Will Russia’s broad range of nefarious cyber activities be addressed at Monday’s summit between U.S. President Donald Trump and Russian President Vladimir Putin? That’s one of the big questions surrounding the summit. National Security Advisor John Bolton affirmed that Russian interference operations and cyber attacks would be on the agenda, and Trump reaffirmed this during press conferences in Europe, but speculationcontinues due to the conflicting statements that election interference occurred.
Even if Russian interference operations are addressed, Putin will deny any interference and the conversation will likely quickly move on to other topics. Trump claims that he has limited tools to counter Russian interference operations, and all he can do is say, “Don’t do it again.” In fact, the U.S. government has a range of tools at its disposal to counter Russian interference. These tools and the overwhelming evidence of Russian interference should be the top priority at the Summit. Unfortunately, there is little chance that Putin’s denial will be rejected and the consequences addressed. Instead, the meeting will further signal globally that our adversaries can interfere in elections, attack critical infrastructure, and foster social unrest without repercussions.
Unlike the North Korea summit, where the nuclear issue deservedly was the main topic due to the potential destabilizing global impact, Russia’s disruptive cyber and disinformation activities are a strategic core of Russian activity abroad. These interference operations, which aim to undermine democratic political institutions, capabilities, and augment societal tensions, are fundamental to Russia’s foreign (and domestic) policy.
Russian interference operations are generally associated with the 2016 US presidential election. As confirmed by the intelligence community, the Kremlin engaged in disinformation targeting the election, and also compromised the Democratic National Committee. In response, the United States has issued a series of sanctions, persona non grata expulsions, and indictments, which alone justifies prioritization of Russian interference operations at the summit.
But election interference is only one aspect of Russian interference. Recent U.S. sanctions against Russia are in response to the NotPetya attack, which was attributed to Russia and globally caused over a billion dollars in damages, including hundreds of millions of dollars for Maersk, Merck, and FedEx in operations and business disruptions and IT repairs. The Department of Homeland Security has also accusedRussia of targeting the U.S. energy grid and other critical infrastructure, including nuclear and water facilities. Earlier this year, the U.S. and U.K. both attributed to Russia a global campaign targeting routers, and the most recent sanctions are in retaliation for Russia’s underwater activities, including Russian surveillance of underwater cables that are responsible for $10 trillion in transactions daily. Finally, Russia’s disinformation campaign continues well into 2018, exacerbating both sides of numerous political and societal issues.
Russia’s interference operations also extensively target our allies. Their playbook is the same, aiming to leverage a combination of cyber attacks, disinformation, and bots to undermine Western alliances and weaken democratic institutions, divide societies, and target broadly, including destructive attacks. Here is just a sample of Russian interference operations over the last decade:
- Destructive cyber attacks following the annexation of Crimea compromising the energy grid in Ukraine in 2015 and 2016, as well as cyber attacks that caused damage to French media station TV5Monde, and a German steel mill.
- Disruptive cyber attacks — often in combination with disinformation campaigns — targeting political institutions, including the German Bundestag, German government, French election, and U.K.’s Brexit referendum.
- Cyber attacks in retaliation for policies, including massive distributed denial of service attacks against Estonia, web defacement against Lithuania, and attacking internet connectivity in Georgia which stifled internal communications.
- Tactical cyber attacks and disinformation campaigns against NATO, including targeting soldiers’ cell phones, conferences, and social media disinformation.
To be clear, there is a precedent for a global summit to prioritize interference operations. In 2015, a Sino-American Summit occurred following China’s cyber-enabled OPM breach and IP theft. That session resulted in a pact against cyber-enabled commercial IP theft. The U.S. has since acknowledged that China broke this pact. Nevertheless, the pact still established some rules of the road when none previously existed and elevates the U.S. standing globally by adhering to the agreement. During Monday’s summit, Russia’s broad range of interference operations should similarly be prioritized and norms and rules identified, especially as Russian interference operations extend into additional zones as well. This is just one course of action the U.S. has at its disposal.
In addition to establishing global cyber norms, the summit is also the ideal venue for identifying the consequences if those norms are violated. While this could include leveraging the expanded authorities and the Pentagon’s renewed emphasis on offensive cyber capabilities, potential consequences must look beyond cyber tit-for-tat. A comprehensive range of repercussions should include the actual implementation and expansion of existing sanctions, as well as other pressure points targeting the Kremlin. As Senator Lindsey O. Graham (R-S.C.) asserted, it must be “understood that Russia will pay a price.”
Nevertheless, there is little likelihood that the summit will address one of the top U.S. national security threats. The U.S. intelligence community’s warnings of potential Russian interference in the upcoming 2018 elections, and Russian reconnaissance and compromise of critical infrastructure will simply be ignored. Turning a blind eye on this behavior is not only dangerous to our national, physical, and economic security, but it also provides the green light to the growing range of global actors who are increasingly adopting Russia’s interference tactics, knowing they can do so with impunity.
Andrea Little Limbago is chief social scientist at Endgame, a cybersecurity software company. She taught in academia before joining the Joint Warfare Analysis Center as a computational social scientist. While at JWAC, she earned the command’s top award for technical excellence for her analytic support across the Department of Defense. She holds a Ph.D. in political science from the University of Colorado at Boulder.