In posts and talks over the past four years, Mr. Sullivan has made it clear that he believes traditional sanctions alone are not enough to raise costs to force powers such as Russia or China to begin speaking. about new rules on the path for cyberspace.
But government officials often fear that an overreaction risks escalation.
It is of particular interest in Russian and Chinese attacks, where both countries have clearly placed “backdoors” for US systems that could be used for more destructive purposes.
US officials say publicly that the current evidence suggests that Russia’s intentions in the SolarWinds attack were merely data theft. But some senior officials, when speaking for no reason, said they believe the scale, scope and cost of the operation suggest the Russians could have a much broader motive.
“I was struck by the number of these attacks that reduced confidence in our system, as well as efforts to make the country distrust the voting infrastructure, which is inherently successful,” Burt said. the core of our democracy. ”
Russia infiltrated the Democratic National Committee and state voter registration systems in 2016 mainly by guessing or taking passwords. But they used a much more complex method in the SolarWinds hack, inserting code into corporate software updates, bringing them deeper into about 18,000 systems using network management software. Once inside, the Russians have high-level access to the system without a password.
Likewise, four years ago, the majority of Chinese government hacks were done through phishing campaigns via email. But over the past few years, China’s military attack parts have been consolidated into a new strategic support force, similar to the Pentagon’s Cyber Command. Some of the most important hacking operations are run by the State Security Department, China’s top intelligence agency, which maintains a satellite network of contractors.
Beijing also began hoarding so-called zero-days, errors in code that software vendors don’t know about and don’t have patched yet.