Like millions of Americans, I’m profoundly disturbed that, according to the FBI, the Russians have used cyber tools to hack into the Democratic National Committee and are continuing to use them to attack other organizations and individuals.
Vladimir Putin’s goal seems inescapable: He wants to destabilize our democracy in the long term and to damage Hillary Clinton and get Donald Trump elected in the short term. Trump’s chilling embrace of Putin only bolsters this conviction.
Among the worst-case scenarios: Russia hacks into digital voting machines and manipulates next month’s election results. At this point it doesn’t seem far-fetched.
Covert attempts by a nation to influence another’s elections and politics are hardly new. The CIA’s forays into South America, Central America and Eastern Bloc nations during the Cold War are obvious examples. But cyber tools have taken the practice to a whole new level of sophistication, and cyber conflict is a relatively lawless frontier of foreign relations.
Action needs to be taken — and soon. The FBI is redoubling its efforts to gather evidence that would allow the Justice Department to indict the hackers. But building a case is tough, in large part because the evidence is often classified.
Let’s consider some other options. International courts come to mind, but covert cybercriminals will ignore any edicts or threats of action from them. To think a toothless international tribunal can bring them to heel is wishful thinking. I can just picture Putin’s bitter dismissal of their authority. After all, last year he signed a law allowing Russia’s Constitutional Court to decide whether to implement rulings of international human rights courts.
But there is a new — and to date, unused — tool to combat these foreign cyberattacks. In April 2015, the Obama administration issued Executive Order (EO) 13694 — Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities. It’s a powerful and innovative order that outlines how we can respond to cyberattacks against our critical infrastructure, including our major political parties.
The order authorizes the secretary of the treasury, in consultation with the attorney general and the secretary of state, to impose sanctions on individuals and entities deemed responsible for or complicit in malicious cyber-enabled activities that are reasonably likely to result in a significant threat to the national security of the United States. Activities can include misappropriating trade secrets, personal identifiers or financial information for a competitive advantage. Election security surely qualifies.
Putin and his ilk will only increase their cybercrimes in the coming years, and they will ignore the international courts. If the FBI determines that Russia is behind these cyberattacks, then no time should be wasted. Sanctions should be imposed.
Mr. President, it’s time to use EO 13694.