Inside Cybersecurity

September 17, 2021

Daily News

Key senator, policy pros say impact of sanctions yet to be determined amid White House push ahead of elections

By Charlie Mitchell / October 27, 2020

The White House national security advisor says the Trump administration has fully utilized the sanctions at its disposal to punish Russia and Iran for cyber attacks, stirring questions in cyber circles on how well they’ve been implemented and what comes next in U.S. efforts to deter cyber aggression.

“You have to sanction and indict as first steps, but you can't stop there,” said James Lewis of the Center for Strategic and International Studies. “The problem is that we haven't figured out what the next step should be.”

White House National Security Advisor Robert O’Brien on Sunday discussed with reporters the latest round of indictments and sanctions on Iranian and Russian actors for cyber attacks and other transgressions, saying the United States has imposed most of the sanctions available under current law.

“One of the problems we have with both Iran and Russia is that we have so many sanctions on those countries right now that there's very little left for us to do,” O’Brien said, “but we’re looking at every potential deterrence we can on those countries as well as others, including China and some countries that have not yet been mentioned that are trying to influence Americans on how to vote. It’s unacceptable.”

Senate Intelligence ranking member Mark Warner (D-VA), who has sponsored various bills on sanctions and other measures on deterrence in cyberspace, accused the Trump administration of using sanctions as a “smokescreen” in the absence of a clear and effective policy toward Russia.

“No tool should be off the table when the U.S. government is fighting back and deterring election interference from foreign adversaries,” Warner said in a statement provided to Inside Cybersecurity. “However, you’re not going to be able to deter Russia from election interference when the President denies that it happened and embraces Putin, who is again interfering in our elections on behalf of President Trump.”

Warner said, “Sanctions can be effective; but in this administration, they are instead used as a smokescreen to hide President Trump’s glaring failure to stand up to our adversaries. It’s also pretty clear that these steps have not deterred the Putin government. I am a cosponsor of multiple bills – many of them bipartisan – aiming to address foreign election interference threats, shore up election security, and close vulnerabilities in our election systems. Unfortunately, President Trump and Mitch McConnell have aggressively fought against movement on every single one of those critical bills. It is important that Russia’s efforts to interfere in our election on behalf of President Trump be detected, our systems safeguarded, and sanctions enacted against those responsible.”

Christopher Painter, who coordinated cyber efforts at the State Department until his position was eliminated in 2017, said, “Sanctions are one, important, part of the toolkit — they are not the only way to change behavior.”

He said O’Brien’s comments are “a fair statement” when it comes to sanctions leveled on North Korea and “perhaps Iran.”

However, Painter said, “sanctions on Russia could be more strategic and consistent -- and aimed at things Putin cares about, like his personal money flows and that of close cronies.”

More importantly, Painter said, “there needs to be consistent high-level presidential messaging that undergirds other actions that the U.S. takes. At least with Russia, that messaging has been at best inconsistent, thereby undercutting the effectiveness of the other actions, like sanctions, that the U.S. employs.”

The issue of inadequate messaging was also flagged by Marcus Fowler, a longtime cybersecurity leader at the CIA who is now director of strategic threat with cyber firm Darktrace.

“Trump is not using his power as president to condemn cybercriminals,” Fowler told Inside Cybersecurity. “A statement from him ‘on notice,’ coupled with the threat of a cyber response if these actions continue, would be a much stronger message. In order to defend forward, the willingness and capability to act must be there from the top down. Defense superiority and resilience will be the key determiner in who is and who isn’t the leading cyber superpower.” – Charlie Mitchell (cmitchell@iwpnews.com)