Self-Delusion on the Russia Hack

The U.S. regularly hacks foreign governmental computer systems on a massive scale.

By
59

As the news about Russia’s broad digital espionage operation against the U.S. Defense, Treasury, and Commerce Departments, nuclear laboratories, and other governmental systems grows more ominous, prominent voices are calling for a vigorous response. “[A]ll elements of national power,” including military power, “must be placed on the table,” proclaimed Thomas Bossert, the former senior cybersecurity adviser in the Trump administration, in a New York Times op-ed. The United States must “reserve [its] right to unilateral self-defense,” and “allies must be rallied to the cause” since such coalitions will be “important to punishing Russia and navigating this crisis without uncontrolled escalation.” Sen. Richard Durbin had a similar but pithier assessment: “This is virtually a declaration of war by Russia on the United States.” 

 The lack of self-awareness in these and similar reactions to the Russia breach is astounding. The U.S. government has no principled basis to complain about the Russia hack, much less retaliate for it with military means, since the U.S. government hacks foreign government networks on a huge scale every day. Indeed, a military response to the Russian hack would violate international law. The United States does have options, but none are terribly attractive.  

The news reports have emphasized that the Russian operation thus far appears to be purely one of espionage—entering systems quietly, lurking around, and exfiltrating information of interest. Peacetime government-to-government espionage is as old as the international system and is today widely practiced, especially via electronic surveillance. It can cause enormous damage to national security, as the Russian hack surely does. But it does not violate international law or norms.

 As the revelations from leaks of information from Edward Snowden made plain, the United States regularly penetrates foreign governmental computer systems on a massive scale, often (as in the Russia hack) with the unwitting assistance of the private sector, for purposes of spying. It is almost certainly the world’s leader in this practice, probably by a lot. The Snowden documents suggested as much, as does the NSA’s probable budget. In 2016, after noting “problems with cyber intrusions from Russia,” Obama boasted that the United States has “more capacity than anybody … offensively.”

Start a Free Trial
Get every newsletter and all of The Dispatch. Support quality, fact-based journalism. Get Started ALREADY HAVE AN ACCOUNT? SIGN IN
59
By
Comments (59)
Join The Dispatch to participate in the comments.
 
  1. Avatar photo
    Jason Gibson

    This article makes sense at a certain level. But that level at which it make sense would invalidate ever firing a gun in retaliation. I mean when one looks at everything our government has done in our name it would make us question whether we are morally able to field an armed military at all.

    Now don't get me wrong.......im not making an argument for dismantling the military or questioning our moral right to use military force. But if you start with "we did it first so who are we to complain?" Then suddenly you are forced into constant second guessing. It's kind of the "we had it coming" crowd regarding 9/11.

    I would respond in the famous words of william munny in unforgiven "we all got it comin kid"

    Collapse
  2. Avatar photo
    The Stray Goose

    Give me a freakin' break!
    "We're just as bad as they are."
    "We have no to right to complain".
    "They're political system is just as legitimate as ours is."
    Yeah, our Classical Liberal society isn't worth defending after the illiberal left is through with it. And typical of the left, he spends paragraph after paragraph complaining. I wondered if he was ever going to get to a recommendation. He saves it for the end - 'Can't we all just get along!'. Man, he's BRILLIANT! The reason why CLs oppose AOC/Sanders/This idiot is because we DO have something that's worth defending. If you're going to pollute our constitution with more and more socialism and make us just like Russian and China, then I guess we won't. Men like Mr. Goldsmith can't be reasoned with, they must be defeated. (if The Dispatch editors posted this as a thought-provoking exercise, that's fine. If they agree with him, then we are all surely lost).

    Collapse
  3. Avatar photo
    CoArch

    I'm all for the Golden Rule as it applies in my personal life. Elevating a personal moral code to public policy seems naive at best and almost nihilistic at worst. This is where good leadership reads this to fill out the bigger picture and gives a one word response. "Noted."

    Collapse
  4. Avatar photo
    Alain

    Great article. No, the point of the author is NOT that we should do nothing, the point is that we should not act in righteous indignation when countries hack into our systems or otherwise try to get the better of us when we do precisely the same thing.

    Collapse
  5. AtlDocD

    Here is a response. Place a device that can deliver an EMP outside the building of the cyber agency that committed this attack.

