Responses to Russian Hack Could Include Sanctions, Analysts Say

Economic sanctions or other punitive actions could be coming soon against Russia as the U.S. seeks to deter further interference in the November elections, national security analysts say.

White House Press Secretary Josh Earnest told reporters Tuesday that President Obama “will consider a response that is proportional,” adding that there are a “range of responses that are available” to hit back at the Kremlin for the hacking operations at the Democratic National Committee and the Democratic Congressional Campaign Committee.

An executive order signed by President Obama in April 2015 is one of those tools available. It gave the administration the power to impose sanctions on individuals who orchestrate “significant malicious cyber-enabled activities.”

“The interference here certainly qualifies within the executive order, so it’s entirely possible the administration will pursue sanctions,” said Susan Hennessey, a fellow specializing in national security at the Brookings Institution, in an email.

The administration is already starting to preview further action. Secretary of State John Kerry said Monday that last Friday’s public statement that Russia almost certainly directed the hacking was to show them that they won’t get away with it “for free.”

The U.S. government “will and can respond in ways that we choose to at the time of our choice,” Kerry said.

“We also did it after very clear messaging to the Russians about the unacceptability of interference with democracy in the United States of America,” Kerry said at the Virtuous Circle Conference in Palo Alto, Calif.

The public declaration is a bold action in itself, but it may not be enough, according to Hennessey. “It is likely that a stronger response will be required as well, because of the severity of the activity and the need to deter it in the future,” she added.

The announcement “sets the stage for other actions to punish Russia and hopefully sway it away from further such acts,” said Peter Singer, a senior fellow at the New America Foundation and cybersecurity expert. “The responses will be a mix of cybersecurity actions and real world, with sanctions a likely one.”

Pointing to top-level officials in the Kremlin signals that any concrete action taken by the U.S. government will specifically target the Russian government.

The ball is already rolling on that movement in Congress. Sen. Dianne Feinstein, the top Democrat on the Senate Intelligence Committee, called for a “strong response” to the hacks if Russia doesn’t stop. “Attempted hacking of our election system is intolerable, and it’s critical to convince the Russian government to cease these activities,” California’s senior senator said in a statement.

Sen. Mark Warner (D-Va.), another member of the Intelligence Committee, wants a “strong deterrent to Russia’s use of cyber attacks and cyber espionage against United States, especially to discourage them from undermining the democratic process,” according to a spokeswoman.

The Warner spokeswoman added in an email, “There are a variety of responsive actions, both in and outside of the cyber domain — some of which will be public, some of which will not — that should be carefully considered as part of a comprehensive whole of government strategy.”

Sen. Cory Gardner (R-Colo.), who chairs the Senate Foreign Relations Committee’s subcommittee on international cybersecurity, said he plans to introduce legislation that would require the White House to open investigations into those responsible for the hacks and “aggressively pursue sanctions when appropriate.”

An aide to Sen. Ben Cardin, the top Democrat on the Foreign Relations Committee, said the Maryland senator is mulling over several specific responses that Congress could take to hold Russia accountable for the hacks as well as “other destabilizing activities around the world,” including those in Syria.

Even though there is a push for sanctions and other definitive action against the Russians, the White House’s accusation “may end up being the only public action taken by the administration, and the next move will be to wait and see how Russia reacts,” said New America Foundation’s Cybersecurity Initiative Policy Analyst Robert Morgus.

“I imagine that the issue has come up once or twice in private, diplomatic talks between the two nations,” Morgus said. “There’s a chance that the simple attribution, combined with that diplomacy, will be enough to at least temporarily silence the likes of Guccifer 2.0, DCleaks, and WikiLeaks, the primary instruments used by Russia to spread disinformation.”