During his presidency, Obama favored a policy of deterrence when it came to responding to cyber attacks, in what U.S. officials call “naming and shaming." He’s indicted Iranian and Chinese hackers and signed an executive order allowing the Treasury Department to impose financial sanctions on hackers. He could take similar steps against Russia, which has repeatedly denied accusations of hacking.Whatever the president chooses to do, whether we know about it or not, he owes it to the American people to explain exactly what the Russians did to us that we are responding to. So far, there's been very little said about the nature of the Russian hack. Was it limited to exposing the Democratic National Committee's political machinations and John Podesta's hostility toward the Catholic Church? Or did the Russians actually manage to change votes, a much more serious intrusion that President Obama has already denied took place. If their transgression was limited to the former, a military response of any sort hardly seems proportionate.
Another possible route, though, is an offensive cyber operation. Obama said Dec. 16 that he would respond in a "thoughtful, methodical way," and some of it "we do publicly. Some of it, we will do in a way that they know but not everybody will."
Anyway, here are some of the president's options:
If a covert action by the Central Intelligence Agency or National Security Agency is sought, it would come after gathering as much data as possible on the specific "entities and individuals" involved in the U.S. attack, according to Terry Roberts, founder and president of cybersecurity firm WhiteHawk Inc. and former deputy director of U.S. Naval Intelligence.Using the military presents the possibility of unnecessary escalation, which would be foolish. We're employing cyber operations against ISIL and probably did so against North Korea in 2014, but a military operation against the Russians would invite a serious military response, more aggressive action in the Ukraine or Mid-East, perhaps, and no one wants that.
That could involve wiping out hard drives connected to Russia’s intelligence community, exposing Russian hacking tools on the web or revealing where the hackers operate in the so-called dark web. Or if the specific hackers involved use bitcoin currency, the U.S. could delete their online financial cache, Roberts said. This could be done without attribution, so it’s not obvious the U.S. was behind the action.
Another possibility, according to another former NSA official, includes "deny, disrupt, degrade" attacks, where agency hackers could take down websites or networks, or break into non-government institutions and leak information. That could also include hacking into companies that have ties to Russian President Vladimir Putin or leaders supporting him, or leaking information about Russia’s role in another country, deflecting the focus from the U.S.
If the president chooses an offensive military option, that would fall to U.S. Cyber Command, a relatively new agency headed by Admiral Michael Rogers, who also leads the NSA. This path requires the object of the action be a military target. Possible options here could include a cyber-strike against the systems of the FSB or GRU, Russian intelligence agencies, or launching a ransomware attack against them or manipulating their data.
President Obama has said he will respond, and the whole world is waiting to see what he will do. If he does nothing after declaring that he will punish those responsible he risks world-wide humiliation, worse, even, than that suffered after failing to back up his warning to Bashar Assad not to use chemical weapons against the Syrian people.
On the other hand, if he does too much he risks a military confrontation with Russia which could result in loss of life. That seems like a high price to pay if all the Russians did was reveal to the world what sort of people were running the DNC. UPDATE: Just as I finished writing this I learned that Mr. Obama has taken some public steps to "punish" the Russians. You can read about them here. Our intelligence agencies have also released information on their conclusions about Russian intrusions into the DNC and Clinton campaign chairman John Podesta's emails.