“Biden’s Day 1 Russia problem” – OpEd by Jack Devine in The Hill – January 11, 2021

Biden’s Day 1 Russia Problem

By Jack Devine

January 11, 2021

After a half-century of closely observing how our adversaries surreptitiously collect intelligence on the United States and our friends across the globe, few espionage operations trouble me more than the recent Russian cyber attack on our federal agencies. Not only is this one of the largest and most potentially damaging hacks of all time, but it represents a dangerous escalation in the spy v. spy struggle in which the intelligence world has engaged for decades. How President-elect Biden responds will complicate his opening days and possibly define his legacy.

The outlines of the Russian attack are starting to reveal themselves and serve as a wake-up call for all. As the U.S. Cybersecurity and Infrastructure Security Agency has warned, hackers who pose “a grave risk to the federal government” attacked the SolarWinds IT management software suite in March 2020. Malware was then installed by more than 17,000 customers, SolarWinds reported, including some of our most sensitive federal agencies. The list of victims includes the State Department, Homeland Security, Energy, Treasury and on and on.

The news should have stunned no one. Since the end of World War II, Russia’s intelligence assault against the U.S. has been unrelenting. During the Trump era, the Russians have felt even more unconstrained. Following its galling 2016 interference in the U.S. elections, Russia has sought to disrupt the internal affairs and elections of other Western countries, including Great Britain, the Czech Republic, France, Germany, Greece, Italy, Montenegro, Norway and Spain. The assaults have taken the form of cyber attacks, disinformation campaigns, funding for pro-Russian parties, and direct election interference. Recent criminal indictments and intelligence assessments suggest that Russia sought to continue its meddling in both the 2018 and the 2020 American elections, albeit on a smaller scale.

While weaponizing communications technologies, engaging in illicit financial schemes, and employing asymmetrical, anonymized strategies to sow chaos, Russia has made strange alliances with non-state actors. Some, focused on disinformation, are well-known — such as WikiLeaks and the now infamous Internet Research Agency. Others are more obscure, according to news reports and analyses from subject matter experts.

In one case, a well-known ally of Russian President Vladimir Putin, Yevgeny Prigozhin, known as “Putin’s chef,” reportedly financed private militias in Syria. The news media and intelligence pundits also report that Russian intelligence controls Sci-Hub, the illegal platform that many academics use to gain free access to scientific papers that otherwise require university and academic subscriptions. As reported by the media, the founder of Sci-Hub is under scrutiny “on suspicion that she may also be working with Russian intelligence to steal U.S. military secrets from defense contractors.” Furthermore, there are recent reports of Russian cyber attacks on U.S. hospitals researching COVID-19 and treating patients. Russia has targeted our elections, our military, our alliances, our schools, and even our pandemic response.

Biden needs to dramatically expand our intelligence programs targeting Russia and its S.V.R. spy agency. This renewed effort should include espionage, counterintelligence and, yes, covert action. We are way past the time of shooting a metaphorical cyber-tomahawk into an empty desert to send Putin a strong message. President-elect Biden needs to thwart Russian intelligence efforts in real time. Second, we need to increase our sub rosa dialogue to encourage the Russians to re-think their relentless intelligence assault. This dialogue should happen at the spy-to-spy and diplomat-to-diplomat level.

The Russians have crassly broken the unspoken rules of the road. They have moved from intelligence collection to all-out attacks on our democratic system. The 2016 election hacks show that the Russians are in a position to weaponize the knowledge gleaned from the SolarWinds hack today. Should they act on this capability and shut down our power grid, or go directly after our defense systems, this tit-for-tat response would be highly dangerous. Our cyber operations would transform into cyber warfare overnight.

Jack Devine served as the CIA’s acting director of operations and associate director of operations from 1995 to 1996. He led the covert-action operation that drove the Russians out of Afghanistan. Today, he is a founding partner and president of The Arkin Group. He is the author of Good Hunting: An American Spymaster’s Story and Spymaster’s Prism: The Fight against Russian Aggression, which will be published in March 2021.

