After Russian cyberattack, seek answers and argue retaliation

Those choices, according to officials familiar with the discussions, include variations of the steps President Barack Obama considered and dismissed following the 2016 state electoral system hack. includes using network tools to reveal or freeze assets secretly held by Russian President Putin, revealing his connections with financiers, or technological moves to circumvent censorship of Russia to help dissidents communicate with the Russian people at a time of political opposition.

At a press conference at the White House on Tuesday, Jen Psaki, press secretary, said the US response would come “weeks, not months” later. But first, the United States will have to explicitly declare that one of Russia’s intelligence agencies is responsible.

Mr. Smith said: “There is not too much suspense at the moment about what we are talking about,” Mr. Smith added that although Microsoft has not identified the intruders, nothing contradicts the broadcast. currently scheduled by US intelligence that Russia is “likely the culprit.”

Then, Mr. Biden will have to solve another problem: Distinguish what the Russians did from the kind of espionage the United States did, even against its allies. Officials have prepared a basis for that argument. Last week, Mr. Biden called the malware intrusion “reckless” because it affected more than 18,000 companies, mainly in the United States. In particular, American officials have tested the argument that Russia should be punished for “indiscriminate” hacking, while the US only uses similar tools for targeted purposes. It is not clear if that argument could convince others to take steps to cost Russia the price.

Mr. Biden’s forthcoming actions appear to include executive orders to improve the resilience of government agencies and companies from attacks, and the proposed publication of mandatory hacks. Many companies that lost data to Russians did not admit it, either out of confusion or because there was no legal requirement to disclose even a major breach.

But the implication of much of the testimony is that Russian intelligence agencies may have installed US networks with back door access. And that possibility – just the fear of that – could limit the kind of punishment Mr. Biden has to take. Although he has promised during the presidential transition to impose “substantial costs”, previous promises of holding Russia accountable are not enough to deter them from fears of punishment if they are Get caught in one of the most sophisticated supply chain hack in history.

Kevin Mandia, chief executive of FireEye, a cybersecurity company that first discovered the intrusion after the Russians stole their tools to fight, said: “The reality is they will come back. and they will be an offense forever. hacker. Mr. Mandia, a former Air Force intelligence officer, noted that “because the front door is locked”, the hackers have turned to known, but little-resolved, vulnerabilities. In this case, they got into the network management software update system run by a company called SolarWinds. When software SolarWinds Orion users downloaded updated versions of the code, the Russians were in it.