In a recent tweet, President Trump asked: “Why didn’t Obama do something about the (Russian) meddling?” It’s a good question, especially since, as President Trump pointed out, “all of the Russian meddling took place during the Obama administration.”
The answer to President Trump’s question is that over the course of eight years the Obama administration neglected to take cybersecurity seriously, even though in 2013 Defense Secretary Leon Panetta warned of a “coming (cyber) Pearl Harbor.”
Despite repeated intrusions, and though independent agencies concluded that our defenses against hackers were woefully inadequate, the Obama White House made only cosmetic attempts to protect our vital agencies and infrastructure. When this lack of preparedness led to damaging virtual break-ins, President Obama declined to confront the bad actors trying to steal our secrets.
This came in spite of President Obama’s easy access to Silicon Valley. The only time the White House called in some help from tech titans was when the ObamaCare rollout crashed, embarrassing the president. Not when the Chinese invaded the White House computer network in 2012 or when North Korea penetrated Sony’s systems; the big guns were summoned only when the president’s legacy program teetered on the brink of collapse.
In 2014 then-Sen. Tom Coburn, R-Okla., who served on the Homeland Security and Government Affairs Committee, published a report on the dangerous lapses in the government’s cyber preparedness, based on 40 reports and audits, including from the Government Accountability Office.
Federal agencies, Coburn reported, had neglected to implement even the most basic safeguards, such as resetting passwords or downloading software updates.
The report contained details of a hack of our Nuclear Regulatory Commission, for instance, in which data on the country’s 85,000 dams was stolen from the unprotected computers of the U.S. Army Corps of Engineers. The information included estimates of the potential death counts that would result from the failures of individual dams.
The most significant intrusion during President Obama’s two terms was the 2015 penetration of the Office of Personnel Management (OPM), in which sensitive information (Social Security numbers, birth dates, health histories, fingerprints) on 22 million people – many with top security clearances – was stolen.
Not only did the White House allow the break-in to occur – officials there lied about the severity of the attack. OPM officials initially told the Wall Street Journal that no sensitive data had been stolen, though the FBI had informed them otherwise. The Journal reported that the day OPM made that dishonest claim, former Homeland Security Secretary Janet Napolitano emailed to tell friends at the University of California that people who had gone through a security clearance were at risk. She had apparently received a heads-up.
That theft was said to have been the work of the Chinese.
The OPM breach was not unique. During the Obama years the Pentagon, the CIA, the Department of Commerce, Department of Homeland Security and the National Nuclear Security Administration were all hacked.
After the OPM attack, Director of National Intelligence James Clapper said at a security conference: “Until such time as we can create both the substance and the psychology of deterrence, this is going to go on.” He argued that “unintended consequences and other related policy issues” made creating such deterrents difficult.
In other words, the Obama White House did nothing when China hacked the OPM, or when North Korea invaded Sony because there were overarching political considerations. Think climate accord and a nuclear stand-down.
But it was the White House’s tolerance of Russian intrusions that in retrospect was the most dangerous action. In 2013 Russia took advantage of a Microsoft glitch to hack into NATO’s computer systems, the new Ukrainian government and several European Union agencies. President Obama did nothing to respond to this aggression, emboldening Moscow.
Over the next two years Russian agents invaded the State Department and ultimately penetrated not only the White House but also the Pentagon. The thefts of data were not as public as the plundering of OPM by the Chinese; the Russians appeared to be accumulating virtual weapons.
In late 2015, the FBI warned the Democratic National Committee (DNC) that Russian hackers had breached its computers. A few months later the same group of Russians ensnared John Podesta, Hillary Clinton’s campaign chair, harvesting his emails.
The Russians sat on their stolen material until a few weeks before the Democratic National Convention, when they then forwarded the hacked emails from the DNC to Wikileaks. The resulting uproar, which cost DNC Chair Debbie Wasserman Schultz her job, was only the beginning, as we now know.
Because President Obama was beholden to China for agreeing to join the Paris Climate Accord and because he needed both Russia and China to sign off on the Iran nuclear deal, he chose not to push back against their criminal invasions of our private and public institutions. As Luke Thompson has argued in the National Review, this lack of confrontation only encouraged more bad behavior.
Our country has been wracked by discord for more than a year, and the Trump presidency has been severely weakened by charges that his team colluded with the Russians to defeat Hillary Clinton. There has been no evidence of such behavior, but the investigation goes on, dividing the nation and undermining Americans’ confidence in our law enforcement and intelligence agencies, as well as our president.
The Justice Department has concluded that the Russians wanted to “sow discord” in the United States. This will be Obama’s legacy: he allowed them to do so.