A top Russian diplomat has criticized the U.S. of creating "unprecedented anti-Russian hysteria" when it publicly accused Russia of launching a series of cyber attacks that were aimed at undermining the upcoming U.S. elections.
"The supercharging of emotions about Russian hackers is being used in the pre-election fight. The current administration, taking part in this fight, is not averse to dirty methods," Deputy Foreign Minister Sergei Ryabkov said Saturday on the ministry's website.
Late Friday, the U.S. administration stopped short of calling Russia's intrusions an act of cyberwar but said it is “confident” Russia directed the hacks of the Democratic National Committee in July, leaking thousands of emails that embarrassed the party in the days leading up to its national convention.
“These thefts and disclosures are intended to interfere with the US election process,” according to the statement from the Office of the Director of National Intelligence and the Department of Homeland Security.
“We believe, based on the scope and sensitivity of these efforts, that only Russia's senior-most officials could have authorized these activities,” the statement added.
For several weeks, intelligence officials said they suspected Russia of orchestrating the attacks, noting that Russia has used similar “tactics and techniques” to influence public opinion across Europe and Eurasia.
But U.S. intelligence community decided to go public with the attribution after newly uncovered information allowed them to reach a “higher degree of confidence,” one official told VOA.
The U.S. also said a series of recent cyber intrusions into state and local election-related systems originated from servers operated by a company in Russia, though it was not yet able to say whether those actions were also directed by Moscow.
“There’s an urgency here to release as much information as possible so the state and local authorities can fortify their [election] infrastructure,” a senior administration official told VOA on condition of anonymity. “We’re committed to making sure our election process is secure.”
At least 21 U.S. states have already sought cybersecurity assistance from the Department of Homeland Security, and officials are encouraging more state and local election officials to reach out.
Range of responses
Despite publicly naming Russia as the culprit behind the hacked emails released by Wikileaks and DCLeaks.com, U.S. officials do not expect the attacks to stop.
Instead, they expect Russia to continue with a stream of activity, enough to foment tensions but below the threshold that would trigger a severe escalation in hostilities.
The U.S. warned it will not sit idly by.
“Some responses you may see and others you may not,” a U.S. intelligence official cautioned.
But so far, the U.S. is leery of labeling the Russian cyberattacks as acts of war.
A senior administration official said even though the attacks targeted systems critical to the country’s democracy, it is “more useful” to look at each individual situation, and that a response could include diplomatic, economic or cyber actions.
“That full range of tools will be considered,” the official said. “That’s going to happen at the time and place of our choosing.”
National security expert Nicholas Rostow, a professor at the National Defense University, said he is not surprised that Russia is believed to be behind the hacks. While acknowledging that such a security breach is “a very bad thing,” he says “it’s hardly surprising in this day and age.” Russian President Vladimir Putin, he noted, is an intelligence specialist who spent years working for the KGB, Russia’s intelligence agency.
Rostow said he would not classify the U.S. statement as an act of war, but rather one more incident in a long session of “cyber struggle” with Russia. He said he “would be surprised if Russia is the only one trying to interfere,” noting that the United States also has a contentious relationship with China, and with Cuba. “There’s a constant effort to get at each other’s computers, to defend the computers, the communications, and all the rest of it,” he said.
Meanwhile, U.S. officials are trying to reassure voters that they system is safe. They say the hacks are meant to undermine confidence in the voting system.
"What people need to know about this is that our voting infrastructure is really quite resilient," Homeland Security Adviser Lisa Monaco told a Cyber Warfare Summit hosted by the Washington Post on Thursday. "We ought to be very confident in our election system."
In reality, hacking the U.S. election would be incredibly difficult, since it is not federalized into a single entity. Instead, the election is spread across about 8,000 localities, with each one using its own methods, systems and rules. In many jurisdictions, the process is offline altogether.
"Our system is decentralized," explains Thomas Hicks, commissioner of the Election Assistance Commission, who spoke at the forum Thursday. "And with a decentralized system, you'd need an army of folks to try to get into the system."
But there are still vulnerabilities. Hackers have recently targeted voter registration systems in more than 20 states, the Department of Homeland Security said last week. In at least a "few cases," officials said the hackers succeeded in gaining access to state voting-related systems.
So far there have been no reports of manipulation. But the threat is real and could be highest in the handful of so-called swing states that typically determine the winner of U.S. elections.
Campaigns, parties, vulnerable
It's not just the voting process that is susceptible to hackers. Other parts of the U.S. election apparatus, including political parties and individual campaigns, are also at risk.
Though the DNC has so far experienced the worst of the hacking attacks, Republican Party operatives have also been targeted, said Brett DeWitt, the senior policy advisor for cybersecurity for the U.S. House of Representatives Committee on Homeland Security.
"Both political parties have been hacked," DeWitt says. "They're trying to undermine the integrity and confidence of the entire election system, Republican or Democrat."
The problem is complicated by the fact that many political campaigns and committees are traditionally reluctant to spend much money on cyber protections, preferring to throw their funds into political ends.
"All these political organizations want to put all their resources into winning races and promoting candidates and building their party," says Michael Sussman, a former Department of Justice cybercrimes prosecutor, who is on the DNC's newly formed cyber security board.
Sussman expects more emails to be released by the hackers who broke into the DNC networks. And he wouldn't be surprised to see more attacks.
"We know it's Russian state-sponsored, and we know that the groups doing it are very sophisticated, and in fact, it is their day job." he says. "They're not going to go away, and they're going to be very persistent."
Friday's announcement came amid escalating tensions between Washington and Moscow over a range of international disagreements, including U.S. charges that Russian airstrikes in support of embattled Syrian President Bashar al-Assad have been hitting hospitals and other civilian targets in rebel-held eastern Aleppo.