Outgoing U.S. Ambassador to the United Nations Samantha Power used her last speech in office to issue a dire warning: Russian President Vladimir Putin’s government seeks to destabilize the international order, and it's just getting started.
“It would be deeply naive and deeply negligent to think that those who have discovered vulnerabilities in our system would not try to exploit them again and again,” said Power, referring to the intelligence community’s assessments that the Kremlin targeted the Democratic National Committee to leak stolen information and influence the outcome of the 2016 presidential election.
Power echoed the intelligence community’s assessment, which determined a high likelihood of continued Kremlin influence operations (using stolen data) based in part on the success of the influence operation over the summer.
“Putin’s public views of the disclosures suggest the Kremlin and the intelligence services will continue to consider using cyber-enabled disclosure operations because of their belief that these can accomplish Russian goals relatively easily without significant damage to Russian interests,” intelligence leaders said in the statement.
“We assess Moscow will apply lessons learned from its campaign aimed at the U.S. presidential election to future influence efforts in the United States and worldwide, including against U.S. allies and their election processes.”
German authorities said in December they’ve seen an increase in spearphishing attacks aimed at political targets from APT28, also called FANCY BEAR, one of the groups the intelligence community has identified as working with Putin’s government to steal data. Investigators have disclosed to Defense One FANCY BEAR was also actively targeting French political targets as well.
Power cautioned strongly better firewalls would not be enough to deter future Kremlin meddling.
“We need to increase cooperation and intelligence sharing to deter, detect and defend against the next generation of hacks and cyber threats particularly as France, Germany and the Netherlands look forward to national elections this year,” she said. “That also means maintaining the sanctions placed on Russia including those imposed by President Obama in response to Russia’s meddling in our election.”
The comment highlights what many in both information security and national security understand to be true, that information sharing among institutions and law enforcement—particularly across agencies and even across borders—is essential for active cyber defense when dealing with state-backed actors like FANCY BEAR that pick military and political targets around the world.
The story of the 2016 election meddling provides a case in point. Long before FANCY BEAR was targeting the DNC, the group, which the U.S. intelligence community has said is connected the Russian FSB Intelligence service, was leaving clues about tactics, objectives and affiliations on servers and networks of other victims. Posing as a group called Cyber Berkut, it attacked political and military targets in Ukraine and even NATO in 2014.
But intelligence sharing is based on trust among partners. In a London Times interview posted over the weekend, President-elect Donald Trump said between Germany’s Chancellor Angela Merkel and Putin, “I start off trusting both— but let’s see how long that lasts.”