WASHINGTON ― The Senate’s No. 2 Democrat said Russia’s apparent hack into multiple government agencies is a “virtual invasion” that demands the U.S. show Russia and other adversaries there is “a price to pay” for breaching American systems.
In a Senate floor speech Thursday, Senate Minority Leader Dick Durbin, D-Ill., said the U.S. needs to “respond in kind” and that Russian President Vladimir Putin is not a friend. A day earlier on CNN, he called the hack “virtually a declaration of war by Russia on the United States, and we should take it that seriously.”
“No, I’m not calling for an invasion myself or all-out war. I don’t want to see that happen, but it’s no longer a buddy-buddy arrangement between the United States and Vladimir Putin,” Durbin said Thursday. “When adversaries such as Russia torment us, tempt us, breach the security of our nation, we need to respond in kind.”
Durbin’s remarks came hours before President-elect Joe Biden issued an announcement that he had instructed his team to learn as much as possible about the breach. He vowed a tough response, beyond expanding investment in cyber defense.
“But a good defense isn’t enough; we need to disrupt and deter our adversaries from undertaking significant cyber attacks in the first place,” Biden said in a statement. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners. Our adversaries should know that, as President, I will not stand idly by in the face of cyber assaults on our nation.”
This week brought the disclosure of a global cyberespionage campaign that penetrated multiple U.S. government agencies by compromising a common network management tool from the company SolarWinds used by thousands of organizations. Russia, the prime suspect, denied involvement.
Cybersecurity investigators said the hack’s impact extends far beyond the affected U.S. agencies, which include the Treasury and Commerce departments. Defense contractors like General Dynamics and Huntington Ingalls Industries were on SolarWinds’ client list, but those two firms have declined to comment.
SolarWinds counts all five military services, the Pentagon and the National Security Agency among its clientele, and the New York Times reported that the State Department, the Department of Homeland Security and parts of the Pentagon were compromised.
Congressional Democrats have generally been more vocal about the hack than Republicans, pointing fingers at President Donald Trump, who fired Cyber and Infrastructure Security Agency chief Christopher Krebs in November. As Washington continued to assess the extent of the hack, Democrats criticized Trump’s silence on the matter.
“We need to gather more facts. But early indications suggest Pres Trump’s tepid response to previous cyber transgressions by Russian hackers emboldened those responsible,” Rhode Island Sen. Jack Reed said in a tweet Wednesday. He is the Senate Armed Services Committee’s top Democrat and sits on the Senate Intelligence Committee.
Democratic lawmakers say they expect Biden will take bolder action against Russian hacking akin to the sanctions President Barack Obama spearheaded in retaliation for Russia’s 2016 election interference — something the U.S. intelligence community agrees took place but the Kremlin denies.
“I don’t expect it under this president. I do expect it under the upcoming administration,” one House Intelligence Committee member, Rep. Mike Quigley, D-Ill. told CNN on Thursday. “You have to confront the Russian government and Putin” alongside America’s allies.
The congressional intelligence committees received a classified briefing from the intelligence community earlier this week, but Politico reported there have been signs the White House tried to muzzle top officials seeking to fill in lawmakers on what they know.
During a National Security Council meeting Tuesday night, national security leaders were instructed not to reach out to Capitol Hill for briefings on the massive hack without explicit approval from the White House or the Office of the Director of National Intelligence, Politico reported, citing people familiar with the episode.
The Cyberspace Solarium Commission released a white paper today expanding on its March 2020 report focused solely on security the supply chain.
In the meantime, Maine Independent Sen. Angus King, who co-chairs the Cyberspace Solarium Commission, offered a practical recommendation immediately following news of the hack: Expand CISA’s authority to hunt threats on government networks “to find vulnerabilities and threats before they are exploited” so they can be fixed, he said in a statement Monday.
“This is going to continue,” King said. “Putin can hire 8,000 hackers for the price of 1 jet fighter and this is a way that he can attack this country and do relative damage at a very low cost.”