Biden Administration Imposes Sanctions on Russia for SolarWinds

On April 15, the Biden administration both formally attributed the SolarWinds espionage campaign to the Russian Foreign Intelligence Service (SVR), and imposed a series of sanctions designed to punish the country for the attack and deter future attacks.

I will leave it to those with experience in foreign relations to convince me that the response is sufficient to deter future operations. To me, it feels like too little. The New York Times reports that “the sanctions will be among what President Biden’s aides say are ‘seen and unseen steps in response to the hacking,” which implies that there’s more we don’t know about. Also, that “the new measures are intended to have a noticeable effect on the Russian economy.” Honestly, I don’t know what the US should do. Anything that feels more proportional is also more escalatory. I’m sure that dilemma is part of the Russian calculus in all this.

Posted on April 20, 2021 at 6:19 AM27 Comments

Comments

metaschima April 20, 2021 7:21 AM

I don’t think the sanctions are sufficient to deter future attacks. However, it should also be considered that Russia has been more active militarily recently and they are now amassing troops on the Ukraine border (again). So, war is not far away, not sure of the scale of the war, but sooner or later the whole world will be involved or affected.

Nick Nolan April 20, 2021 7:28 AM

There is difference between cyber espionage and cyber attack. An cyber attack on the citizens or infrastructure of another state is act of war.

Russians did the former. Hackers didn’t try to damage US systems,
infrastructure or services.

Espionage is something that all states do all the time. Everyone is responsible
for guarding their secrets. Blaming someone because they are successful in
spygraft and overreacting is poor sportsmanship.

Intelligence world has established protocol for responses and this fits that
protocol well. This is very proportional public response. The second response should be to strengthen U.S. cyber-defenses and infrastructure. Third response should be to spy right back even more.

CMOT Dibbler April 20, 2021 8:12 AM

I would hope that after those storms in Texas, they fell over backwards to secure the power grid before poking the Russian Bear. Wishful thinking?

Winter April 20, 2021 8:21 AM

@Nick Nolan
“Russians did the former. Hackers didn’t try to damage US systems,”

Russian hackers did attack the infrastructure of the Baltic states, NATO partners. Then we have the fall-out of WannaCry and NotPataya, which were extremely destructive. Both originated in Russia, and Russian authorities did nothing to stop it or apprehend the culprits, if they did not unleashed them themselves.

So, all in all, we have a rogue state damaging NATO partners time and again. That is war.

What to do? Deescalating and wrecking their economy would be the conventional strategy.

The war against the Nord Stream pipe could already be an example. Russia’s income depends on gas and oil, they still produce little of interest to the rest of the world. That is also why they really really want to sell their vaccines. It is almost the only leverage they have in trade.

Clive Robinson April 20, 2021 9:08 AM

@ ALL,

A basic lesson in history of the last half century would have taught people two things,

1, Economic sanctions against a nation are a form of mass murder.

2,When applied economic sanctions rarely if ever effect the supposed targets of the polotical, elites, their supporters or their guard labour.

3, There are more than enough other nations in the world who will see such sanctions as a profit opportunity.

4, Whilst Russia is “cash strapped” it is one of the richest nations in the world resource wise thus can keep going almost indefinately.

5, Many other nations are very much dependent on Russian resources which the US can not and will not make up the loss for.

6,Other super powers are going to see a hidden aliance with Russia as being strategically important.

The net result this is posturing for the home crowd and will do the US more harm than good. Worse it effects Europe, the Middle East and China none of whom are currently in favour of the US.

Thus the US is issolating it’s self further and further each time it pulls a silly stunt like this. Especially as most of the rest of the world know they have the NSA CIA and god alone who knows which other US agencies both Governmental and NGO in their networks.

Back at the ITU conferance in Doha in 2014 the likes of Russia and China made it very clear diplomatically they had had enough of the US and it’s older allies crawling around in it’s communications networks.

It’s fairly clear that since then Russia is taking the necessary legal legislative steps and actions to start carving it’s self out of the “all roads lead to Rome” or more correctly Washington of the Internet. Slowely but surely they are bringing their own Great firewall up.

