this attack may surpass that Chinese attack in scale and scope. Attribution for this attack is key. Was it Russia alone, or did China play a part as well?
Whatever the case may be, the U.S. must retaliate vigorously.
Apparent incoming White House chief of staff Ron Klain said, according to The Hill, that the response from the new administration to an attack of this magnitude would run beyond sanctions and include steps “to degrade the capacity of foreign actors to repeat this sort of attack.” This is encouraging.
But the U.S. response must not be limited to Russia.
As Douglas Schoen, author of: “The End of Democracy? Russia and China on the Rise and America in Retreat” writes:
With an advanced ability to manipulate data, penetrate security networks, and even to infiltrate our election systems, Russia and China are the major cyberwarfare players. The worldwide threat assessment from the United States intelligence community maintains that these two countries “pose the greatest espionage and cyberattack threat” to our American national security.
Regardless of what state is responsible for this attack, BOTH Russia and China are engaged in an undeclared ‘Gray Zone’ cyber war with America. Any U.S. retaliation must include China, if not for this hack, for the many conducted previously.
It is time for the U.S to take the gloves off. BOTH Russia and China need to pay a price for their actions.