Washington announced a new round of sanctions on 15 April in response to Moscow’s alleged involvement in the hack and purported election meddling in 2020. As was the case with similar accusations in the past, the White House failed to present any solid evidence of the Kremlin’s involvement to the public.
Several US officials reportedly cautioned President Joe Biden against tying a new round of anti-Russia sanctions, which affected the nation’s sovereign debt and blacklisted several members of the Foreign Intelligence Service (SVR), to the Kremlin’s alleged involvement in the cyberattack against SolarWinds. The latter, in turn, allowed hackers to steal data from the networks of nine federal agencies and hundreds of US companies using SolarWinds software.
According to anonymous sources cited by The Wall Street Journal, even though there was “high confidence” in the American intelligence community that the SVR was responsible for the hack, the move could leave the US exposed to condemnation by foreign governments, since Washington is purportedly equally engaged in cyberoperations for the purposes of espionage. House Democrat Jim Langevin, who focuses on cybersecurity issues in Congress, publicly expressed similar concerns in comments on the recent sanctions.
“The SolarWinds incident that the administration today attributed to the SVR has had all the trappings of traditional espionage that, while unfortunate, has not historically been outside the bounds of responsible state behaviour. [The administration should] explain the contours of their new policy”, Langevin said.
According to The Wall Street Journal’s sources, the Biden administration justified the decision by claiming that the SolarWinds attack went beyond the scope of regular cyberespionage operations and risked turning into more destructive action. The fact that private companies bore the burden for repairing the subsequent “damage” was reportedly another argument to link the sanctions to the cyberattack.
The media outlet stresses that previous administrations refrained from retaliating for attempts, including successful ones, of cyberespionage operations against the US, and even reportedly sought to establish a rulebook of conduct. The latter would reportedly put intellectual property theft, which Washington often accuses China of doing, and causing damage to computer systems in the unacceptable category, but would call espionage using cyberattacks “fair play”. The reason for this, according to The Wall Street Journal, is that Washington itself routinely engages in similar actions.
Former Director of National Intelligence James Clapper indirectly confirmed this notion in 2015. The US authorities had just admitted that digital records on over 20 million Americans had been stolen, purportedly by Chinese hackers, and Clapper noted that if Washington had the same opportunity in China, it wouldn’t “hesitate for a minute” to seize it.
Russia, however, denies accusations of committing cyberattacks against SolarWinds. The Kremlin also dismissed the allegations of its involvement in election meddling and responded to the new American sanctions on 16 April with its own set of measures. Moscow namely expelled 10 American diplomats and promised to limit the US diplomatic mission’s ability to travel in Russia and hire locals. The Kremlin also put eight current and former US officials responsible for developing anti-Russia policies in Washington on a no-entry list.