Unlike the US and possibly Europe neither China nor Russia have set their economies to sit on top of the Information super highway bubble. Nor are Russia and China actually dependent on the US in the way the US is dependent on them.

The US started this silly game and all they keep doing is doubking down on it whilst making their own economy weaker and more dependent.

I’ve spent more than two decades warning about what is happening and the most likely out come.

The US has turned into the worlds party girl wasting everything on status and frippery whilst behaving like an ally cat morally. In the process totally hollowing out their nation so the cupboard is bare, and running around pretending to be every ones friend whilst robbing them every which way they can and setting them upon each other.

At some point the bubbles the US think are foundations for the future are either going to deflate or burst, and if the latter that’s when the game of musical chairs stops and where the bare tooth and claw fighting starts.

Meanwhile the politicians stand on the deck with the band playing “Nearer, My God, to thee” with their juniors playing at being designers but just rearanging the deck chairs. Whilst some of the nore sensible billionairs have bought their refuges abroad and are quietly moving the contents of their store cupboards out of the US not just away from the US IRS but away from their shareholders as well. Look at what percentage of Apple, Alphabet / Google, Microsoft, Amazon etc is “off shore for tax reasons” and just how little left there is in the US…

Ask yourself why other than not paying tax, and keeping it out of US and other shareholders hands they have done this. Oh and purchased not just offices, homes, fall out shelters and foreign citizenship and keep energancy transport “hot” and ready to go? Could it be they expect to be up and gone whilst “incoming” are in flight? Or similar.

There is an old Chinese curse “May you live in interesting times” and if people are not carefull they will find that the riches they think they have will disapear out of their hands faster than quick silver.

Remember when the computers are down your money is gone, when the currency in your pocket is nolonger sought it is worth less than toilet paper, it will not get you the basic necesities of life.

If you have doubts about what other people are thinking keep your eyes not on the price of precious metals but the more interesting industrial metals such as the “Rare Earth Metals” without which not just Chip/IC manufacture stops, but manufacture of computers on which the US is so dependent in just about everything stop. Even stuff that should not ve high tech like your fridge, freezer, cooker, microwave, water heater, house heating and even lighting and it can all be stopped dead in just a few milliseconds… But there is a lot of other high tech stuff, not just most domestic brown/white goods, most modern vehicles such as cars and most delivery vehicles. Even those that might be slightly better protected including trains and planes are not going to be unscathed because of all the unprotected support equipment including fuel supplies. Even supposadly protected “smart weapons” and even ordinary “weapons delivery systems” are likewise going to be effected.

A year or so ago most would not have believed it but the problems with energy companies just turning the switch off to make profit, and the break down of supply chains and thus shops during COVID have kind of started people thinking about “dependency webs” and where the “weak links” are and are realising just about everything is a weak link due to the “don’t lewve money on the table” and similar mantras that have taken any real kind of resilience out of the equation, just leaving fragility without backup that if any point fails will cascade through the rest (see Texas near grid down).

Some are realising that the currebt situation is not tenable, any one system can fail and without which cascades start, things stop and can not be brought back up due to ignored dependency and death inevitably follows unless you have thought ahead and made preperations or hop on a plane to Mexico, using your political position to ensure “you get on the last bus to nowhere”.

In a way for many in the US COVID has been a rude awakening out of their sleepwalk on social media. Take a look in Walmart, even they have jumped into the game with their 24Hour Personal Emergancy kits… What is that telling you their managment think and why?

Interesting times are indeed ahead and US politicos realy need to stop playing the fiddle, get down from their podiums and start doing an honest days work. Because they will find out all to soon if they don’t just how little US citizens are starting to think of them and with the very unobjective US MSM playing with fireworks in the fuel store whilst fanning any little sparks they see for ratings you know where that rabbit hole is likely to end up…

Remember nearly half the US adult population voted one way and the rest another way it was very close and very acrimonious. Some of those people took a day trip in January and did rather more than just knock on the door. Whilst to some they might appear extream, to others that poured large amouts of money into “war funds” and the like not at all. Thus many are a half pace behind extream in the crowd, with plenty more pushing forward from behind…

Is it realy time for empty gestures or actually taking a lead in getting all the nasty little games that all sides are playing if they have the money turned not into near acts of kinetic war but just minor annoyances?

