YOU MAY FIRE WHEN READY — Former President Barack Obama last year ordered the intelligence community to plant “the digital equivalent of bombs” in Russian computer networks, laying the groundwork for a devastating U.S. counterattack if the Kremlin’s election-year digital aggression ever escalated, according to The Washington Post. The operation began when Obama ordered a covert plan of action in response to Russia’s alleged election meddling, the Post reported late last week in a deep-dive look at the Obama administration’s response to the crisis. The cyber implants, which are still being deployed, are meant to burrow into networks that are “important to the adversary and that would cause them pain and discomfort if they were disrupted,” a former U.S. official told the Post. It is now up to President Donald Trump to decide if and when to use them.
The administration was so worried about the implants getting out of hand that it sought a legal review of their effects. The review concluded that the implants “could be controlled well enough” that their use would not violate the international legal principle of proportionality, in which a counterattack must fit the scale and damage level of the precipitating attack. The Post story also noted that the Obama administration considered immediately retaliating with “cyberattacks that would take Russian networks temporarily offline” or by moving a carrier group into the Baltic Sea. And it sheds new light on the intelligence community analysts who prepared the Russian hacking report, revealing that they were part of a team assembled by CIA Director John Brennan to task other analysts with collection activities.
The Post’s story prompted fresh bashing of Obama’s handling of the cyberattacks. Trump tweeted about it repeatedly, blasting his predecessor for doing “nothing” about the interference and speculating that the Obama team hesitated because they were afraid of hurting Hillary Clinton. “Why no action?” he tweeted. “Focus on them, not T!” The criticism was bipartisan, however. “The Obama administration should have done more when it became clear that not only was Russia intervening, but it was being directed at the highest levels of the Kremlin,” Rep. Adam Schiff, the top Democrat on the House Intelligence Committee, told CNN. Hillary Clinton’s communication director said the Obama administration handled the situation appropriately, even as Sen. John McCain offered renewed criticism.
HAPPY MONDAY and welcome to Morning Cybersecurity! These movies are terrible. It offers hope for humanity that crowds don’t flood to every would-be blockbuster after a near-infinite sequence of awfulness. Send your thoughts, feedback and especially tips to tstarks@politico.com, and be sure to follow @timstarks, @POLITICOPro, and @MorningCybersec. Full team info is below.
‘BRUTAL’ NEW CIA LEAK — The CIA developed software that can arm a USB flash drive with malware to infect networks that are walled off from the internet, according to alleged agency documents published by WikiLeaks. The Brutal Kangaroo toolkit relies on a victim plugging the compromised flash drive into a computer inside an “air-gapped” network, at which point a tool called Shadow maps out the network and begins ordering computers to share files amongst themselves. “Brutal Kangaroo components create a custom covert network within the target closed network and [provide] functionality for executing surveys, directory listings, and arbitrary executables,” according to an alleged user manual for the toolkit. In its description of the software, WikiLeaks noted that the Brutal Kangaroo approach “is very similar to how Stuxnet worked.”
