U.S. Cyber Responses to Russian Hacking of the November Election
Recent news reports regarding Russian hacks affecting the November election suggest that the United States is preparing on possible U.S. cyber actions in response, such as revealing information to the Russian public about Putin’s financial holdings that would be embarrassing for him. Without comment on whether this would be a wise policy move, it’s necessary to point out that such an action would not be a “cyber response” in any meaningful sense of the term.
Published by The Lawfare Institute
in Cooperation With
Recent news reports regarding Russian hacks affecting the November election suggest that the United States is preparing on possible U.S. cyber actions in response, such as revealing information to the Russian public about Putin’s financial holdings that would be embarrassing for him. Without comment on whether this would be a wise policy move, it’s necessary to point out that such an action would not be a “cyber response” in any meaningful sense of the term.
In common parlance, the term “cyber response” would mean an action taken in cyberspace in reaction to some other action regarded as hostile. “Response” means that the response action happens after the hostile action. But nearly all of the information that we would reveal about Putin’s financial holdings must have been collected over a long period of time—a period that almost certainly precedes the Russian hacks. The only actual action that would occur afterwards—that is, in response—is the revealing of the discovered information. That’s not a “cyber response”—that would be a policy decision to reveal information that is already in the possession of U.S. intelligence community files.
Put differently, Russia has undoubtedly been probing U.S. networks for useful information for many years, with the broadest possible meanings for “probing”, “U.S. networks”, and “useful information.” And the same is undoubtedly true about the United States probing Russian networks as well. Not a surprise in any case – nations spy on each other, both in real life and in cyberspace.
So what is different with the Russian hacks regarding the U.S. election is the use to which the Russians have used the information they have gathered—a policy decision by decision makers in Russia. And the same would be true for the “cyber responses” reportedly being considered by the United States.
As for the wisdom of responding in this way, it suffices to point out that a U.S. response is unlikely to be the last word in this struggle. Are we willing to endure whatever else the Russians send in our direction in response to our response? Or do we simply believe that the Russians will cry “Uncle” and stop doing these nasty things to us?