Me I vote to stop blowing the trumpet banging the drum and slinging empty threats back and forth. Instead quietly look at sorting out the real root causes of the insecurities that make these stuoid ICT espionage games possible…

But if I’m still around and other of todays readers are in 2040-50 any bets on if I will still be saying the same “Defence not offence”?

Winter April 20, 2021 9:43 AM

@Clive
“A basic lesson in history of the last half century would have taught people two things,”

I would start with:
0 The USA is unable to formulate effective foreign policies.

Since WWII, the USA have been unable to organize an effective foreign policy that would benefit the USA. There are only two areas where USA policies were effective, getting the dollar to be the global reserve currency and getting control over the Middle East oil reserves.

All wars fought by the USA after WWII ended in disasters, starting with North Korea (ongoing disaster) and ending in Iraq and Afghanistan (ongoing disasters).

If you want to see effective, long term foreign policies, look at France and China.

TimH April 20, 2021 10:17 AM

It would be nice to have an arms treaty to, as Nick Nolan said, limit incursions to cyber espionage and agree that cyber attacks are war.

But while USA/Israel feel free to mount cyber attacks against Iranian reactors, I don’t see it happening.

Land mine treaties… sad stuff.

Winter April 20, 2021 11:08 AM

@TimH
“But while USA/Israel feel free to mount cyber attacks against Iranian reactors, I don’t see it happening.”

Also, after the wholesale discontinuation of all treaties by the previous administration, applauded by the supporting party, I see the world less than eager to star anew.

SocraticGadfly April 20, 2021 1:19 PM

What Clive has said.

Plus, and in part due to some benefits of climate change for Russian farming, Putin has boosted Russian food output in the face of previous sanctions. And, there’s OPEC+ on the oil side.

==

I see our ambassador’s been recalled for consultations.

Clive Robinson April 20, 2021 2:16 PM

@ Nick Nolan, ALL,

“Russians did the former. Hackers didn’t try to damage US systems,”

Actually the US attacked Russian infrastructure atleast thre times by what you would call cyber espionage / hacking, causing a number of deaths and billions in economic damages. The CIA actually publicaly boasted about it.

Then the US have sent duqu, Stuxnet, flame, and other variants off to other nations.

Just like with nuclear weapons the US has had for prestige reasons had to be first at mass destruction (they got beat on chemical weapons by both Britain and Germany) even biological weapons they used on their own people in the New York underground.

These are recorded in history that is publically available.

If you look at the history of Russia since Stalin’s day, they realy are not first at anything, however they can as with the Tzar Fusion Bomb (also the worlds cleanest by far at the time) go better, to the point their scientists and engineers designed the closest thing ever imagined to a “Domesday device” it never got built because the CCCP leader of the time told them they were compleatly mad and he would have them all locked up.

History shows that like it or not Russia is a pragmatic rational actor, and the US, well do I need spell it out any further?

Clive Robinson April 20, 2021 2:39 PM

@ Nick Nolan, ALL,

There is difference between cyber espionage and cyber attack. An cyber attack on the citizens or infrastructure of another state is act of war.

Actually it’s not, the US have been doing it for years in many more ways than the few we know about.

But guess what, killing an accredited and fully recognised diplomate of a foreign nation especially one on a peace mission is actually a primafacia act of war, and arguably covered by various parts of the Genocide laws and treaties as well. No matter what the nut job lawyers the US chose to have try and argue it’s not.

One of the major reasons the United Nations is more or less a failure for it’s original purpose is because of the permanent members of the security council who have vetos. They should be not just striped of the vetos but put in the rotation just like every other member nation.

But then as sern at Doha in 2014 if the worst comes to the worst and the US is going to loose at something, they can get Google to buy them out of it by bribing third world nations with baubles to get the necessary votes to have their global hegemony on cyber espionage and cyber warfare both of which history shows they are more than happy to do, untill it comes back to bite, then they pretend they have the moral highground and claim “we are the good guyd and YOU can not do unto us as we have done unto you” better known as hypocrisy or worse “Might is Right”.

