U.S. military hackers have been given the go-ahead to gain access to Russian cyber systems if meddling in America’s 2018 elections is confirmed.
The U.S. intelligence community and the Pentagon have quietly agreed on the outlines of an offensive cyberattack that the United States would unleash if Russia electronically interferes with the 2018 midterm elections on Nov. 6, according to current and former senior U.S. officials who are familiar with the plan.
In preparation for its potential use, U.S. military hackers have been given the go-ahead to gain access to Russian cyber systems that they feel is needed to let the plan unfold quickly, the officials said.
The effort constitutes one of the first major cyber battle plans organized under a new government policy enabling potential offensive operations to proceed more quickly once the parameters have been worked out in advance and agreed among key agencies.
While U.S. national security officials have so far reported only intermittent efforts by Russian sources to compromise political organizations and campaigns, they have been worried — in the aftermath of Russia’s digital contact with U.S. election systems in 2016 — that Moscow might unleash more aggressive interference in the hours before voting begins, while the polls are open, or when the votes are being tabulated.
The existence of such a plan means that America is more fully integrating offensive cyberattacks into its overall military planning systems, a move likely to make cyber combat more likely and eventually more commonplace, sometimes without first gaining specific presidential approval. Cyberattacks are now on a more obvious path, in short, to becoming a regular currency of warfare.
The plan for retaliation against Russia is one of the first to be organized since President Trump signed an executive order in August that simplifies and shortens the review for such operations. It has the effect — according to those familiar with the process — of giving the Pentagon additional prerogatives to prepare for strikes. It also preemptively addresses traditional intelligence community concerns that cyberattacks will compromise ongoing or future intelligence-gathering by exposing U.S. data-collection operations.
The officials declined to provide details about what the United States will do in response to Russian interference in the elections. But administration officials have made clear that the trigger for a broader response would have to be something more than “malign influence … trying to sway peoples’ opinion or the way people might vote,” as a senior administration official put it on a call with reporters on Oct. 31 organized by the White House. “This is something that has happened since the dawn of the republic.”
Social media influence operations, widely used by Russia in 2016 and again over the past two years, were the focus of an indictment by the Justice Department of Russian national Elena Alekseevna Khusyaynova unveiled Oct. 19, in which she was charged with conspiring with others against the United States.
The senior official clarified that it would be direct interference — efforts to tamper with voting registration and recording votes — that would bring “swift and severe action.” The reason, the official said, is “that fundamentally wrecks the natural process that we have established in this country.” That official didn’t describe what the U.S. action would be.
In 2016 Russian hackers tried to break into the election systems of at least 21 states, although some were not notified by Washington until Sept. 2017. In at least one state, Illinois, Russian hackers managed to gain access to voter registration data, although state officials said that none of the information was altered. Several other state systems were rumored to have been breached, although none have publicly confirmed it.