As President Obama has taken action that even his critics deem significant against Russia in response to their sustained hacking campaign related to the 2016 election, it is worth noting why these actions are significant, if not extremely severe. It is also important to understand, as we will definitely see some forms of retaliations from Russia in the coming week.
First, we should acknowledge that there will likely be some less visible responses from the Obama administration, as well. It is probable that the U.S. government has significant access to the Russian civilian and military critical infrastructures, and can do significant damage to Russian assets. It was reported as far back as 2009 that Russia, China and other entities had similar access to the U.S. power grid, and it is likely that vulnerability remains in the power grid and elsewhere. It can only be assumed the U.S. has even better access against hostile entities now.
I think we can agree that the coming weeks will be even more interesting.
The U.S. response involved sanctioning nine entities and individuals, closing two facilities used by Russian intelligence inside the U.S., and also declaring 35 Russian intelligence operatives personae non grata. The sanctions against the organizations make it harder for them to move money around the world. It makes it more difficult to for them to perform normal business operations — but not impossible. It is unlikely that the two facilities were overly critical to Russia, and the closings create more of a nuisance than a significant operation impact.
{mosads}However, it must be understood that the act of declaring 35 people personae non grata is much more damaging than just telling the people to leave the country.
Assuming these people are involved in active intelligence operations, there are three interrelated areas of significant damage:
- Publicly exposing the person as a known intelligence operative;
- Disrupting active intelligence-gathering operations without the time required to transition operations to another operative; and
- Permanently ruining that person’s career in operations.
Combined, these create a domino effect that can seriously impact intelligence-gathering activities inside and outside the U.S. for many years to come.
When an intelligence operative is exposed as a spy, it means that everyone in the world knows he is a spy. No other country in the world will allow him in the country as a diplomat or in any other function. Not only that, all of his past operations and stations are potentially exposed as espionage operations. The governments where he was previously stationed will be reviewing anything they have on him and will be reviewing any person or entity that he had contact with. This will likely uncover past intelligence operations.
When the Russian intelligence agencies train their operatives, they typically divide them by language. People are generally assigned to countries by their primary language training. So Russian operatives trained for English language proficiency will be assigned to countries where English is predominantly spoken. Not only are they trained on the language, they are also well-trained in the culture, understanding how best to recruit people to spy for Russia.
Of all of the potential English language stations, the United States is the most desired station and would attract the more experienced and skilled operatives. Given that 35 people of this caliber have now been exposed as Russian operatives, that is a significant hit to current and future operations.
Not only does it eliminate the most senior operatives from future postings, it likely impacts at least two-dozen future leaders in Russian espionage efforts. Not only is that an operational issue in that it requires replacements, but tens of millions of dollars have been invested in their training, mentoring and progression.
More important, it can be assumed that Russian operatives are engaged in active collection efforts. The process for managing an agent — in espionage lingo, a person who is providing information to an operative — requires a great deal of secrecy. An operative has likely spent hundreds of hours developing trust and training the person how to steal and exchange information. It is possible that the agent has never met another Russian intelligence operative, and doesn’t know whom to trust.
There are many logistical issues involved in transitioning an agent to another operative. The operative has to introduce his agent to a new operative and ensure that he trusts him. As agents have to trust operatives with their life, it can be challenging under normal circumstances. When an operative has three days to do it, it is likely that a replacement will not be available for the transition.
At the same time, the operative has to assume he is now being tracked 24 hours a day, and that he won’t have the ability to do anything proactive for the transition. The agent will also likely be scared off, as he knows his contact is now a known spy and the agent himself is now in jeopardy.
This, of course, assumes the operative can even contact the agent. Depending on how they established a communications protocol, they might not even have a planned communication for up to a month, if at all. For example, Robert Hanssen, the FBI special agent and traitor, would only initiate contact with his Russian handlers when he wanted to provide them with information. They had no way to contact him.
Declaring 35 intelligence operatives personae non grata for espionage-related activity is unprecedented. It is intended as a massive blow to Russian intelligence operations in the U.S. and elsewhere for years to come. And this is just one part of the public retaliation.
Retaliation by Russia is to be expected, as well. So far, Putin is saying he will hold off retaliation until Donald Trump is in office. This seems right in line with the Russians’ belief that they can easily manipulate Trump by playing to his ego. Russia has, however, implemented measures to make life more difficult for U.S. diplomats in Russia.
But in the past, Russia has shown little restraint even after severe economic sanctions. I have to assume that President Obama and his advisers have thought the scenario through. The only potential restraint Russia may show would be due to the fear that the U.S. would levy even more severe retaliation through its hacking efforts. The other option is for the KGB operative in Putin to come out and use the current chain of events to manipulate Trump. Well played so far, President Putin.
Ira Winkler is president of Secure Mentem. He is one of the foremost experts in the human elements of cybersecurity and is known for the extensive espionage and social engineering simulations he has conducted for Fortune 500 companies globally. He is the author of several books, most recently “Advanced Persistent Security.” He and his work have been featured in a variety of media outlets including CNN, The Wall Street Journal, USA Today, San Francisco Chronicle, and Forbes, among others. He has previously worked for the National Security Agency and as president of the Internet Security Advisors Group, chief security strategist at HP Consulting and director of technology of the National Computer Security Association. He has also served on the graduate and undergraduate faculties of Johns Hopkins University and the University of Maryland.
The views expressed by contributors are their own and not the views of The Hill.