Oh and the “Might is Right” nonsense is now being joined by the “Devine Right” nonsense we had for neigh on two thoudand years in Europe, and that never ended well. Oh and remember the Founding fathers very definitely said,

1, The Church shall never run the state.

2, The US will be not a democracy because those alow Kings, but a Rrpublic which do not alow kings or religious icons to have primacy.

With the last executive you had a VP and others publically claiming their religion came before all else (technically it’s a form of treason) and a President who in effect acted as a king with all the whims and lunacy that entailed (here let me sell you a bottle of bleach to wash your Chloroquine down with).

Just accept the fact US citizens know longer live in a secular republic, and it is in no way anything like a democracy. Their elected representatives do not in any way work for the citizens but against them. Because, they are too busy working out how to get the best nest feathering they can out of lobbyists and their pay master and other even less desirables with deep pockets, and cushy jobs for retirment plans etc…

Weather April 20, 2021 3:58 PM

@clive
Like you said you hit a brother the other will attack, with right or wrong.
Nz government finally understood and allowed AU’s in the bubble. Nz government at present is pro China, government wise. I know Chinese in the community and respect them.
It a tempary balance, each to survive themselves, but I think it would still fall back to old, just temp scmish.

metaschima April 20, 2021 8:00 PM

@Sommer
Well, maybe, but I’m not really convinced.

ht tps://www.upi.com/Top_News/US/2021/04/19/United-States-concerned-Russia-military-buildup-Ukraine-Crimea/5901618883299/

Fed.up April 20, 2021 9:04 PM

No more internet connected ICS. Thank goodness. We’ve only been discussing this for 4 years.

https://www.cnn.com/2021/04/20/politics/biden-electricity-grid-cybersecurity/index.html

After more attacks on data center components today. pulse VPN

All regulated critical sectors and Government will be barred from the cloud. Regulations are the result of bad business decisions. We would still have subprime mortgage CDS if they didn’t regulate it out of existence. Even though everyone knew the bubble was going to burst no one volunteered that it was a bad idea until the global economy cratered.

So how close are we going to get to nuclear war until we admit that cloud is a bad idea for sensitive data?

We need a new internet for regulated data.

Also no more startups in the critical sector either. The US Government isn’t running a charity. There’s already laws disallowing startups in banking, it needs to be enforced. Years ago if you had a great idea you sold it to Bell Labs. Companies never succeed with one product anyway. They have to be acquired.

Security requires common sense most of all.

ResearcherZero April 20, 2021 9:33 PM

Allied countries like Australia could stop handing back microwave devices (one device) when they are seized, specifically a couple of individuals from the DPP who were responsible, and it’s not like those individuals were not paid well to begin with. It’s gross repeated security failures like that that allow the build up of hostilities. Australia’s general security preparedness I would rate at low, due to continued bungling, and repeated failures by internal security over decades. Mainly a governmental problem, the evidence and intelligence is often not acted on, sometimes for decades.

We are actually supposed to stop preventable deaths, not watch people die, no matter how much they are willing to pay you to look away. Bribes are a spies best friend, it would be wise for some to remember that.

Anon April 21, 2021 7:39 AM

I find it so ironic……that the United States goes and imposes economic sanctions on a country that it at the same time hails it a partner for a 100 billion dollar space station that flies over my head orbiting the Earth at five miles a second……

Not to mention the money it paid the very same country to get its astronauts up to that orbiting space station because the United States didn’t have a method to get their once they retired the space shuttle….that went on for 9 years and still doesn’t in a sense, if it wasn’t for SpaceX bailing out the US Space Program…..

lurker April 21, 2021 7:48 AM

@Winter

“Russian hackers did attack the infrastructure of the Baltic states, NATO partners. Then we have the fall-out of WannaCry and NotPataya, which were extremely destructive. Both originated in Russia,”

Get your facts right before posting.

While attribution is hard, Wannacry is commonly linked to North Korea [1]

Second malware is named NotPetya, this is indeed Russian origin.

