It’s not whether Russia influenced election — it’s that it tried to

In information warfare, or any aspect of war for that matter, there is a major difference between gathering information and intelligence and acting upon it.

While the issue appears to be bipartisan, with senators and representatives of both sides of the aisle condemning reports of Russian hacking, there are many people, including President-elect Donald Trump, who are either questioning the attribution or trivializing the hacking by saying that Russia only exposed embarrassing information.

The problem is that it doesn’t matter what the information was; it mattered that Russia, authorized by President Vladimir Putin, consciously chose to leak the information.

There is actually a very clear line in the information warfare field, which is now being referred to as Cyber Network Operations (CNO). As discussed in my book, “Advanced Persistent Security,” CNO is divided into Cyber Network Defense (CND), Cyber Network Exploitation (CNE) and Cyber Network Attack (CNA).

CND involves securing your own systems and networks. CNE is essentially computer-based espionage, where you use computers to gather information. Clearly, the stealing for information from the Democratic National Committee and the other parties was CNE.

The fact is that all countries perform some level of CNE, and it is expected that if you leave information vulnerable, it will be compromised by someone. Usually there is no retaliation for CNE, as it is not directly impactful to the country compromised. We expect Russia to attempt to steal/hack U.S. secrets, and Russia expects the U.S. to attempt to steal/hack Russian secrets.

{mosads}It is, of course, a different story if you are caught in the act.

While it is expected, if one party is caught, there may be some level retribution. Such has been the case of traditional espionage, where known operatives are declared persona non grata and therefore exposed and ordered to leave the host country.

However, what Russia did went beyond information gathering and went as far as to release information stolen information, create fake information and spread fake information created by other parties. That is CNA. It was the active use of information to accomplish a political goal.

Let me be clear: I doubt that Russian CNA was the definitive act that swayed the election. Democratic nominee Hillary Clinton was definitely a flawed candidate and if any external force had an impact on the election, it could be argued that FBI Director James Comey’s actions were much more impactful than Russian actions.

That is irrelevant, though. Russia did actively attempt to achieve a political goal through committing computer crimes against U.S. entities and using the internet to spread real and fake information. That is an attack to achieve political goals, be it to support Trump or to damage Clinton.

It doesn’t matter what the specific goal was.

It doesn’t matter which side you’re on.

Frankly, at this point, Trump now has a higher bar to overcome, as he has to demonstrate there is not a conflict of interest and he is not “Putin’s pawn” as Clinton claimed he would be during the debates.

He cannot be perceived as using or ignoring a foreign power that committed crimes that benefited him.

While some people make the argument that the U.S. has likewise actively attempted to interfere in the political affairs of other countries — and I would agree with that — that is also completely irrelevant. Any potential victims of U.S. interference are within their rights to retaliate. However, those countries would have to deal with the U.S. response.

I do not fault Russia in principle for wanting to use CNA to accomplish political goals, but Russian actions require retaliation on the part of the U.S. government. A crime is a crime, and a crime to attempt to compromise the foundation of the U.S. political system is CNA.

To fail to take action would only invite further CNA by Russia and other countries.

Ira Winkler is president of Secure Mentem, and author of “Advanced Persistent Security.” He can be reached through his company at www.securementem.com.

The views expressed by contributors are their own and not the views of The Hill.