Threat Management, Threat Management, Threat Intelligence

Trump administration imposes sanctions on Russia for election interference, NotPetya

A day after U.K. Prime Minister Teresa May tossed Russian diplomats out of the country following a nerve agent attack on a former Russian spy in a British town, the Trump administration imposed sanctions on Russian individuals and organizations – many of them identified in an indictment obtained last month by Special Counsel Robert Mueller – in retaliation for election interference and “malicious” cyber activity including the NotPetya attacks.

After the intelligence community pegged Russia for meddling in the 2016 presidential election, President Barack Obama slapped the country with what he referred to as a first round of sanctions, booting diplomats and shuttering facilities. The Trump administration had faced sharp criticism for not following through with additional sanctions overwhelmingly approved by Congress last fall or calling out Russian President Vladmir Putin for hacks on the Democratic National Committee (DNC) and other Democratic affiliates, as well as a wide-ranging influence campaign that the intelligence community said was meant to sow division among Americans, erode democratic processes and sway the election in Trump's favor.

“The administration is confronting and countering malign Russian cyberactivity, including their attempted interference in the U.S. elections, destructive cyberattacks, and intrusions targeting critical infrastructure, according to a statement issued by Treasury Department Secretary Steve Mnuchin. “These targeted sanctions are a part of a broader effort to address the ongoing nefarious emanating from Russia.”

The devastating and costly NotPetya pseudo-ransomware attack last June sowed chaos in Ukraine and around the world. On the same day in February that the U.K. cast the blame on Russia for NotPetya, the White House followed suit with Cybersecurity Coordinator Rob Joyce saying at a European conference that Russia would be forced to pay the costs of the June 2017 attacks, which spread across 64 countries and cost those affected billions of dollars.

Noting that the U.S. was “going to work on the international stage to impose consequences” so that Russia would “understand that they have to behave responsibly on the international stage," Joyce said at the Munich Security Conference that “we're going to see levers the U.S. government can do to impose those costs."

Calling the news unsurprising, Emily Miller, director of national security and critical infrastructure programs at ‎Mocana Corporation, said, "We've known about Russian meddling since 2015. Based on the preponderance of publicly identified campaigns in the last year such as DragonFly, NotPetya, WannaCry, Crash Override and Black Energy 2.0, we know that threat actors, including Russia, are attempting to target U.S. critical infrastructure.” 

She pointed to an alert issued Thursday morning by the Department of Homeland Security and the FBI released aimed at the DragonFly 2.0 campaign, which has targeted the Western energy sector since last year. "The alert confirms that vulnerabilities have been identified in domain controllers, file servers, and email servers that have been targeted for reconnaissance purposes, but it doesn't specifically point to a confirmed impact on the availability of the electric grid," she said.

Under the newest sanctions, five Russian organizations – including the Federal Security Service (FSB) and the GRU, Russia's military intelligence unit – and 19 individuals are targeted. Punishment includes blocking travel, freezing assets and forbidding U.S. companies from doing business with those identified.

Rep. Bennie G. Thompson, D-Miss., ranking member of the House Committee on Homeland Security, said that "sanctions alone will not stop Russia's efforts to undermine Western democracies" and called on Trump to denounce Putin and train resources on securing U.S. election systems.

“With federal elections only months away, securing our election infrastructure from continued Russian meddling must be prioritized by the Trump Administration and Congress," Thompson said in a statement.  "To do this, President Trump must treat this like any other major national security issue and direct his Administration to counter it, and Congress must act on proposals to provide meaningful assistance to states to help secure their elections.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.