Thursday, March 15, 2018

Trump Administration Imposes Sanctions Against Russia
 The sanctions announced Thursday represent the Trump administration’s most significant actions to date against Russia for its aggression against the United States. (Jorge Silva/AFP/Getty Images)

By Ellen Nakashima
Washington Post
March 15 at 2:14 PM

The Trump administration on Thursday imposed fresh sanctions on Russian government hackers and spy agencies to punish Moscow for interfering in the 2016 presidential election, and for a cyberattack against Ukraine and other countries last year that officials have characterized as “the most destructive and costly” in history.

Sanctions also were imposed on individuals known as “trolls” and the Russian organizations — including the Internet Research Agency — that supported their efforts to undermine the election. Additionally, the administration alerted the public that Russia is targeting the U.S. energy grid with computer malware that could sabotage the systems.

Taken together, the moves represent the administration’s most significant actions to date against Russia for its aggression against the United States, though analysts say their impact is mostly symbolic and noted that a number of the individuals and groups had already been subject to sanctions. Nonetheless, officials hope the actions will help deter tampering with this year’s midterm elections while signaling to Russia that Washington will not allow its attacks to go unchallenged.

“The administration is confronting and countering malign Russian cyber activity, including their attempted interference in U.S. elections, destructive cyberattacks, and intrusions targeting critical infrastructure,” said Treasury Secretary Steven Mnuchin. “These targeted sanctions are a part of a broader effort to address the ongoing nefarious attacks emanating from Russia.”

The sanctions stand in contrast to President Trump’s reluctance to blame the Kremlin for its interference in the 2016 presidential race despite the U.S. intelligence community’s conclusion that Moscow did so.

They come after the United States, France and Germany joined Britain in denouncing Russia for a brazen poison attack that has left a former Russian spy and his daughter comatose in a Salisbury, England, hospital. On Wednesday, Britain expelled 23 Russian diplomats in retaliation.

The outgoing head of the National Security Agency and U.S. Cyber Command has warned that if the United States does not take punitive or deterrent action against Russia, its malicious activity will continue.

For those targeted, the sanctions freeze all assets under U.S. jurisdiction, U.S. persons are barred from engaging in transactions with them, and they may not travel into the United States. Mnuchin said his department intends to impose additional sanctions to hold Russian officials and oligarchs “accountable for their destabilizing activities by severing their access to the U.S. financial system.”

Russia’s deputy foreign minister, Sergei Ryabkov, told the Interfax news agency on Thursday that Moscow was prepared for the new round of sanctions. He dismissed them nonetheless, saying they are part of a U.S. effort to destabilize Russia’s presidential election on March 18. Moscow will craft a response, he said.

In all, the new sanctions target 19 people and five organizations — though 10 had been previously sanctioned, mostly under the Obama administration. Many were indicted last month by special counsel Robert S. Mueller III, who is investigating Russian interference in the 2016 U.S. election and whether the Trump campaign coordinated with the Kremlin to sway the race’s outcome. Mueller accused 13 individuals and three entities of spreading propaganda using social media and other means, with the goal of sowing discord.

The Washington Post examines how, nearly a year into his presidency, Trump continues to reject evidence that Russia supported his run for the White House. (Dalton Bennett, Thomas LeGro, John Parks, Jesse Mesner-Hage/The Washington Post)

A separate set of sanctions was imposed on two Russian spy agencies. Officials said the FSB, a successor to the KGB, used its cyber tools to target U.S. government officials, including cybersecurity, diplomatic, military and White House personnel. The other is the GRU, a military spy organization, which officials said was “directly involved in interfering in the 2016 U.S. election” through cyberactivities.

Those sanctions mark the first use of a law Congress passed in June to, among other things, punish Russia for its election-year interference. Trump, after balking, finally signed the law but issued two statements saying that he believed the legislation was “seriously flawed.” In January, as the law required, the administration released a widely anticipated report on Russian oligarchs, but it was dismissed by critics in Congress and by former Obama administration officials as a “cut and paste” job from open sources with no substance to it.

The GRU also was behind a June 2017 cyberattack, delivered through a mock ransomware virus dubbed NotPetya, which wiped data from the computers of banks, energy firms, senior government officials and an airport. On Thursday, the government sanctioned the GRU and six of its senior officials in response to that attack.

NotPetya hit systems in Ukraine the hardest and was viewed as an effort to disrupt that country’s financial system amid its ongoing war with separatists loyal to the Kremlin. U.S. companies, including shipping giant FedEx and the pharmaceutical firm Merck, also were affected, losing hundreds of millions of dollars in earnings. To date, the attack has cost companies around the world $1.2 billion in revenue, according to the cybersecurity firm Cybereason. One U.S. official put the toll at $10 billion.

“Today’s announcement is largely a name and shame exercise to show the Kremlin that the United States is closely following what it is doing,” said Andrew Weiss, a Russia expert at the Carnegie Endowment for International Peace. “Given that deniability is a key part of the Russian playbook, there’s a question about whether that works. So far the pattern is not great. We keep seeing bad behavior by Moscow.”

The sanctions “have no bite,” said Michael Carpenter, a former Pentagon and White House official who worked on Russia policy. “Such narrowly targeted sanctions don’t impact Russia’s economy at all, and that seems to have been the administration’s intent. Russia’s intelligence services don’t exactly have retail bank accounts in the United States, and so this will have a negligible impact on their operations.”

He also decried the administration’s “mixed messaging strategy” in which “Cabinet-level officials have ventured forth to condemn Russia’s subversion of democratic institutions, but the president himself continues to refrain from personally saying anything negative” about his counterpart, Vladimir Putin.

Russia’s mounting aggression in cyberspace is part of a larger “hybrid warfare” strategy that marries traditional military means with digitaltools to achieve its goal of regional dominance.

The Treasury Department noted that it continues to pressure Russia for its ongoing efforts to destabilize Ukraine and occupy Crimea, and for its “endemic corruption and human rights abuses.” To date, officials said, the administration has sanctioned more than 100 individuals and entities under authorities specific to Ukraine and Russia.

Eric Rosenbach, a former senior Pentagon official in the Obama administration, said it was “extremely important” to sanction Russia in response to the NotPetya attack. “The United States cannot stand by and watch the Russians use Ukraine as a cyber test range for destructive malware that then proliferates,” said Rosenbach, now director of the Defending Digital Democracy Project at Harvard’s Belfer Center.

The six GRU officials targeted for sanctions are Chief Igor Korobov, First Deputy Chief Igor Kostyukov, Deputy Chief Sergey Gizunov, First Deputy Chief Vladimir Alexseyev, and senior officials Sergei Afanasyev and Grigoriy Molchanov.

In a separate move, the Department of Homeland Security and the FBI are releasing malware “indicators” related to the Russian government cyber-campaign against the energy sector and other critical industries, including water, aviation, critical manufacturing and energy. The indicators go back to at least March 2016. They are related to a campaign by a group dubbed Dragonfly by the cybersecurity firm Symantec.

Matthew Bodner in Moscow contributed to this report.

Ellen Nakashima is a national security reporter for The Washington Post. She covers cybersecurity, surveillance, counterterrorism and intelligence issues.  Follow @nakashimae

No comments: