President Obama, under pressure from Congress, has directed U.S. intelligence agencies to conduct a deep-dive inquiry into Russian cyber attacks and their impact on the 2016 presidential election and to provide the results before Inauguration Day.
Any intelligence review should coincide with a companion investigation by Congress into why the president and his White House advisers for the past eight years rejected numerous calls from military, intelligence, and national security advisers to take aggressive action against states like Russia and China—action that could have prevented the kind of covert cyber warfare now being linked to Moscow.
Obama repeatedly downplayed the nature and scope of cyber attacks against the United States during his administration, dismissing attacks like North Korea's hack against Sony Pictures Entertainment as cyber vandalism.
The president also ignored the massive Chinese cyber attacks on the Office of Personnel Management. Those attacks pilfered some 22 million records on federal workers, including personal information on workers in highly sensitive military and intelligence positions.
Obama downplayed the attacks as a "significant vulnerability" and suggested they would "accelerate as time goes by, both in systems within government and within the private sector."
The president also never invoked a presidential directive calling for economic sanctions on state sponsors of cyber attacks.
The latest chapter in the ongoing cyber war involves major political cyber attacks against the Democratic National Committee and former White House chief of staff and Hillary Clinton presidential campaign chairman John Podesta. Stolen information from those hacks was leaked to anti-secrecy websites. The hacking has been blamed on Russia and is now triggering political attacks and calls for investigations by Democrats and some Republicans.
A joint statement by incoming Senate Democratic Leader Chuck Schumer (N.Y.), Sens. John McCain (R., Ariz), Lindsay Graham (R., S.C.) and Jack Reed (D., R.I.) said an investigation was needed into "recent cyber attacks that have cut to the heart of our free society."
Senate Majority Leader Mitch McConnell (Ky.) said he supports a congressional investigation of the election hacking. House Speaker Paul Ryan (Wis.) also said foreign intervention in U.S. elections is unacceptable and called any Russian involvement "problematic."
President-elect Donald Trump dismissed the Russian election meddling on Sunday as a Democratic political ploy. "I think it's just another excuse. I don't believe it," Trump told Fox News Sunday.
The Department of Homeland Security and Office of the Director of National Intelligence in October blamed the email hacking on a Russian government-directed program that released the emails to WikiLeaks, DCLeaks.com, and a hacker who used the handle Guccifer 2.0.
The CIA—which has been politicized under its director, John Brennan, an Obama loyalist—then concluded that Russians were seeking to throw the election to Donald Trump. The conclusion was seized on by Democrats to question the legitimacy of Trump's stunning election victory over Clinton.
Obama's response to the Russian email hacking was again to do nothing. Presidential spokesman Josh Earnest on Oct. 11 said the president was considering using America's "offensive capabilities" in cyber space, and that a range of options were being considered to retaliate against Russia. However, as with the Sony and OPM attacks, no serious action was taken, reflecting the president's unwillingness to adopt any robust defense and national security policies.
Obama said in September as he discussed cyber security that the political attacks were nothing new, noting there have been "problems" with Russian cyber attacks in the past. It was not reported if he specifically raised Russian hacking of American political figures.
But the president made clear he was afraid to take retaliatory cyber action over concerns it would trigger a wider cyber war. "What we cannot do is have a situation where this becomes the wild, wild West, where countries that have significant cyber capacity start engaging in unhealthy competition or conflict through these means," he said.
What the president failed to understand is that the cyber landscape already is the wild, wild West as countries steal American secrets on a grand scale and now are moving to influence the political system. The United States under Obama has been disarmed against Russian, Chinese, and other nations' cyber gunslingers, who are conducting asymmetric warfare with little or no penalty. The weakness of the U.S. government response will continue to provoke more and increasingly damaging cyber attacks unless there is a change in policy that imposes costs—either by carrying out counter-cyber attacks or other asymmetric warfare means to confront the dangers.
Cyber attacks are becoming ubiquitous. In addition to political hacking, cyber attacks range from constant cyber attacks on banks and financial institutions, to penetrations of critical infrastructure networks like the electric grid, to the theft of defense technology from contractor networks.
A U.S. intelligence official told me that over a period of months beginning in August 2011 several major interagency meeting were held to discuss the escalating danger of cyber attacks against the United States.
The president and his top aides were presented with "tens" of options to counter and deter cyber attacks by the Russians, Chinese, North Koreans, and Iranians.
"Most of them were shelved, sent to what was called ‘the parking lot,'" said the official. "They were considered too aggressive and Obama responded that he would not engage in those types of activities."
The options were discussed in meetings of the White House Interagency Policy Committee, a working group directly supporting the National Security Council. Seated at the conference table were senior officials from the Pentagon, State Department, intelligence agencies, law enforcement agencies, and Homeland Security Department.
The options ranged from diplomatic talks—favored by the Obama administration—to economic sanctions, legal actions, and cyber operations. Several different plans for counter-cyber attacks were discussed. All were rejected by the president.
"Obama was not willing to take aggressive offensive cyber actions to prevent adversaries from doing harm to us," said the official. "He failed to act, and he prevented others from taking action.
After centralizing the power to conduct cyber attacks within the presidency, Obama made sure to define down all cyber events by declaring them anything but cyber attacks. Large-scale penetrations and theft of data from both U.S. government and private sector networks were falsely labeled "cyber espionage," "cyber vandalism," "cyber penetrations," and other terms by the president. As long as the incidents were not labeled attacks, Obama ensured there would be no requirement for retaliation by the military or intelligence community.
This policy has resulted in an increase in cyber attacks with no apparent end in sight.
An urgent task for the incoming Trump administration, with support from Congress, must be to alter current U.S. cyber warfare policies by countering foreign government attacks and covert efforts to influence elections and policies.
The Cyber Threat column will be co-published on Flash//CRITIC Cyber Threat News at flashcritic.com.