Biden hints at U.S. response to cyberattacks blamed on Russia

By David E. Sanger, New York Times News Service

Sunday, Oct. 16, 2016 | 2 a.m.

Since the Obama administration formally accused Russia about a week ago of trying to interfere in the election, there has been intense speculation about whether President Barack Obama has ordered the National Security Agency to conduct a retaliatory cyberstrike.

The strongest hint so far has come from Vice President Joe Biden, who either revealed U.S. plans for a strike or engaged in one of the better bits of psychological warfare in recent times.

Taping an interview for NBC’s “Meet the Press,” Biden was asked whether the United States was preparing to send a message to the Russian president, Vladimir Putin. Days before, the U.S. intelligence agencies and the Department of Homeland Security declared that the Russian leadership was responsible for attacks on the Democratic National Committee and the leaking of stolen emails.

“We’re sending a message,” Biden told Chuck Todd, the show’s host. “We have the capacity to do it.”

“He’ll know it,” Biden added. “And it will be at the time of our choosing. And under the circumstances that have the greatest impact.”

Later, after Biden said he was not concerned that Russia could “fundamentally alter the election,” Todd asked whether the American public would know if the message to Putin had been sent.

“Hope not,” Biden responded.

His warning seems to suggest that Obama is prepared to order — or has already ordered — some kind of covert action after the stolen emails were published online. That would require what is known in the intelligence agencies as a finding — a presidential determination authorizing covert action.

Such a finding would allow the United States to make use of its newly developed arsenal of cyberweapons, which are under the control of the military’s Cyber Command, the NSA and, in some circumstances, the CIA.

Biden’s statement does not exclude the possibility of a response outside the realm of cyberspace. But most of the other options under discussion in the White House involve actions that would be public, such as economic sanctions under a 2015 presidential order on responding to cyberattacks. Such sanctions have never been invoked, but are well suited to cases like the presumed effort to influence the election.

Some experts, however, say they may be insufficient. James G. Stavridis, the former supreme allied commander of NATO, wrote in Foreign Policy last week that the first step could be making America’s evidence against Russia public.

“Revealing the names of the officials who authorized the cyberattacks against the United States would put Moscow in an extremely uncomfortable position,” wrote Stavridis, a former admiral who is now dean of the Fletcher School of Law and Diplomacy at Tufts University. “Ideally, the United States could reveal emails or conversations between Russian officials that demonstrated their intent to undermine the U.S. electoral process.”

But that would run counter to Biden’s “hope not” statement. Stavridis and others have advocated other steps, including knocking holes in the Kremlin’s wall of censorship so that opponents of Putin could begin to conspire with one another.

“As a response to the Russian attacks on the U.S. democratic system, this would be both proportional and distinctive,” Stavridis wrote. It might also be deniable — a key to any covert action approved by the president.

Many others have advocated using cybertechniques to expose Putin’s links to Russia’s oligarchs and reveal his financial holdings overseas, which are believed to be vast. But such steps would risk escalation, and advisers have warned Obama that the United States is more vulnerable than most nations.

Putin initially denied any Russian involvement in the attacks. But in an interview several days ago, he said the important thing was not how emails from Hillary Clinton’s campaign had been hacked, but what they said. Sergey V. Lavrov, the Russian foreign minister, went further. “We did not deny this,” he said of the hacking. But he added that the United States had offered no proof.

A crucial question being debated in the White House is whether warnings like Biden’s will be enough to make Russia, or others, pull back in their hacking. The calculus behind the decision to formally accuse Russia was that the mere publication of the conclusion could temper the activity.

If so, it may not have worked. WikiLeaks in the past few days has published thousands of emails stolen from the Gmail account of John Podesta, the chairman of the Clinton campaign. While Podesta has blamed Russia for the attack, intelligence agencies say they have not formally reached that conclusion.

There are only two known cases in which Obama has authorized an offensive cyberaction. One was the operation against Iran’s nuclear program, code-named Olympic Games. That operation was not detected by the Iranians for years, until an accidental release of the computer code made it obvious that its centrifuges were exploding because of a cyberattack.

The other case has been action against the Islamic State, mostly to interfere with its communications or alter data in its systems. Those attacks were publicly announced by Defense Secretary Ash Carter and others, though no details were offered.

The announcement seemed intended in part to cause Islamic State insurgents to question whether their internal communications were genuine.