[1] h/t/t/p/s://www.zdnet.com/article/how-us-authorities-tracked-down-the-north-korean-hacker-behind-wannacry/

Clive Robinson April 21, 2021 8:01 AM

@ Fed.up,

No more internet connected ICS. Thank goodness. We’ve only been discussing this for 4 years.

Err I’ve been banging on about it for about a third of a century one way or another. I remember trying to persuade our host @Bruce that both telemetry radio/hardline were vulnerable as were modem connected SCADA systems and later Internet connected SCADA systems.

Bruce obviously thought about it and likewise realised that having the likes of oil refinaries (are youvold enough to remember the one the CIA supposadly attacked via software and it blew up like a nuke and nearly caused NORAD to go full flight?). Likewise nuclear power plants (ok local insider not remote attacker related but both Three Mile Island and Chernobal only happened because of human induced mistakes in supervisory and control systems).

All SCADA and connected telemetry and ICS equipment is insecure by design (for reliability reasons is the argument) thus ifvsomeone can get in then they will. However businesses are run by the bottom line, staff on site, private leased lines, radio systems and other communications are eye wateringly expensive sunk costs compared to even a business rate Internet connection by 2000… So you could see the disaster waiting to happen.

So neither Bruce, several other of the “usuall Suspects” were overly surprised by stuxnet for me it was of zero supprise other than why had it taken so long for someone to do it…

The US is very very behind in ICS security especially for those bombs at the bottom of your garden of not just Nuclear Power Stations but other power stations as well, oil refinaries and chemical production plants. Some of which can be used as the “C” in those NBC WMD catagories (remember the Seveso Dioxin disaster or the Bhopal methyl isocyanate (MIC) gas disaster?) and many many more such disasters all of which these days could be triggered by doing a stuxnet type attack on their ICS equipment.

It’s why regulators in Europe said “No more of this stupid nonsense” around a couple of decades back.

But we’ve got an awkward problem with telecomms. Many remote ICS systems and even local crane and similar plant controllers, traffic lights and much else besides don’t use PMR or similar any longer for the same cost reasons, they use Mobile Phones… Well if you’ve been involved with Emergancy Response and Managment since 9/11 or 7/7 you will know about the frequent discusions about “mobile phone bomb triggers” and the ability of “crisis managment” to turn the phone network off for everyone else but themselves…

Have you any idea of the cascade failure that would result? It would make Texas’s little power outage look like an inconsequential blip in comparison as all the other utilities, secondary emergancy services stoped and gas, water, electricity and sewage froze mechanically and repair / maintainance crews could not be notified of where to go or how in the absence of service they could get things back up again.

So remember that guy at Christmas who drove his bomb laden RV upto an AT&T node… He could have caused absolute mayhem, and it was more luck than anything else that he did not…

Welcome to my world of real nightmares I know not just what they are but in a whole load of cases exactly were just a few very very small bombs no bigger than a handfull of plastic explosive will shut one of the worlds largest cities and urban complexes down by cascade failure because I’ve had to help draw up plans of how to limit such possabilities not just from idiots, but accidents and natural events. If you want to have real fun get involved with area or region wide disaster planning and more importantly recovery, trust me when I say that EMP by nuclear warhead high above the nation is not even on the first page of the list in terms of probability or severity.

But nature manages to out do even mankinds best efforts. Remember Japan and the Tsunami? Well it was actually a three week period of one natural disaster after another earthquakes, tsunami, flooding, storms compleate loss of emetgancy systems, crews and equipment, and much else of which the world realy only got to hear about the Nuclear Power Stations.

So some have actually lived in worse than my then nightmares, no doubt there will be worse again within the decade…

Time to humm that Ian Dury song “Reasons to be chearfull”…

[1] https://www.zdnet.com/article/us-software-blew-up-russian-gas-pipeline/

[2] https://en.wikipedia.org/wiki/Seveso_disaster

[3] https://en.wikipedia.org/wiki/Bhopal_disaster

wiredog April 21, 2021 8:43 AM

@clive
“Just like with nuclear weapons the US has had for prestige reasons”
I know yesterday was 4/20, but you need to lay off the weed, it’s making you paranoid. Read “The Making of the Atomic Bomb” by Rhodes. Prestige had nothing to do with the development of nuclear weapons, it was the knowledge among US and Allied scientists that they could, coupled with the belief that Nazi Germany’s scientists could. It was, as far as the Allies (and Nazis, for that matter) were concerned, a race.

