The Morning Dispatch: A Mammoth Intelligence Hack

Happy Tuesday! The amendments of the Bill of Rights were ratified by the states on this date 229 years ago—and boy are we glad they were!  

Quick Hits: Today’s Top Stories

• President-elect Joe Biden officially received 306 electoral votes yesterday as members of the Electoral College in states across the country met to cast their ballots. In brief remarks last night, Biden said the American electoral process “proved to be resilient, true, and strong,” but went on to lambast President Trump for his “unprecedented assault on our democracy” in recent weeks.

• The first doses of the Pfizer COVID-19 vaccine were administered to healthcare workers and long-term care facility residents on Monday.

• President Trump announced on Twitter Monday that Attorney General Bill Barr will leave his post on December 23. Deputy Attorney General Jeff Rosen will serve as acting attorney general for the remaining few weeks of the Trump administration, and Richard Donoghue will assume the role of deputy attorney general.

• A bipartisan coalition of lawmakers unveiled an updated two-part, $908 billion coronavirus relief plan on Monday. One bill would appropriate $748 billion to extend the Paycheck Protection Program for small businesses, add enhanced federal unemployment insurance, and boost funding for vaccine distribution, education, and coronavirus testing. The second bill—$160 billion—includes the thornier topics: Funding for state and local governments, and limited liability protections for employers.

• An investigation from Bellingcat and CNN identified a team of Russian specialists that trailed Russian opposition leader Alexei Navalny in the days leading up to his poisoning via nerve agent in August. CNN’s Clarissa Ward confronted one of those allegedly involved, walking up to his apartment on the outskirts of Moscow. 

• Election technology company Smartmatic on Monday issued legal notices and retraction demand letters to Fox News, One America News Network, and Newsmax for what the company views as a “disinformation campaign” intended to injure Smartmatic and discredit the 2020 U.S. election.

• The United States confirmed 270,103 new cases of COVID-19 yesterday per the Johns Hopkins University COVID-19 Dashboard, with 12.4 percent of the 2,172,942 tests reported coming back positive. An additional 1,314 deaths were attributed to the virus on Monday, bringing the pandemic’s American death toll to 300,477. According to the COVID Tracking Project, 110,549 Americans are currently hospitalized with COVID-19.

Russia’s Latest Hack: U.S. Agencies and Companies

In one of the most expansive cyber breaches in the country’s recent memory, several federal government agencies—including the U.S. Departments of Treasury, State, Homeland Security, and Commerce, as well as the National Institutes of Health—were infiltrated by foreign actors in a months-long campaign. The attack has yet to be formally attributed to any one organization or state, but the Washington Post reported Sunday that officials suspect APT29, a Moscow-backed group notorious for its sophisticated espionage operations and direct links to Russian intelligence agency resources. The same group allegedly hacked the State Department and White House during the Obama administration.

Hackers gained entrance to the networks of government agencies and other organizations using a malicious software update for SolarWinds Inc., an IT provider with numerous government contracts. The Austin-based company boasts more than 300,000 customers across the globe, including all five branches of the U.S. military, NASA, the Pentagon, more than 425 Fortune 500 companies, the Department of Justice, and the Office of the President of the United States.

Klon Kitchen, Director of the Heritage Foundation’s Center for Technology Policy, told The Dispatch that the hackers “focused their efforts on SolarWinds, and then used it as a base camp from which to funnel into all of these clients.” We do not yet know the full extent of the operation, but we can pretty safely assume the number of entities affected will continue to grow. In a filing with the Securities and Exchange Commission on Monday, SolarWinds said it believes fewer than 18,000 of its customers installed the specific version of its Orion software that “contained this vulnerability.”

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive Monday to address such concerns, ordering all federal civilian agencies to immediately disconnect any SolarWinds Orion products from their network. The mandate—just the fifth of its kind since 2015—cited the “current exploitation of affected products and their widespread use to monitor traffic on major federal network systems,” the “high potential for a compromise of agency information systems,” and the “grave impact of a successful compromise” as guiding factors in its determination.

Although several sources have corroborated the Post’s identification of APT29—also known as “Cozy Bear”—as the likely culprit behind the attacks, the Russian government has roundly denied responsibility. Representatives from the Russian embassy in Washington took to Facebook Sunday night to dismiss accusations of Moscow’s involvement as “unfounded attempts of the U.S. media to blame Russia for hacker [attacks] on U.S. governmental bodies.”

“Russia does not conduct offensive operations in the cyber domain,” the post read, falsely.

But Kitchen, who spent years in the U.S. intelligence community, believes a combination of advanced forensics, tradecraft, and U.S. intelligence point to the Russia-linked group. Putin’s government has shown its capability and willingness to carry out such attacks on more than one occasion, and—alongside the United States, Iran, China, and North Korea—hosts some of the world’s most sophisticated state-backed cyber operations.