    Collapse
  6. Avatar photo
    td12212

    So this authors point is that since we regularly hack other governments networks we should allow them to hack us. If that were the case we would've allowed all sorts of spying activity to continue during the cold war and never prosecuted anyone just because we did the same thing. Utter horse do-do!!
    We do need to retaliate once we figure out that they haven't left trojans behind on our networks. Retaliation could take the form of sanctions against their banks and oil industry.

    Collapse
    1. AtlDocD

      I absolutely agree with you. We are told we have the best systems and spend untold billions to defend our cyber infrastructure. Sounds like Goldsmith is saying just bend over and take the spanking. We need to be the best at this and must respond to the Russians. Very dangerous times, but we must respond.

      Collapse
  7. Avatar photo
    F.X. LEACH

    “Whataboutism” is a cheap cop-out. Very disappointing read that I thought was coming from The Daily Kos. We know that we are the biggest hypocrites when it comes to our own culpability in other places and our own espionage arm. But it does not erase that we are being battered by an equalized playing field (with an apologist in charge who prefer to put a blind eye) for which we seem to have little to no answer. But luckily... we have Space Force. Yes... while we should scrutinize our own role in many areas of tinkering with other countries... it does not change one whit that that foreign govts are having a profound effect on this country... especially in regards to the quickly progressing area of technology. Noam Chomsky would have done a better job if I wanted some ideologue finger-pointing.

    Collapse
  8. Avatar photo
    JCroz

    Treaties of mutual restraint could be made to work, I suppose, but the incentive to cheat would still be strong. I suspect that this issue will be decided in the same way as other matters of sovereignty: by action and counteraction. When the potential costs of violating sovereignty by virtual means become high enough, restraint will make a lot more sense.
    So, while the US could surely stand to be more self-aware, the issue of competence is more relevant: if the US routinely ‘exfiltrates’ other states’ data, it ought to use the very same knowledge and experience defensively to harden up networks against similar counterattacks.

    Collapse
  9. Avatar photo
    Earl King

    They doth protest too much. These are the same idiots that went hyperbolic over $100,000 in Facebook ads of which half was spent after the 2016 election. When you even mention that the US has interfered with elections for probably 60 years or more. Certainly during the cold war...the CIA even killed foreign leaders. Spying is what all countries do....In certain cases it prevents war as you know what your opponent is thinking. My only thought process is "shame on us" for not doing more to protect our institutions. Obama shut off the electricity in Moscow for a bit in response to a hack. We sent Stuxnet in order to destroy Iran spinning of uranium. It's our fault. Do we not know by now that Iran, China, Russia and NOKO hack? Mr. Krebs or whatever his name is...should have been fired...it appears.

    Collapse
    1. Avatar photo
      Pat Riot

      The only way to defeat your enemies is to leave them and hope they don't attack again. Everybody knows that.

      Collapse
  10. Ingenero.lux

    I read the Russian attacks as more of a wake-up call: there is no reason for a lot of these computers to be on the internet. Cyber-security is important, but if something absolutely should not be accessed by foreign actors, it shouldn’t be on an internet-facing computer. End of story. Of course I’m not happy about the hack, but thinking our opponents won’t take the easy and cheap move of trying to hack anything they can get ahold of is worthy only of Doctor Pangloss. Certainly, we should respond in a measured manner that acknowledges our country’s vulnerability to cyber attacks, but every time I see sensitive government information stolen over the internet, I get quite pissed - don’t put the damned machines on the internet. If you do, assume your adversaries can know everything on them.

    Collapse
    1. Avatar photo
      Pat Riot

      We're not talking about the computers directly connected to weapons systems or containing the absolutely most secret stuff. What was probably breached is all of the office systems that these agencies need to do their business. It's just unrealistic to run organizations with thousands of people without networking.

      Collapse
      1. Ingenero.lux

        Depends on what they’re doing. We know it’s “serious” but no specifics yet - but weapons information has been stolen in the past, as has data useful in espionage. We either need to react with annoyance and tweak their nose as well, or not be particularly worried. Panic about massive breaches isn’t the best idea.

        And the government already has multiple intranets. If they need security for things that aren’t classified but should be secured, they should see about local networking with limited to no internet access. There is a ton of space between “on the internet” and “network and USB ports removed”.

        Collapse
        1. Jaybrown

          Unfortunately, every action that is taken to "secure" a government system is an action that makes it more unwieldy to use for daily work and effective interactions and processes. There is currently no indication that any secure government system was hacked. Government and government contractor employees are continually trained and reminded that "non-secure" systems are just that, and should be assumed to open to public release, unintentionally or not.

          Collapse
Load More