US reacting at analog pace to a rising digital risk: Hacking report

Of the many questions left unanswered by the American intelligence agencies’ accusation that Russia’s president, Vladimir V Putin, led a multilayered campaign to influence the 2016 presidential election, one stands out: Why did it take the Obama administration more than 16 months to develop a response?

The short answer, suggested by the report the agencies released on Friday, is that the United States government is still responding at an analog pace to a low-grade, though escalating, digital conflict.

The report was compiled by the FBI, the CIA and the National Security Agency, makes no judgments about the decisions that the agencies or the White House made as evidence of Russian activity mounted. But to anyone who reads between the lines and knows a bit of the back story not included in the report, the long lag times between detection and reaction are stunning.

The delays reveal fundamental problems with American cyberdefenses and deterrence that President-elect Donald J Trump will begin to confront in two weeks, regardless of whether he continues to resist the report’s findings about Russia’s motives.

The intrusion hardly had the consequences of Pearl Harbor some 75 years ago, when the incoming force was seen on radar and dismissed. But it had similar characteristics. Then, as now, a failure of imagination about the motives and plans of a longtime adversary meant that government officials were not fully alert to the possibility that Mr. Putin might try tactics here that have worked so well for him in Ukraine, the Baltics and other parts of Europe.

And while American intelligence officials — who were focused primarily on the Islamic State and other urgent threats like China’s action in the South China Sea and North Korea’s nuclear and missile threat — saw what was happening, they came late to its broader implications.

It was telling that within an hour of the release of the report on Friday, the secretary of homeland security, Jeh Johnson, declared for the first time that America’s election system — the underpinning of its democracy — would be added to the list of “critical infrastructure.” This after years of cyberattacks on campaigns and government agencies.

In the intelligence report’s most glaring example of the government’s lagging response, it says that “in July 2015, Russian intelligence gained access to Democratic National Committee networks” and stayed there for 11 months, roaming freely and copying the contents of emails that it ultimately released in the midst of the election. Classified briefings circulating in Washington indicate that British intelligence had alerted the United States to the intrusion by fall 2015.

Almost immediately, a low-level special agent with the FBI alerted the Democratic National Committee’s information technology contractor, which doubted the call and did nothing for months. The FBI failed to escalate the issue, even though it was clear from the start that the attackers were almost certainly the same Russians who had mounted similar campaigns against the State Department, the White House and the Joint Chiefs of Staff.

At a news conference in December, President Obama made it clear that he was not aware of any of this until mid-2016, nearly a year after the hacking began and the British had sent up a flare.

“At the beginning of the summer,” Mr. Obama said, “we’re alerted to the possibility that the DNC has been hacked, and I immediately order law enforcement as well as our intelligence teams to find out everything about it” and to brief “potential victims” and “the relevant intelligence agencies.”

© 2017 The New York Times News Service