The White House on Thursday issued a statement blaming the NotPetya cyberattack, which centered on Ukraine but affected computers around the world, on the Russian government and promising that Russia would face “international consequences” because of it.
The statement, coming hours after the U.K. government also accused the Kremlin of orchestrating the attack last June, marked the first time the Trump administration has formally attributed a major international malware attack to Russia. The Washington Post reported in January that the CIA had connected NotPetya to Russia’s military intelligence agency, GRU, which has conducted a number of cyberwarfare operations in Ukraine as part of the frozen conflict the Kremlin has been fomenting in eastern Ukraine since 2014.
White House press secretary Sarah Huckabee Sanders said the attack was “part of the Kremlin’s ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia’s involvement in the ongoing conflict.”
“This was also a reckless and indiscriminate cyberattack that will be met with international consequences,” she added.
NotPetya was similar in form to the WannaCry ransomware that hit hundreds of thousands of computers at hospitals, universities, and telecommunications companies around the world the preceding month, freezing victims out and requiring victims to pay a ransom in bitcoin in order to restore their access.
NotPetya initially targeted government agencies and businesses in Ukraine, but quickly spread beyond its borders, affecting companies around the world, including the British ad agency WPP, food company Mondelez, pharmaceutical manufacturer Merck, and shipping company FedEx. FedEx alone claims to have lost $300 million because of the attack, while WannaCry and NotPetya threw into stark relief the threat such attacks pose to businesses, government institutions, and essential infrastructure.
In that light, cybersecurity experts tell Wired, for the U.S. to directly accuse Russia of committing such a cybercrime is a big deal. The Russian origins of NotPetya were already widely known or suspected within the cybersecurity community, but the government had been reluctant to take this step previously. “It appears the administration has drawn a line in the sand with an actor that’s been extremely aggressive and enjoyed quite a bit of anonymity until now,” John Hultquist, director of intelligence analysis at the security firm FireEye, commented.
For its part, Russia responded to the accusation with predictable outrage, calling it part of a “Russophobic” propaganda campaign. The Kremlin-funded media outlet RT was quick to note that several Russian companies were also affected by the malware, as if to suggest that malware of Russian origin would not have spread to Russia itself, and insinuated that these accusations were really coming from the pro-Western government in Kiev.
Despite the strong language Sanders used to describe the attack, it is not yet clear what these “international consequences” will be. President Donald Trump has resisted efforts to impose new sanctions on Russia, a country in which he is known to have done extensive business, over its meddling in the 2016 election. The administration is dragging its feet on implementing sanctions that Congress voted to impose last year. Whether it will be more willing to sanction Russia over NotPetya remains to be seen.
That the White House is willing to take the bold step of publicly accusing the Kremlin of carrying out a major cyberattack makes it all the more puzzling that the administration has resisted all attempts to punish Russia for interfering in U.S. elections, which the intelligence community unequivocally agrees that it did, even going so far as to lie to the public about that conclusion. Even as the indictment released by special prosecutor Robert Mueller on Friday spelled out in detail the extent of that interference, Trump was only interested in pointing out that he and his campaign had not been implicated (yet).
Not only did Russia meddle in elections in 2016, the top brass of our intelligence and national security apparatus are unanimous in the opinion that they will do so again this year. “We expect Russia to continue using propaganda, social media, false-flag personas, sympathetic spokesmen and other means to influence, to try to build on its wide range of operations and exacerbate social and political fissures in the United States,” Director of National Intelligence Dan Coats told Congress on Tuesday.
CIA Director Mike Pompeo, Secretary of State Rex Tillerson, and even former president George W. Bush have acknowledged that Russia interfered in the last national elections and will try to do so again this year. If this is all a Democratic partisan conspiracy to undermine the president, as Trump believes, these are some very unlikely co-conspirators.
To make matters worse, with the first primaries just weeks away, there’s not much time left to shore up the security of our elections, and while some states have taken measures to hack-proof their polls, such as with paper ballots or backups, Congress has provided no funding to assist in these efforts and has even neglected to allocate $400 million in election-improvement funds that were pledged 16 years ago but never spent. Democrats are pushing a bill to provide states with over $1 billion in election-protection funds, but the bill has no Republican co-sponsors in the House and, as such, is effectively dead on arrival.
As for the White House, Trump has proven utterly resistant to being convinced that Russian interference in our elections is a serious threat because to do so would require him to admit that his own election was not entirely clean. The intelligence chiefs who testified before Congress on Tuesday said that while their agencies were working on plans to defend against potential election interference this year, the president had not personally directed them to do so.
Instead, Trump has been busy propounding a conspiracy theory about the “deep state” plotting against him, in order to sow doubt among the public about the intelligence community’s conclusions about the Kremlin’s election interference. Russian intelligence appears to be aiding that effort, with Russia-linked Twitter accounts churning out hashtags like #fisagate and #obamadeepstate. The misinformation campaign is working, too. Recent polls suggest that the public is divided, largely along partisan lines, about whether Russia meddled in the 2016 election, whether the investigation into that meddling is fair, and whether Trump has acted to obstruct it.
Considering that Trump and his Republican enablers in Congress stand to benefit from any Russian interference in this year’s elections, and that they’ve done virtually nothing to prevent that from happening so far, it’s a bit rich to see the administration express outrage over another example of Russian cyberwarfare, not to mention puzzling that they would sanction Russia over an attack on Ukraine and FedEx, but not over an attack on the foundations of American democracy.
As the New York Times editorial board put it in an op-ed taking Trump to task for not heeding his own appointees’ warnings, the suggestion that Trump “is giving Russia a green light to tamper with the 2018 elections … can no longer be dismissed out of hand.” Indeed, what conclusion can Russian intelligence draw from these mixed messages other than to quit wasting their time putzing around with Ukrainian banks and focus on the midterms instead?