NBC News is reporting out that the US Government has taken steps to prepare to counter-strike a Russian cyber attack on election day next week.
U.S. military hackers have penetrated Russia’s electric grid, telecommunications networks and the Kremlin’s command systems, making them vulnerable to attack by secret American cyber weapons should the U.S. deem it necessary, according to a senior intelligence official and top-secret documents reviewed by NBC News.
American officials have long said publicly that Russia, China and other nations have probed and left hidden malware on parts of U.S critical infrastructure, “preparing the battlefield,” in military parlance, for cyber attacks that could turn out the lights or turn off the internet across major cities.
It’s been widely assumed that the U.S. has done the same thing to its adversaries. The documents reviewed by NBC News — along with remarks by a senior U.S. intelligence official — confirm that, in the case of Russia.
U.S. officials continue to express concern that Russia will use its cyber capabilities to try to disrupt next week’s presidential election. U.S. intelligence officials do not expect Russia to attack critical infrastructure — which many believe would be an act of war — but they do anticipate so-called cyber mischief, including the possible release of fake documents and the proliferation of bogus social media accounts designed to spread misinformation.
Brown and others have noted that the Obama administration has been extremely reluctant to take action in cyberspace, even in the face of what it says is a series of Russian hacks and leaks designed to manipulate the U.S. presidential election.
Administration officials did, however, deliver a back channel warning to Russian against any attempt to influence next week’s vote, officials told NBC News.
The senior U.S. intelligence official said that, if Russia initiated a significant cyber attack against critical infrastructure, the U.S. could take action to shut down some Russian systems — a sort of active defense.
Retired Adm. James Stavridis, who served as NATO commander of Europe, told NBC News’ Cynthia McFadden that the U.S. is well equipped to respond to any cyber attack.
“I think there’s three things we should do if we see a significant cyber-attack,” he said. “The first obviously is defending against it. The second is reveal: We should be publicizing what has happened so that any of this kind of cyber trickery can be unmasked. And thirdly, we should respond. Our response should be proportional.”
One problem, officials say, is that the doctrine around cyber conflict — what is espionage, what is theft, what is war — is not well developed.
“Cyber war is undefined,” Brown said. “There are norms of behavior that we try to encourage, but people violate those.”
For further reading if anyone is interested, here’s the link to Joint Publication (JP) 3-12(R)/Cyberspace Operations. JP 3-12 covers all the Joint Force doctrines and concepts for cyberspace operations. Here’s the link to the US Army Cyber Center of Excellence (COE)* doctrine and concepts brief for those that like death by powerpoint. Finally, here’s the link to a very interesting monograph on cyberspace operations published by the US Army War College’s Strategic Studies Institute (full disclosure: I know the author, he was on the faculty of USAWC during the first two years of my assignment there).
* The Army uses Center of Excellence for the overarching Branch commands at their Professional Military Education (PME) schools. These are not traditional, civilian academic Title VI Centers of Excellence.