Cybercrime , Cyberwarfare / Nation-State Attacks

Russian Meddling: Trump Hasn't Ordered Direct NSA Response

NSA Chief Says Putin Expects 'Little Price to Pay' for US Election Interference
Russian Meddling: Trump Hasn't Ordered Direct NSA Response
NSA Director Mike Rogers addresses the Senate Armed Services Committee on Feb. 27.

The chief of the National Security Agency says President Donald Trump has not ordered him to confront Russian election meddling at its source, via network operations.

See Also: OnDemand | Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing Attacks

"My concern is, I believe that President Putin has clearly come to the conclusion there's little price to pay here and that therefore, I can continue this activity," Adm. Michael S. Rogers, director of the NSA and chief of U.S. Cyber Command, testified before the Senate Armed Services Committee on Tuesday.

In January 2017, the U.S. intelligence community said in an assessment that it had "high confidence" that "President Vladimir Putin ordered an influence campaign in 2016" designed to disrupt the U.S. elections. Earlier this month, U.S. national security chiefs reaffirmed that assessment and said they'd seen no decrease in election-meddling attacks originating from Russia (see Russia Will Meddle in US Midterm Elections, Spy Chief Warns).

Multiple members of the Senate committee pressed Rogers about whether anything was being done to counter Moscow's efforts.

"In fairness, you can't say nothing has been done ... but clearly, what we've done hasn't been enough," Rogers told the committee.

U.S. Cyber Command Chief and NSA Director Adm. Mike Rogers fields questions from Sen. Elizabeth Warren, D-Mass., during a Feb. 27 Senate Armed Service Committee hearing.

"Everything, both as a director of NSA and what I see on the Cyber Command side, leads me to believe that if we don't change the dynamic here, this is going to continue, and 2016 won't be viewed as something isolated; this is something that will be sustained over time," he said. "So I think the challenge for all of us is, what are the tools available to all of us?"

Rogers said such tools included diplomatic and economic options as well as "some cyber things" that he declined to describe in full.

Democratic Sen. Jack Reed of Rhode Island asked Rogers if any other agencies, such as the Department of Homeland Security or the FBI, or any states have the legal authority to attempt to disrupt Russian election meddling where it originates. Rogers replied that while there are gray areas, the Department of Defense and the Department of Justice have some legal authority to do so.

Reed noted that intelligence agencies can operate under a presidential finding - a presidential directive that authorizes covert action. He then asked if the NSA had been so directed to respond, "given the strategic threat that faces the United States and the significant consequences you recognize already."

U.S. Cyber Command Chief and NSA Director Adm. Mike Rogers fields questions from Sen. Jack Reed, D-R.I., during a Feb. 27 Senate Armed Service Committee hearing.

Rogers said he has not been given the day-to-day authority to conduct such targeted network operations. But based on his authority as a commander, he said that he has "directed the national mission force to begin some specific work" that his position automatically authorizes him to do. Rogers declined to describe those efforts in the open and unclassified briefing. But he offered to brief the Senate Armed Services Committee in greater detail in a later closed-door session.

White House Promises Action

On Tuesday, White House Press Secretary Sarah Sanders pushed back against Rogers' statement that the president had not authorized the NSA to respond directly.

"Nobody is denying him the authority," Sanders said. "We're looking at a number of different ways that we can put pressure."

White House Press Secretary Sarah Sanders fields questions from reporters during a Feb. 27 press briefing about what steps the White House is taking to secure future elections.

Sanders said the State Department will spend $40 million on an effort to counter Russian and Chinese propaganda and disinformation. She also repeated last week's announcement that the Department of Homeland Security will begin working with state, local and federal election officials to help secure their operations.

In response to criticism that the Trump administration hasn't been doing enough to respond to Russia's 2016 election meddling and prevent a recurrence during the 2018 and 2020 elections, the White House continues to claim that it's being tough on Russia (see White House Says It's Been 'Very Tough' on Russia).

Faced with questions about whether the Trump administration has responded quickly and forcefully enough to the January 2017 U.S. intelligence community's alert, the White House often attempts to reframe the question as being whether President Barack Obama did enough. "Look, this president, as I told you last week, has been much tougher on Russia than his predecessor," Sanders said. "Let's not forget that this happened under Obama. It didn't happen under President Trump. If you want to blame somebody on past problems, then you need to look at the Obama administration."

Pressed for details about what the Trump administration is doing to protect future elections, however, Sanders declined to offer more specifics.

"The president is open to looking at a number of different ways of making sure that Russia doesn't meddle in our elections," she said.

Report: 7 States Hacked in 2016

On Tuesday, NBC News reported that "state websites or voter registration systems" in seven states were compromised before the November 2016 elections, while 14 others were probed, according to three unnamed intelligence officials.

The report said that a top secret analysis ordered by President Barack Obama in the final months of his presidency determined that systems were compromised in Alaska, Arizona, California, Florida, Illinois, Texas and Wisconsin.

"According to classified intelligence documents, the intelligence community defines compromised as actual 'entry' into election websites, voter registration systems and voter look-up systems," NBC reported.

In June 2017, DHS officials told Congress that in 2016, attackers had probed 21 states' networks and websites, including, in some cases, election systems. At the time, Jeanette Manfra, DHS's cybersecurity chief, told lawmakers: "We saw targeting of 21 states, and an exceptionally small number of them were actually successfully penetrated."

Earlier this month, the National Association of Secretaries of State claimed that only one state - Illinois - was breached by the attackers. "Please make no mistake, all 50 states consider themselves a target," NASS said in a statement.

Asked to comment on the NBC report, DHS responded with a statement from Tyler Houlton, DHS's acting press secretary.

"NBC's reporting ... on the 2016 elections is not accurate and is actively undermining efforts of the Department of Homeland Security to work in close partnership with state and local governments to protect the nation's election systems from foreign actors," Houlton says. "As we have consistently said, DHS has shared information with affected states in a timely manner, and we will continue to do so. We have no intelligence - new or old - that corroborates NBC's reporting that state systems in seven states were compromised by Russian government actors."

Houlton said the formerly classified documents cited by NBC "were working documents based on preliminary information and ongoing investigations, not confirmed and validated intelligence on Russian activities." He says DHS stands by its assessment that although 21 states were probed, that is all that happened "in nearly all states" and that "in no case is there any evidence that votes were changed or that Russian actors gained access to systems involved in vote tallying."

That assessment squares with the view of the Office of the Director of National Intelligence. "The declassified Intelligence Community Assessment of Jan. 6, 2017, found that Russian actors did not compromise vote tallying systems," ODNI says in a statement. "That assessment has not changed."

DHS Promises Security Briefings

DHS continues to stress that it's working with states. "This relationship is built on trust and transparency, and we have prioritized sharing threat and mitigation information with election officials in a timely manner to help them protect their systems," Houlton says in a statement.

"In addition to granting state officials clearances to give them access to classified information, we work to declassify information rapidly and have the ability to grant one-day waivers when necessary to provide state officials with information they may need to protect their systems. We are committed to this work and will continue to stand by our partners to protect our nation's election infrastructure and ensure that all Americans can have the confidence that their vote counts - and is counted correctly."

But some state officials have said that while their working relationship with DHS has recently improved, much more needs to be done.

Earlier this month, secretaries of state from many U.S. states met at a NASS event in Washington to discuss their top concerns, and cybersecurity featured high on the agenda.

Attendees also received classified DHS briefings. But some told Reuters that the briefings were unhelpful and criticized DHS for providing inadequate information about the full scope of the Russian threat (see States Seek Federal Help to Combat Election Interference).


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.