The United States is taking bold new measures to interrupt and expose Russian efforts to inflame political tensions in the United States and cast doubt on the integrity of U.S. elections. It is a very welcome development after the chaos sown by Russia in the 2016 presidential elections that stoked a corrosive climate of distrust and division among Americans.
The Defense Department not only briefly shut down a hostile Russian internet attempt to interfere in the 2018 elections but also informed its operators that their real names were known, raising an alarm at the Russian operation known as the Internet Research Agency, according to both The Washington Post and The New York Times. A similar ominous warning was delivered to operatives of a Russian military intelligence cyber warfare unit that targeted the United States.
The newspaper reports cite unnamed officials but were verified by members of Congress who have been briefed on the operations by the U.S. Cyber Command. These actions are the first of their kind under an order issued by President Donald Trump last year authorizing offensive cyber operations short of acts of war.
On Election Day in November, and for several days thereafter, Cyber Command “basically took the [Internet Research Agency] offline,” an unnamed government source told the Post. “They shut ‘em down.” Such capabilities and the will to use them send a strong message to our adversaries, who have exploited and deepened political and other divides among Americans.
The Post reported that Sen. Mike Rounds, R-S.D, without discussing specific actions, said, “The fact that the 2018 election process moved forward without successful Russian intervention was not a coincidence. ... [There] would have been some very serious cyber incursions” without the actions by Cyber Command.
Amplifying an earlier report by The Times, The Post also said that beginning in October, Cyber Command began a campaign of “direct messaging” to operators at the Internet Research Agency and a Russian military intelligence unit. It used a variety of techniques, including pop-up messages, texting and emails, to tell Russian operatives their identities were known, and warning them not to interfere in the internal affairs of the United States or other nations. Russian internet trolls are known to have interfered in the politics of the Ukraine, the Baltic nations, France and other European countries in recent years.
Officials at the St. Petersburg-based Internet Research Agency were wrongly convinced that someone on the staff was leaking the information, sources told The Post.
It is clear that U.S. cyber warriors have been able to penetrate the inner workings of the Russian operations. Last year special counsel Robert Mueller indicted a number of individuals working for Russian military intelligence and the Internet Research Agency for interfering in the 2016 presidential election. The U.S. also has used similarly chilling “name and shame” techniques against Chinese military hackers.
But the October operation by Cyber Command was apparently the first time that the U.S. government directly contacted foreign agents to warn them against continuing their nefarious efforts.
It is hard to know whether such direct action has a deterrent effect. The more likely result will be redoubled efforts by Russia to disguise its cyber attacks and protect its operatives.
But at least Russia and other cyber adversaries, including China, Iran and North Korea, have been put on notice. We know where they live. That alone is an implicit threat. They should avoid further and more serious friction by de-escalating their cyber activities.