U.S. hits back at Russian spies, cyber groups
The U.S. imposed sanctions on Russian hacking groups and related officials, while publicly attributing an ongoing critical infrastructure attack by a group dubbed "Dragonfly" to Russia.
The U.S. executed its most significant retaliation to date against the Russian government and related cyber organizations on March 15, levying economic sanctions against five entities and 19 individuals through the Treasury Department and formally outing Russia as the sponsor of Dragonfly, an advanced persistent threat hacking group that has been targeting federal agencies and critical infrastructure in the U.S. and Europe before and after the 2016 elections.
Treasury designated five organizations for economic sanctions under authorities derived from the Countering America's Adversaries Through Sanctions Act as well as Executive Order 13694 issued under President Barack Obama in 2015. The sanctions affect officials from two Russian intelligence agencies, the Federal Security Services and Main Directorate Unit as well as employees from the Internet Research Agency, a troll farm indicted by Special Counsel Robert Mueller as part of his investigation.
"The Administration is confronting and countering malign Russian cyber activity, including their attempted interference in U.S. elections, destructive cyberattacks, and intrusions targeting critical infrastructure," Treasury Secretary Steven Mnuchin said in a statement announcing the sanctions. "These targeted sanctions are a part of a broader effort to address the ongoing nefarious attacks emanating from Russia."
Mnuchin also said that Treasury intends to impose additional sanctions in the future on Russian government officials and businessmen.
On the same day, the Department of Homeland Security and the FBI updated a joint technical alert on cyberattacks on U.S. government and critical infrastructure entities, attributing a host of ongoing attacks to Russia. An earlier version of the alert was issued in October 2017. The updated alert firmly links Dragonfly to the Russian government and provides more details around the strategies the group has been using to attack its targets.
Congressional Democrats welcomed the sanctions but criticized the Trump administration for not moving quicker or going far enough. Rep. Bennie Thompson (D-Miss.), ranking Democrat on the House Homeland Security Committee, released a statement saying the administration "has finally come to its senses" and the findings reinforce the need for additional security measures ahead of the 2018 mid-term elections.
Sen. Mark Warner (D-Va.) said the move was long overdue but does not go far enough.
"Nearly all of the entities and individuals who were sanctioned today were either previously under sanction during the Obama Administration, or had already been charged with federal crimes by the Special Counsel," Warner said.
Rep. Jim Langevin (D-R.I.), co-chair of the Congressional Cybersecurity Caucus, was even more critical, calling the economic sanctions and joint technical alert "woefully inadequate."
"Sanctioning individuals already under indictment thanks to Special Counsel Robert Mueller is not going to change Russia's behavior," Langevin said. "Relisting Russian intelligence agencies already sanctioned under different authority will not deter them."