I had this post mostly drafted when Kurt Eichenwald’s article about faked emails appeared. I’m leaving it mostly the way it started out and will work that article in toward the end.
Russia is trying to hack the United States election. That’s not surprising, given current levels of Russian animosity. Or perhaps it should be called paranoia. Or even bluffing. It’s hard to tell.
The US intelligence community and Department of Homeland Security say they are confident that recent releases of emails come from hacks by agents of the Russian government. Apparently both Democratic and Republican accounts have been targeted. Additionally, the voter registration databases of 20 states were targeted, and the voting systems of four more. None of the attempts on voting systems seem to have been successful.
Emptywheel has a careful analysis of the USIC-DHS statement. Those organizations don’t make statements like this without basis.
Voting systems and voter registration databases are secured, with backups because of basic concerns about keeping them accurate. Voting systems are highly decentralized and thus would require hacking individual voting machines in each precinct in New Mexico, for example. Quality controls already in place, like recounting selected precincts by hand, make hacking the election less likely. New Mexico seems to be exemplary in this regard, but not exceptional. States with less secure systems have now been warned.
A number of articles have been published advocating deterrence and retaliation to the hacks. That’s natural when the issue is framed as cyberwar. But it’s misleading, because hacking and related interventions are very different from war-war.
In real war, physical damage is done. Cyberwar depends much more on psychological effects. Russia’s objective in releasing the emails is to confuse and damage confidence. So far, the emails have been relatively trivial, and the effects small. One observable effect is the bad blood generated among Bernie Sanders supporters over treatment of Sanders by the Democratic National Committee.
The attempts on voter databases and voting systems could damage confidence still more. Disarray at polling places because of defective databases would be a major problem, as would indications that results were not accurate.
One counter is to make knowledge of the attempts public, which the United States government is doing. That encourages states to be more vigilant in protecting their systems, and it gives the public information on the situation, to help maintain their confidence. Making the attempts public also lets Russia know that their efforts are not unnoticed. Evidence of possible alteration of the emails or completely spurious material is being made public, undermining confidence in the hackers and their public conduits.
Once computer intrusions are detected and traced, protections can be put in place to prevent more. Escalation to additional means of intrusion may be possible, but vigilance against them will be higher.
Another issue in releasing the emails is cultural misunderstanding. The leaking of the emails via Wikileaks has shown more about Julian Assange’s prejudices and misreadings than it has about malfeasance by the parties quoted. A similar problem emerged in Kurt Eichenwald’s recognition of his own words, presented as Sidney Blumenthal’s in a leaked and obviously manufactured email.
Articles in the New York Times and Politico immediately focused on what the United States should do to retaliate in kind. They ignore the effect of making the hacking public. It’s also a carryover from the idea that force must be met with force, and that the United States must respond in some identifiable way to any move against it. It is more important that a response be meaningful than that it be rapid, and that response may not be public.
That last is essential. A message must be conveyed to the Kremlin, not to David Sanger, Bryan Bender, or me. There is an argument about national credibility that wants such things done and made public, but it is a poor one at best. As I’ve argued before, one of Russia’s objectives in its recent actions is to be perceived as a major player/threat. Honestly stating that it is trying and not succeeding to hack the US election puts that ambition into context, and it’s not the look of a great power. A big announcement of a big retaliation would play into Russia’s desires.
Although Eichenwald has been teasing his piece with inferences that Trump has a direct line to the Kremlin in his campaign, there is a simple explanation for the rapid transmission of the email. Trump and his aides depend on conspiracy sites for information; Sputnik is one of those conspiracy sites, from which they pulled the email. That does not eliminate Eichenwald’s inferences. Trump has rather consistently cheered Vladimir Putin and followed a foreign-policy line favorable to the Kremlin. Paul Manafort and Carter Page quickly left the campaign when their Russia ties became too public. It’s a question that deserves more investigation.
Russia is stirring things up on many fronts. The United States is distracted by a presidential election with a very disturbing candidate who denies that Russia is responsible for the hacks. The response to Russia needs to be on a higher and broader level than an immediate response to these hacks, although it is possible that there will be more specific responses as well. But for a country that wants recognition as a big player, withholding that recognition is itself a response.
Previous posts on Trump’s Russia connections:
Photo: Trump and potential Russian business partners