Donald Trump is underscoring his doubts about the conclusion by U.S. intelligence that Russia sought through hacking to disrupt this year’s election, renewing his skepticism Monday as he pits his judgment against the $52.7 billion espionage and analytical apparatus he’s about to inherit.
Trump indicated anew that he does not believe the CIA’s conclusion that the Kremlin tried to tip the election his way. He also demanded to know why the subject hadn’t been raised before Election Day — which it was, repeatedly.
The focus of reporting by leading news organizations, the issue has been in the headlines since at least June — after hackers broke into computers at the Democratic National Committee, after WikiLeaks began publishing Hillary Clinton’s campaign chairman’s hacked emails in October and after the Obama administration publicly blamed Russia’s government, also in October.
“Unless you catch ‘hackers’ in the act, it is very hard to determine who was doing the hacking,” Trump tweeted Monday. “Why wasn’t this brought up before election?”
Trump himself had raised questions during a presidential debate in September about whose hackers were responsible, after Clinton blamed Russia. “She keeps saying ‘Russia, Russia, Russia,’ and maybe it was. It could be Russia, but it could be China, could also be lots of other people,” Trump said then. “It could be someone sitting on their bed that weighs 400 pounds.”
Attempting to deflect blame from Russia, Trump has embraced one of the truisms about cybersecurity. After a hacking, it remains a lingering challenge to identify whose hands were on the keyboard: foreign spies, cybercriminals, disgruntled insiders or bored teenagers. Skilled hackers can cover their tracks, use software tools traceable to others and feign their locations across borders or continents.
In the hacks against the Democrats, two U.S. cybersecurity firms found detailed evidence that the intrusions were linked to Russian hackers. The internet domains and registrants traced back to a hacking group, “Fancy Bear,” linked to Russia’s intelligence services. It’s unclear whether there is other, classified evidence uncovered by the administration. The Defense Department is widely known to monitor international internet traffic that might be used in such attacks.
Senate Majority Leader Mitch McConnell, R-Ky., said Monday that he had “the highest confidence in the intelligence community and especially the Central Intelligence Agency,” signaling that he disagreed with Trump. “Obviously, any foreign breach of our cybersecurity measures is disturbing. And I strongly condemn any such efforts.”
Trump’s skepticism might be boxing him in as president. Openly questioning the U.S. intelligence assessment about what could be a historically important hacking will make it harder for him to persuade the public the next time the government looks to place blame for a cyberattack. Such official accusations effectively require the public to trust the government’s findings since the blamed nation invariably denies involvement and intelligence officials are loath to reveal much about how they reached their conclusion.
Such a high-level accusation “only works if the president has credibility,” said Rep. Adam Schiff of California, the ranking Democrat on the House Intelligence Committee. “That only works if the country is going to believe and our friends and allies are going to believe and indeed our adversaries are going to believe that the president means what he says.”
It’s not yet clear how aggressive a President Trump will be in pointing fingers at foreign governments for hacking. Trump, who is rarely seen using a computer and has said he never personally uses email, has proposed a buildup of U.S. military offensive and defensive cyber capabilities that he said will deter foreign hackers.
Over time, the Obama administration embraced a “name and shame” strategy to respond to serious hacking. It openly blamed North Korea for the 2014 hack of Sony Pictures Entertainment. It also brought indictments against Chinese military officials for stealing business secrets from American corporations and against Iranian hackers for digital breaches at banks and a New York dam.
Blame is meant to put foreign governments on notice that their hackers are being watched and deter them from future attacks. When the government chooses to go public, credibility is its most important asset, said John Bambenek, manager of threat systems at Fidelis Cybersecurity.
It’s not uncommon for skeptics, particularly within the hacking community, to second-guess the government’s conclusion. Even after the FBI fingered North Korea as the culprit for the Sony hack, some computer scientists challenged the assessment. The FBI subsequently disclosed even more information to be more convincing.
Ideally, a president concludes that the need to protect sensitive sources and methods outweighs the need to silence skeptics, said James Lewis, a senior vice president and program director at the Center for Strategic and International Studies.
“Do I need to persuade them?” he said of skeptics. “No, I need to persuade the key allies, congressional leaders, and the American public needs to at least be comfortable with what I’m doing.”
The U.S. has not imposed sanctions on the Russians for the election-related hacks and, in other instances, has opted against public accusations, including following a disastrous Office of Personnel Management hack widely suspected to be the work of the Chinese.