Written by Shannon Vavra
Russia and China are “undoubtedly” working to interfere in the 2020 presidential election in the U.S., Trump’s former national security adviser John Bolton said Tuesday.
The comment, which Bolton shared in response to a question from CyberScoop about offensive cyber-operations, came days after the Office of the Director of National Intelligence shared publicly that a whole host of foreign governments, including Russia, China, and Iran, are trying to exert influence over the U.S. presidential election this year.
Russia is working to “primarily denigrate former Vice President [Joe] Biden,” while China “prefers” that Trump “does not win reelection,” the U.S. intelligence shows, according to the ODNI. Iran has set its focus on spreading disinformation on social media and seeks to “undermine U.S. democratic institutions, President Trump, and to divide the country,” according to the ODNI.
The U.S., however, can and should hit back in cyberspace in an effort to try to deter adversaries seeking to interfere in U.S. elections, Bolton said, adding he sees offensive U.S. cyber-operations against adversaries as a way to deter them from targeting the U.S. again.
“Cyberspace is no different than any other venue for human activity, and when people try and use it adversely against us I think it’s entirely legitimate for us to take offensive measures,” Bolton said during a National Press Club virtual event.
While Bolton was serving as Trump’s national security adviser, the Trump administration took sweeping action to give the CIA more leeway to carry out covert cyber-operations against adversaries, including disruptive or destructive operations, as Yahoo News reported. The kinds of operations that could have been sanctioned through these newfound authorities include CIA-run hack-and-dump operations or cutting off electricity in a foreign country.
Bolton declined to discuss the presidential finding on the CIA’s newfound flexibility with offensive cyber-operations and would only speak in general terms, but said he thinks adversaries should feel repercussions that overshadow the costs they impose on the U.S.
The goal is “not to engage in endless conflict, but to set up structures for deterrence. So that if as they have before and they undoubtedly are in the 2020 election, trying to interfere, that Russia and China learn to their detriment that they will pay a price — indeed a price in excess of the price of the cost that they impose on us,” Bolton said. “That’s how you establish deterrence.”
The CIA has used the new presidential finding at least a dozen times, including for hack-and-dump operations in both Russia and Iran, according to Yahoo News, akin to those the Russian military intelligence apparatus waged against the U.S. in 2016.
Since then, the Trump administration and Bolton worked to do away with Obama administration mechanisms that some in the national security community saw as a hindrance to the U.S. government running quick cyber-operations against adversaries.
Alongside the CIA order, the Trump administration also issued National Security Presidential Memorandum 13 (NSPM-13) to give military hackers, such as those in the Pentagon’s Cyber Command, more latitude in targeting adversaries. Since then, Cyber Command operators have run missions to disrupt or interfere in adversaries’ cyber-operations, including one in which they interrupted the internet access of Russia’s troll farm, the Internet Research Agency, in an attempt to try and block Russian designs against the 2018 U.S. midterm elections.
“We needed to scrap the Obama-era rules and replace them with a more agile, expeditious decision-making structure,” Bolton writes of the overhaul of cyber-operations in 2018 in his new memoir, “The Room Where It Happened.”
Deniability in deterrence
But covert action is meant to leave room for plausible deniability to be effective, raising the question of whether it can be useful in the election threats context, according to Megan Stifel, a former director for international cyber policy at the National Security Council and the former Director for Cyber Policy in the Department of Justice’s National Security Division.
“There is a time and place for offensive cyber-operations, I remain unclear the U.S. government has a well-considered policy on it,” Stifel, a senior fellow in Atlantic Council’s Cyber Statecraft Initiative, told CyberScoop. “With election interference, I’d think you’d want to overtly claim the ‘knock it off’ activity.”
Establishing deterrence with foreign adversaries could be as simple as threatening action, Paul Rosenzweig, President George W. Bush’s deputy assistant secretary for policy at the U.S. Department of Homeland Security, told CyberScoop.
“Deterrence involves raising the cost to adversaries of their actions. Today the Russians have suffered virtually no consequences for their interference in American elections. Any effort by the CIA or Cyber Command to redress that gap, if done in a proportional way, would be welcome,” Rosenzweig told CyberScoop. “But even better, it would be useful if the U.S. could convincingly declare its intent to retaliate, in a way that made it unnecessary to actually do so.”
The National Security Agency and Cyber Command, for their part, have been making more efforts to publicly discuss their joint task-force focused on election threats from Russia, China, Iran, North Korea, and ransomware actors, known as the Election Security Group.
Bolton’s comments came the same day the Senate Intelligence Committee revealed additional information in a bipartisan report on Russia’s influence and interference operations in 2016, including the GRU’s hack-and-leak operation targeting Hillary Clinton’s campaign and the Democratic National Committee.