Steven April 21, 2021 9:48 AM

Well…if I was going to pursue “unseen steps”…I would get into their systems and start sowing little bits of subtle corruption.

Not enough to crash the systems–that would be seen. Not enough to be noticed…at first. But give it time. Months. Years. By the time people do start to notice, the corruption will be into the backups. No one will be sure what is corrupt and what is valid. No one will be able to rely on anything.

In the long run, undermining confidence in their systems could do more damage than just nuking them.

MJ April 21, 2021 10:42 AM

Interesting article about vulnerabilities, Microsoft, and Russia (https://zetter.substack.com/p/sanctioned-firm-accused-of-helping) relating to the sanctions:

A Moscow-based firm that the U.S. Treasury Department put on a sanctions list on Thursday for helping Russian intelligence agencies engage in offensive hacking operations, has long been a partner in a controversial Microsoft program that gives private security vendors advance access to information about vulnerabilities in Microsoft products .

The company, Positive Technologies, is part of the Microsoft Active Protections Program (MAPP), which includes nearly 100 software companies who receive advance information about software vulnerabilities that Microsoft is working to patch — before the information and patches are released to the general public. This information can include what’s known as proof-of-concept code that demonstrates how the vulnerability can be exploited to hack systems. A leak of this critically sensitive information significantly shortens the time an adversary would need to develop their own exploit for the vulnerability.

Clive Robinson April 21, 2021 1:30 PM

@ Wiredog,

Read “The Making of the Atomic Bomb” by Rhodes. Prestige had nothing to do with the development of nuclear weapons

I probably tead it before you did, and the use was for prestige reasons, the usual thing quoted is that it was to stop the Japanese fighting tooth and nail for every inch of land.

As Rhodes pointed out the japanese had already started making approaches about not just a cease fire but the end of the war. The US president though did the “no surrender” line, infront of both Churchill who thought the japanese approach sbould be takrn up and Stalin who had made noises but not made any commitments. After he had flapped his gums the US prrsident could not back down pluss when he spoke to Stalin about a new weapon Stalin said he knew (a spy had handed over all the details during the whole project near enough.

So the US President to avoid appearing weak had commited to the first use of nuclear weapons on another nation for the sake of not looking weak.

If you do not think thats for prestige reasons, perhaps you should follow your own advice and quit the medical herbs.

Erik April 27, 2021 7:12 PM

Sanctions are an act of economic warfare that virtually always disproportionally impact the poorest while having little to no effect on the targeted elites, and are almost always used by politicians to goad their opponents into military action. This technique goes back thousands of years. The first known use of economic sanctions by the ancient Greeks led directly to the Peloponnesian War. This continues through history to US President Franklin D. Roosevelt using an oil blockade to push Japan into attacking the US (FDR loudly proclaimed neutrality while constantly trying to provoke both Germany and Japan into an attack as an excuse to bring the US into WWII). Whenever you see a politician (no matter the party, no matter the country) talk about sanctions, if you look at it in terms of trying to get the other side to shoot first you will be right more often than not.

Many have also pointed out the grotesque hypocrisy of the US government hacking everything in site and then whining like a toddler with a skinned knew whenever its country gets hacked in return; I’ll agree with this and not belabor it further.

Every government and every organization needs to be focus first on its own cyberdefenses. At a certain point vendors will realize that they need to spend less time redesigning their user interfaces around current trends and more time doing code audits, input sanitization, and robust exception handling. Treaties and threats of violence and sanctions do not make us safer; if anything the leave the targeted country with less to lose.

farm co worker April 27, 2021 8:06 PM

Capital is chicken and always takes the safest path. The pigs get slaughtered. That’s breakfast. Break more eggs, not our capital. Secure the capital from pigs. The bank likes to talk turkey. Eat well-live well.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.