In Other News: World Leaders React to Violence in Washington, Russia Behind Hack, Iran Resumes Enriching Uranium to 20% & More – January 8, 2021

January 8, 2021

Foreign governments around the world reacted to the violence in Washington on January 6 with shock and condemnation. Several American allies condemned the storming of the U.S. Capitol and called for a peaceful transition to the incoming Biden administration. UK Prime Minister Boris Johnson expressed shock at the “disgraceful scenes,” while German Chancellor Angela Merkel said she regrets that President Trump has not accepted the results of the 2020 presidential election. Adversaries have also weighed in, with the Russian foreign ministry criticizing the U.S. electoral system and Iranian President Hassan Rouhani saying the events show the fragility of Western democracy. Notwithstanding the criticism, world leaders like Canadian Prime Minster Justin Trudeau commented on the underlying strength of U.S. democratic institutions, and Israeli Prime Minister Benjamin Netanyahu reminded the world that American democracy has inspired millions of people for generations. It is true that there is no place for violence in our democracy, where differences are worked out through debate and elections. The peaceful transfer of power is critical to our democracy. The violence in Washington is not part of that American tradition, and when democracy is attacked in one country, it is attacked everywhere. Americans need to work to restore our faith in democracy and to preserve and protect our Constitution. Hopefully the events in Washington will be a reminder of both the strength of our democratic institutions and that the work for a more perfect union continues.

A group of U.S. intelligence agencies has publicly named Russia as the likely party behind a series of devastating hacks last year that compromised several branches of the U.S. government and a number of private sector firms. Russia has been the presumed perpetrator since the news broke, but its identification by the FBI, the Office of the Director of National Intelligence (ODNI), the National Security Agency (NSA), and the Cybersecurity and Infrastructure Security Agency (CISA) adds new weight to the U.S. need for a coherent and assertive response. As further details have emerged about the extent of the breach, its scope has grown more alarming. The hackers managed to access Microsoft source code, meaning that any entity using Microsoft products could be vulnerable to cyberattacks. As noted before, incoming president Biden needs to leverage the full suite of U.S. cyber capabilities to both strike back and defend U.S. infrastructure and assets, but ultimately the U.S. and Russia will need to establish ground rules on cyber warfare to head off future, more severe escalations. The U.S. and Russia will also need to find a way forward on negotiating an extension of the New START Treaty. At the same time, the U.S. under a Biden administration is likely to draw closer to NATO, take a harsher line on human rights and democracy issues, and display a deep, healthy, and very public skepticism of the intentions of Vladimir Putin. These competing priorities will require the new administration to walk a fine line between cooperation and conflict, which will present it with plenty of opportunities for missteps.

Iran notified the International Atomic Energy Agency on Monday that it has resumed enriching uranium to 20% at its Fordow nuclear facility, an open violation of the 2015 nuclear deal signed with powers including the US, UK, and China. The deal prohibits Tehran from enriching uranium at or bringing uranium to Fordow, formerly a covert enrichment facility, for 15 years. Also this week, Iran’s Islamic Revolutionary Guard Corps (IRGC) seized a South Korean oil tanker in the Persian Gulf, ostensibly for violating environmental laws, but in reality as retaliation for freezing $7 billion in Iranian funds that are subject to U.S. sanctions. The incoming Biden administration was expected to try to resuscitate the nuclear deal – from which the U.S. withdrew in 2018 – in a reversal of the Trump administration’s “maximum pressure” campaign. These Iranian escalations could encourage Biden’s nascent foreign policy team to modify or even jettison that ambition, but they also could be designed specifically to bring the U.S. back to the negotiating table. Iran’s foreign minister used Twitter to send the message that its steps toward further enrichment could be reversed if all signatories of the 2015 deal were to comply with it in full. The Biden administration is likely to stay the course of seeking a deal to stave off further proliferation, but the legacy of tit-for-tat escalations under the Trump administration may make both sides even more wary.

China arrested at least 53 Hong Kong citizens with links to the island’s pro-democracy movement before dawn on Wednesday in what is widely thought to be the nail in the coffin for what remains of opposition to mainland authority. While we anticipate that the incoming Biden administration will take a harder line on China’s violations of human rights and democratic norms than the Trump administration did, there is limited scope for the U.S. to intervene, though additional sanctions are possible. Furthermore, Beijing has used this week’s recent breach of the U.S. Capitol to argue that its Hong Kong arrests were intended to avoid exactly that type of situation. U.S. plans to pressure China have also been undermined by the EU’s decision to finalize an investment treaty with Beijing late last year, despite the incoming Biden administration’s request for consultation prior to the EU moving forward. The move has been heavily criticized in Europe as sacrificing values for economic gain, and it satisfies Beijing’s objective of clinching the deal before the Biden administration can bring to bear its strategy of forming a coalition of allies to push back on China in various spheres, including human rights, trade, and military expansion. The deal has not yet been ratified by the EU parliament but is likely to be sealed this year and will complicate US efforts.