The malware enabling the infiltration was introduced on SolarWinds Orion Platform updates released back in March and June, but went undetected by the United States government for more than nine months. CISA—the federal body primarily responsible for cyber defense—has been notably understaffed since President Trump fired its director, Christopher Krebs, last month. The ouster—which came because of the president’s frustration with Krebs’ repeated and authoritative debunking of Trump’s election disinformation—led some of the agency’s other senior officials to tender their resignation as well. 

Even under normal circumstances, neutralizing every cyber threat is extraordinarily difficult.

“Adversaries only have to be right once, and you’ve got to be right all the time. So there’s just a problem of scale here that’s difficult for anyone who is playing defense,” Kitchen told The Dispatch. “And everything indicates that this was a particularly sophisticated campaign. When you have a very capable syndicate backed by essentially unlimited resources from the Russian government, odds are they’re going to find their way in eventually. Cybersecurity is a contact sport and the good guys took a pretty big hit on this one.”

As bad actors around the world ramp up their cyber warfare capabilities, attacks of this variety will become increasingly commonplace. Where defense systems fail, greater deterrence is needed.

“There is a growing realization that these types of attacks just cannot be allowed to go unanswered because they are extremely costly—not just financially, but also in terms of data and security,” Kitchen said. “Some type of coordination of all elements of national power—whether it be economic or political or military or cyber—has to be brought to bear to change the calculus of, in this case, Moscow.”

“These types of operations just have to be made so painful in some form or fashion that they’re no longer conducted in as aggressive or as brazen a way as this one was.”

Department of Justice Dis-Barred

With the Electoral College officially confirming Joe Biden as president-elect yesterday and the Trump administration down to its final 36 days, you might think the president would be content to ride out his term without any more significant personnel shakeups. In the weeks since the election, he’s already dismissed Defense Secretary Mark Esper and CISA Director Christopher Krebs. But Attorney General Bill Barr became the latest Trump administration casualty on Monday, with the President taking to Twitter to announce Barr would be resigning his post, effective December 23.

For the last two years, Barr has been one of President Trump’s most reliable allies: Shepherding him through the release of the Mueller report, intervening in the prosecutions of his former aides, launching an investigation into the roots of the Trump-Russia probe, claiming that a Biden win would “irrevocably” commit America to “the socialist path.” In the months leading up to the election, critics dinged him for parroting the president’s rhetoric attacking mail-in voting.

But he occasionally showed an independent streak that frustrated the president, refusing to prosecute Trump’s adversaries, calling the prosecution of Roger Stone “righteous,” delaying the findings of the investigation into the origins of the Russia inquiry until after the 2020 election, keeping secret the federal investigation of Hunter Biden and even declaring that Trump’s tweets make his job more difficult. In recent days, Barr has distanced himself from Trump’s crusade to convince the American people that Joe Biden was elected only thanks to mass Democratic voter fraud. On December 1, Barr told the Associated Press that, although the Justice Department was investigating complaints of election fraud as it received them, “to date, we have not seen fraud on a scale that could have effected a different outcome in the election.”

The pushback from Trump and his legal team was immediate. “With the greatest respect to the attorney general,” president’s lawyers Rudy Giuliani and Jenna Ellis said in a statement, “his opinion appears to be without any knowledge or investigation of the substantial irregularities and evidence of systemic fraud.” Trump was more combative, grousing that Barr was moving too slowly to prosecute Hunter Biden and accusing him of failing to “reveal the truth” about Hunter to the public before the election. He was considerably more pointed in his private vituperations.

Still, the news came as a shock to many in Washington. Capitol Hill reporters—with their push notification settings for Trump tweets—learned of the news before Sen. Lindsey Graham did. “I don’t think [Barr] is leaving,” he said when asked about the departure. His office later put out a statement expressing “total respect and admiration” for the job Barr did, praising the former attorney general as “the right man at the right time in overseeing highly political investigations [who] stood in the breach at times against both the left and the right.”

Barr and Trump parted courteously, at least in public. The attorney general’s resignation letter heaped effusive praise on the administration’s accomplishments, and—even more important to Trump—spent ample time decrying his foes: “A partisan onslaught against you in which no tactic, no matter how abusive and deceitful, was out of bounds.”

So why did Barr get the axe? One possibility is that Trump grew frustrated with his attorney general’s refusal to take concrete action to prevent Biden’s election from going forward, and decided to replace him with somebody who would. It’s not like Trump wouldn’t go there: The whole reason Barr got the job in the first place was because Trump had fired his predecessor, Jeff Sessions, for failing to protect him from the Mueller investigation.

