On Monday, the FBI announced that it was investigating the hack into the Democratic National Committee. At about the same time, it was also reported that FBI officials believe that the hack was committed by the Russian government, and was undertaken with the intent of aiding Donald Trump’s presidential campaign. (The release of the stolen data by WikiLeaks has already caused discord in the Democratic Party on the eve of its convention in Philadelphia; over the weekend, the chair of the DNC, Debbie Wasserman Schultz, resigned from her post.) As Franklin Foer reported in Slate, Trump has a long history of cozying up to Russia and its leader, Vladimir Putin. (Trump recently stated that the United States may not honor its NATO obligations if a member state was attacked by Russia.) And Putin has his own long history of attempting to undermine the West by supporting right-wing candidates.
To discuss the DNC hack, I corresponded over email with Jack Goldsmith, a Harvard Law School professor and fellow at Stanford University’s Hoover Institution. A former member of President George W. Bush’s Justice Department, he is also the author of several books on executive power and 21st century warfare. In the course of our discussion, which has been edited and condensed, we discussed the difficulty of assigning responsibility for a cyberattack, the history of countries meddling in foreign elections, and whether Russia is the only American adversary to be worried about.
Isaac Chotiner: How credible is it that Russia was behind the breach?
Jack Goldsmith: Reports attributing the breach to Russia have been pouring out all day. The New York Times said that private researchers had concluded that this hack was done by the same Russian intelligence services that recently breached various U.S. government networks. It also said that meta-data in the emails indicated that documents passed through Russian computers. Other news services have said the FBI suspects the Russians. I have no basis to question these reports. But the truth is that there is no public evidence whatsoever tying Russia to the hack. Attribution for cyberoperations of this sort is very tricky and tends to take some time. Even if the hack can be linked to computers in Russia, that does not show that the hack originated there (as opposed to being routed through there). And even if it originated in Russia it does not show who was responsible. That said, it would not be surprising if the Russians were behind this. In addition to today's reports, the director of national intelligence warned months ago about intrusions into campaign networks, and Russian intelligence services and criminal networks have reportedly infiltrated important U.S government networks in the last year. But to repeat, there is no public evidence yet—all we have are reports by private firms and anonymous government officials.
How often do you think America engages in this kind of thing?
It depends on what you mean by “this kind of thing.” One of the first ever CIA covert operations was designed to influence the Italian elections of 1948 to ensure that the Communists did not win, and there are several now-public examples of U.S. covert operations to influence foreign elections over the years. The United States is also a global leader in espionage and data theft in foreign governmental networks. And all major powers, including the United States, engage in information operations in various contexts. Note that a few months ago Putin attributed the Panama Papers disclosures to the United States: "We now know from WikiLeaks that officials and state agencies in the United States are behind all this."
Is the election aspect of this hack unique?
There have been reports in recent years of cyberattacks or cyberoperations in computer networks in other countries related to elections. Still, if this is a Russian (or some other foreign governmental) operation, I know of nothing parallel on this scale, with this impact. And yet, as I wrote this morning, “the Russian hack of the DNC was small beans compared to the destruction of the integrity of a national election result.” Presumably the DNC email hack and leak involve genuine emails. But what if the hackers interspersed fake but even more damning or inflammatory emails that were hard to disprove? What if hackers break in to computers to steal or destroy voter registration information? What if they disrupted computer-based voting or election returns in important states during the presidential election? The legitimacy of a presidential election might be called into question, with catastrophic consequences. The DNC hack is just the first wave of possible threats to electoral integrity in the United States—by foreign intelligence services, and others.
How should we respond?
Very hard question to answer at this point. One needs to have a better handle on the facts before even speculating.
Are there dangerous escalation scenarios that have you worried?
There are always dangerous escalation scenarios in the cyber context because of the attribution problem and because of the difficulty of controlling the unintended second- and third-order consequences of cyberattacks. It’s too hard to even speculate at this point.
How high would a problem like this go in the executive branch in terms of deciding what to do going forward?
An allegation that a major adversary has intervened to disrupt the American presidential election is the most serious of issues and will certainly be discussed in the Oval Office and the Situation Room. Whether the allegation of Russian involvement is true or false, it has huge domestic implications and potentially large foreign policy implications (in Europe, Syria, etc.).
How seriously do you think the government takes issues of cyberwarfare? Do you feel confident about our defensive capabilities and competence?
“Cyberwar” is a misleading term—the Russian hack, if it is that, is not an act of war, at least not by traditional standards. It is closer to an intelligence operation with the twist of a damaging publication of the stolen information. That said, the U.S. government takes all major cyberoperations against it and its major public and private institutions very seriously. My confidence about our defensive capabilities and competence depends on what institutions you are talking about. Today, some components of the government (e.g. the Defense Department) do better than others (e.g. the Office of Personnel Management, which recently suffered an very damaging hack). And private sector defenses, even of important critical infrastructure networks, are a very mixed bag. The scale of the challenge is enormous, and offense has many advantages over defense. I don’t know anyone who is sanguine about our defensive capabilities overall.
Is the sense that Russia is the only adversary doing things like this?
Nope. In the 2012 election there were reports that China and Anonymous had infiltrated the Obama and Romney campaign networks. The AP reported in May that Director of National Intelligence Clapper warned that “hackers, possibly working for foreign governments” (note the plural) had already infiltrated candidate networks. Many foreign intelligence services and private entities might have the motive and the means to hack candidate or party committee or vote-tallying computers.