The Trump administration Thursday issued sanctions on Russia for a series of cyberattacks and for its meddling in the 2016 U.S. presidential election.
The Treasury is targeting five Kremlin intelligence agencies, including the Federal Security Service and Internet Research Agency, and 19 individuals indicted by FBI special counsel Robert Mueller for interfering in the election.
The Treasury also cited the most costly cyberattack in U.S. history, known as NotPetya, which disabled computer networks at multinational firms worldwide last year. In addition, the Treasury referenced the Russian nerve agent attack against a former double agent and his daughter, which occurred in the United Kingdom earlier this month.
Furthermore, according to a technical report just released by the Department of Homeland Security, “since at least March 2016, Russian government cyber actors … targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.”
Russia’s threat extends beyond the U.S. government to private companies and our allies, and Homeland Security’s report details steps that these entities can take to protect themselves from Russian cyber aggression.
But defense is not enough. The Trump administration is right to punish these Russian agencies and individuals since they criminally breached U.S. computer systems. Russia has flouted U.S. and international law in its cyberattacks and election meddling.
It is worth noting that Russia’s illegal actions are not anything new. Russia has a long history of ignoring international norms and agreements. For instance, Russia has broken the Budapest Memorandum by continuing to occupy Crimea, violating Ukrainian sovereignty and territory in the process, as well as violated the Minsk II agreement by fighting for Ukraine’s eastern Donbas region.
Russia has also contradicted its Six-Point Peace Plan with Georgia by continuing to occupy 20 percent of its territory in the Abkhazia and Tskhinvali regions, and has regularly defended Russian cyber criminals from the reach of U.S. law.
In light of these sanctions, the Trump administration must remain firm on Moscow—not only today, but also in the future. Russia’s transgressions do not stop here—they are ongoing. The U.S. must hold Russia accountable for its actions.
Indeed, The Heritage Foundation has long held that indecision and weakness in responding to malicious cyber actors will only invite more aggressive cyber actions. Russia’s violation of several international treaties, its refusal to punish Russian hackers, and its illegal military involvement in neighboring countries make any sort of joint agreement with Russia on cybersecurity a fool’s errand. Russia cannot be trusted, and stronger responses are necessary.
These new sanctions on Russian individuals and agencies accused of cyberattacks and interference in the 2016 election are a promising step. This response will send Moscow a clear message that the U.S. will not tolerate cyberattacks and meddling in the U.S. electoral process.
Moving forward, the Trump administration needs to keep sanctions in place until the damage is reversed or Russia changes its behavior.
The Russian presidential “election” is on Sunday, March 18, and Putin is almost certain to win again. As long as he is president of Russia, he will continually try to undermine U.S. national interests.
To counter continuing Russian aggression in both cyberspace and the tangible world, the U.S. must be prepared to respond to all forms of Russian aggression.