But that theory is belied somewhat by the fact that Trump is replacing Barr, not by bringing in some stop-the-steal hardliner like Rudy Giuliani, but simply by sliding the existing command structure up a rung. Replacing Barr will be his own deputy and former Bush administration lawyer Jeffrey Rosen. Taking over as acting deputy attorney general will be Rosen’s current top deputy Richard Donoghue, who is now the—deep breath here—principal associate deputy attorney general. (He previously served as the U.S. attorney for the Eastern District of New York.) The Wall Street Journal reported Monday that “other Justice Department officials said they didn’t expect Mr. Rosen to deviate from Mr. Barr’s policies.”

Still, the president forcing out the country’s top law enforcement official—even one who’s shown a high degree of personal deference and loyalty—over his unwillingness to participate in a democracy-undermining campaign to overturn an election, on the very day of Biden’s official election by the electoral college and mere moments after those results were made official, doesn’t exactly bode well for the chances of Trump finding a way to come down from his “stop the steal” rhetoric and face the reality of his loss.

Worth Your Time

• Azam Ahmed writes for The New York Times about a Mexican woman’s herculean effort to track down the people responsible for kidnapping and murdering her daughter. In three years, Miriam Rodríguez captured nearly every living member of the crew that had abducted her daughter in their city of San Fernando, Mexico, leading to their arrests. “She cut her hair, dyed it and disguised herself as a pollster, a health worker and an election official to get their names and addresses,” Ahmed reports. “She invented excuses to meet their families, unsuspecting grandmothers and cousins who gave her details, however small.” Her efforts made her a target—and in 2017, she was shot in front of her home and killed. “In all, she was instrumental in taking down 10 people, a mad campaign for justice that made her famous, but vulnerable,” Ahmed writes. “No one challenged organized crime, never mind put its members in prison.”

• In a deeply reported piece for The Atlantic, Ed Yong chronicles how the COVID-19 pandemic shifted scientific priorities, resources, and manpower in ways never seen before. “No other disease has been scrutinized so intensely, by so much combined intellect, in so brief a time,” he writes. This cuts both ways—not only did scientists develop vaccines, testing methods, and models for how the virus is contracted, but they also in some cases produced flawed research, pursued sloppy clinical trials, and published misleading information. “At its best, science is a self-correcting march toward greater knowledge for the betterment of humanity. At its worst, it is a self-interested pursuit of greater prestige at the cost of truth and rigor. The pandemic brought both aspects to the fore,” he concludes. “Humanity will benefit from the products of the COVID‑19 pivot. Science itself will too, if it learns from the experience.”

• The BBC has put together a compelling, beautiful series of photographs documenting how the Balkans have changed since the signing of the Dayton Agreement—the international peace treaty that brought an end to the devastating war in former Yugoslavia. “Between 1992 and 1995, the war in Bosnia-Herzegovina claimed more than 100,000 lives and made around two million people homeless,” the BBC notes. The 25th anniversary of the signing of the Dayton agreement was yesterday. Scottish photographer Chris Leslie visited the Balkans over the years to photograph the people affected and the areas ravaged by the war.

Presented Without Comment: It’s Over Edition

Toeing the Company Line

• The Supreme Court on Friday declined to hear Texas Attorney General Ken Paxton’s lawsuit contesting the election results in four battleground states. What does the court’s order mean in plain English? Should the justices have said more? David and Sarah break it down on the latest episode of Advisory Opinions.

• Dispatch contributor and AEI scholar Yuval Levin has a must-read essay on the homepage, looking at the origins of partisan conspiracy and, importantly, a path to move beyond this ugly moment. “One institution in particular has kept its head and helped the country do the same: the federal judiciary…Notably, resistance to the pull of polarized conspiracy has extended to judges nominated by President Trump himself. Faced with claims of election fraud, every judge has demanded evidence, argument, and an adherence to proper procedure, and refused to tolerate groundless fantasy. These judges have done this not as agents or opponents of the president but as professionals—representatives of a set of institutions whose claim to authority is rooted in their commitment to a standard of integrity. It would have been good for us to see all the conspiracies of recent years scrutinized that way.”

Let Us Know

With the Electoral College officially voting yesterday, the presidential election is officially over—for like the sixth different time this month. 

How are you feeling about the strength of our democratic institutions? Heartened that they withstood the enormous stress placed on them since November? Or anxious that, in an alternate universe where things were a tiny bit closer, we could be trending dangerously toward a constitutional crisis?

Reporting by Declan Garvey (@declanpgarvey), Andrew Egger (@EggerDC), Haley Byrd Wilt (@byrdinator), Audrey Fahlberg (@FahlOutBerg), Charlotte Lawson (@charlotteUVA), and Steve Hayes (@stephenfhayes).