In the wake of indictments earlier this month that charged a dozen Russian nationals with trying to interfere with the US election process, the Justice Department is now planning to alert the American public and institutions to cyber threats from outside the country.
At the Aspen Security Forum on July 19, Deputy Attorney General Rod Rosenstein announced the updated policy while unveiling a report commissioned by the DOJ on the threats that cyber attacks pose to US citizens and institutions.
The report was developed by the DOJ's Cyber-Digital Task Force.
Deputy Attorney General Rod Rosenstein at a news conference earlier this month
(Source: Justice Department)
In the report, officials describe six different types of cyber attacks that represent the greatest threats to the US. These include:
- Direct threats to computer systems and networks, including Distributed Denial of Service Attacks (DDoS) and ransomware
- Data theft, including stealing personal identification and intellectual property
- Cyber-enabled fraud schemes
- Threats to personal privacy, including blackmail and harassment
- Attacks on critical infrastructure, such as nuclear power plants and the nation's electrical grid
- Finally, what the task force refers to as "malign foreign influence operations"
"Elections provide an attractive opportunity for foreign influence campaigns to undermine our political processes," Rosenstein said on Thursday. "According to the intelligence community assessment, foreign interference in the 2016 election 'demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations.'"
The report and Rosenstein's remarks follow a week of announcements surrounding what appears to be Russia's desire to interfere in and influence the 2016 presidential election.
On July 13, the DOJ announced the indictment of 12 Russian nationals, charging them with hacking into the Hillary Clinton campaign, as well as the Democratic National Committee, and stealing information that was later made public. (See 12 Russian Nationals Indicted in 2016 Hacking of DNC, Clinton Campaign.)
The topic of Russian interference and hacking was part of the talks between President Donald Trump and Vladimir Putin in Finland. When Trump was first asked whether Russian interfered, he appeared to say it was unlikely that it happened. He then appeared to agree with assessments from US intelligence agencies that Russian spies did play a part.
Boost your understanding of new cybersecurity approaches at Light Reading's Automating Seamless Security event on October 17 in Chicago! Service providers and enterprise receive FREE passes. All others can save 20% off passes using the code LR20 today!
Finally, the DOJ arrested and indicted a woman who is accused of working for Russian intelligence and trying to influence groups such as the National Rifle Association.
With this as the backdrop, the DOJ now plans to better notify individual citizens, US institutions, as well as enterprises, if a foreign government is targeting them as part of a cyber attack. The Justice Department is also considering whether to implement new statutes to help prosecute the people behind the attacks.
"The policy reflects an effort to articulate neutral principles so that when the issue the government confronted in 2016 arises again -- as it surely will -- there will be a framework to address it," Rosenstein said.
— Scott Ferguson is the managing editor of Light Reading and the editor of Security Now. Follow him on Twitter @sferguson_LR.