This week in the Russia investigations: 21st century great power competition means the challenge of defending American democracy will get tougher, not easier.
The woods are dark and deep
Americans inside and outside of Washington, D.C., spent the last week transfixed by the drama over President Trump’s nominee for the Supreme Court, but there also were ample reminders about how the rest of the world is not standing still.
Thursday, for example, brought an extraordinary pair of reports about the urgent cyber-dangers that continue to confront the United States and the West — a reminder that the perils from outside don’t remain static but evolve as fast as technology and human ingenuity permit.
First was the announcement — in Europe and then the United States — about the latest campaign of cyber-mischief by Russia’s military intelligence agency, the GRU.
This is the same army spy branch that was responsible for the cyberattack against the Democratic National Committee and myriad other targets in 2016, and then the poisoning of a number of people this year in Great Britain.
Now, according to European and American authorities, the GRU has been caught waging cyberattacks against Western institutions that have exposed Russian lawbreaking and venality.
Russia’s international athletics programs have been blacklisted because of their rampant illegal drug abuse. The GRU’s scheme to murder its targets in the U.K. not only failed to kill its intended victim but was exposed as a foul-up and its perpetrators identified.
So Russia’s intelligence agencies evidently wanted to try for turnabout: to embarrass elite Western athletes by stealing information about them from anti-doping authorities and potentially compromise chemical weapons experts who were studying the nerve agent the GRU had used in its attacks in the U.K., or at least surveil them.
But these weren’t just a continuation of the same concerted “active measures” the Russians have been waging against the West since the invasion of Ukraine.
There were new refinements, including the deployment of human intelligence officers to Europe — and who knows where else — to conduct in-person cyberattacks separate from the remote attacks that have become familiar from 2016.
What happened? According to European authorities, a cadre of GRU officers flew from Russia to the Netherlands to attack the Organization for the Prohibition of Chemical Weapons. The men showed up in a rental car full of computer network equipment next to the target building in The Hague — but were caught, arrested and deported.
How’d it work? The goal appears to have been to get the GRU cyberattackers onto the target wifi network in order to steal the credentials needed for a cyberattack. Or, alternatively, to create a lure wifi network in an attempt to trick the targets to join it instead of their own real one. If they had achieved the latter, the GRU attackers could have then controlled the targets’ access to the Internet and done all kinds of unpleasant things.
Why is this important? The beauty of cyberattacks, from the perspective of those inside the spy business, is the reduced risk involved with deploying human operatives and physical hardware into another — potentially hostile — country.
The “Internet Research Agency” — waging its campaign of online agitation against the West, and the GRU with its hacking, theft and dumping of embarrassing materials — could do all that from the safety of their own home soil.
The OPCW attack, however, following the U.K. nerve agent attacks, reveals a new boldness about sending human intelligence operatives overseas in service of these aims.
In the case of election interference targeting the United States, that isn’t new: Justice Department special counsel Robert Mueller has documented reconnaissance missions by Russian intelligence operatives ahead of the main wave of active measures that peaked in 2016.
To the degree that cyber-defenses have evolved, however, necessitating new attacks like those from the GRU’s rental car, it means the threats will change too.
How many rental cars full of network equipment are parked outside key offices in the United States today? And how many other such novelties are slipping into the country?
A little something extra
The danger of infiltration doesn’t necessarily have to mean people.
It can include things that are very, very small — smaller than the nib of a pencil, smaller than a grain of rice. That’s about the size of the microchip that China’s intelligence agency was able to add to the circuit boards of computer hardware bound for customers inside the United States, including, reportedly, U.S. government agencies and Big Tech companies.
That was according to a blockbuster story by Bloomberg Businessweek that reminded Americans — because this isn’t the first time it has come up — about the vulnerabilities of a high-tech supply chain in which so many components originate in China.
When American spy agencies want to exploit computer hardware bound for a target, they intercept it between the shipper and the recipient. Let’s say a certain foreign ambassador expects a new laptop. At some point in its journey, the magical elves of the National Security Agency, let’s say, might take it apart, sprinkle in their fairy dust and then reassemble it for final delivery.
What Bloomberg’s report suggested is that the Chinese government can stage these hardware attacks at an industrial scale, from the factories up.
Apple and Amazon, two of the boldface-name targets named in the story, denied they had been victimized as described; the U.S. government agencies involved so far haven’t commented.
Old story, big new sequel
Tech supply chain integrity was a bugbear of former Michigan Democratic Sen. Carl Levin, who issued a major report about the perils facing U.S. defense contractors when he was chairman of the Senate Armed Services Committee.
In Levin’s case, he was as much concerned that parts reaching American aircraft or weapons might be fake or corroded components that had been fraudulently sold as new — that a missile guidance system might fail in a key moment simply because it was counterfeit, not as the result of a deliberate scheme.
The Bloomberg story makes clear that, although Levin’s fears remain valid, this danger today is significantly greater and more pernicious.
What does any of this have to do with the Russia investigations? For one thing, this: The White House has begun accusing China of attempted election interference. President Trump did so at the United Nations and Vice President Mike Pence followed up in more detail on Thursday.
Chinese leaders are retaliating against the Trump administration’s tariffs and hardball trade tactics, the administration says. So Beijing wants to replace Trump with a more friendly leader.
It’s difficult to know, without access to the kind of foreign intelligence reporting that Trump and Pence receive, how accurate that claim might be.
It is by now an old and familiar story that China wages a wholesale campaign of industrial espionage against the United States, one in support of its broader goal to match and overtake American technological capabilities as China continues its ascent in this century.
But does Chinese President Xi Jingping want to join Russia’s President Vladimir Putin in the chaos business?
So far, what is publicly known about China’s information activity does not suggest that is so. In fact, China’s distinctive approach to exerting influence around the Pacific Rim has earned its own custom term: “sharp power.”
What characterized Russia’s campaign in 2016 and since is that it has been heavily clandestine: Spies worked behind the scenes. Operatives pretended to be Americans on social media — among other things — in order to put real Americans at each other’s throats.
If China does increase its quantity and quality of that type of work, alongside that of Russia which never stopped, political life in the United States going forward could make the experience of 2016 look like a picnic.