Get the latest market trends in your inbox

Stay on top of the latest market trends and economic insights with the Axios Markets newsletter. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa-St. Petersburg news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Lazaro Gamio/Axios

The U.S. lacks a well-formulated policy of cyber deterrence, one that ensures adversarial states will anticipate the consequences of their own cyber operations and online influence campaigns against the U.S., according to a U.S. senator who is a prominent voice in the cybersecurity field.

Why it matters: With elections looming in November, hacks afflicting Twitter and other services, and misinformation rampant on social media platforms, the U.S. remains a vulnerable target for state-backed cyber operations.

  • A clear, enunciated policy of cyber deterrence could help mitigate future attempts at covert electoral interference in U.S. politics as well as serious disruptive cyberattacks.

What he's saying: Sen. Angus King (I-Maine), a member of the Senate Intelligence Committee and co-chair of the bipartisan Cyberspace Solarium Commission — a high-level expert group focused on U.S. cybersecurity and defense — spoke to Codebook in a recent telephone interview about this need.

  • "I probably have sat through ... 25 hearings over the last 7½ years on both Intelligence and Armed Services where it’s been made crystal clear that we don’t have a policy that causes our adversaries to calculate the risk of their actions," says King. "We are a cheap date."

The big picture: King points to Russia’s 2016 "active measures" campaign during the U.S. presidential election as the moment that crystallized the need for a better cyber-deterrence strategy.

  • Russia was deeply involved "in our election in 2016, which is a major part of what our democratic process is all about, and essentially paid no price," notes King. "Some sanctions by Obama, but they essentially paid no price. So why shouldn’t they do it again?"

Some "rules for the road" are necessary, says King, in making clear how the U.S. will respond to certain sorts of cyber activities, so foreign states will understand the consequences of their activities. Otherwise, covert actions in cyberspace could lead to escalating retaliatory conflict — or even a hot war.

  • "I understand the dangers," says King. "We spent a lot of time on this [at the Solarium Commission], the dangers of escalation. I want them in the Politburo when they’re discussing coming after our, I don’t know, water system in New York, saying, if we do this, something bad might happen to us, and we better think twice."

How it works: It’s a balance, says King, between crafting policies that deter foreign cyber operations while also making clear to those adversaries exactly what the U.S. will do in response to such activities, which will preclude misunderstanding that could spiral out to conflict.

  • "The other side has to know what your intentions are — you have to have both the capacity and the will," says King. "So it’s a big part of this, and that’s a part we can't really legislate. This is really a presidential responsibility to articulate a doctrine on cyber deterrence."
  • Congress has a role to play as well, says King — publicly, with reports like those put out by the Solarium Commission, but also via closed-door meetings with top intelligence officials.
  • Roughly once a month, Senate Intelligence Committee members meet with the heads of the CIA, NSA, DNI and other senior intelligence community officials for informal roundtables, says King.

What's next: Fundamentally, according to King, deterring electoral interference by Russia or anyone else will require wider actions outside the cyber domain: primarily, public disclosure of Russian activities as part of a larger educational campaign.

  • "What if the intelligence community learns in September that Russians are penetrating the electoral system in 14 states, or even harder, they are penetrating the servers of the campaign apparatus of one of the major candidates?" asks King. "What is the responsibility of the intelligence community to disclose that information to the public?"

The bottom line: Under such a scenario, says King, the greatest deterrent to Russian "active measures" will be a more informed citizenry — which will require more transparency from America’s own intelligence agencies about just what they know Russia is doing.

Go deeper

FBI: Russian hacking group stole data after targeting local governments

FBI Headquarters. Photo: Mark Wilson/Getty Images

Energetic Bear, a Russian state-sponsored hacking group, has stolen data from two servers after targeting state and federal government networks in the U.S. since at least September, the FBI and Cybersecurity and Infrastructure Security Agency said on Thursday.

Driving the news: Director of National Intelligence John Ratcliffe announced Wednesday that Iran and Russia had obtained voter registration information that could be used to undermine confidence in the U.S. election system.

Updated Oct 22, 2020 - Politics & Policy

U.S. officials: Iran and Russia aim to interfere in election

Iran and Russia have obtained voter registration information that can be used to undermine confidence in the U.S. election system, Director of National Intelligence John Ratcliffe announced at a press conference Wednesday evening.

Why it matters: The revelation comes roughly two weeks before Election Day. Ratcliffe said Iran has sent threatening emails to Democratic voters this week in states across the U.S. and spread videos claiming that people can vote more than once.

Trump's coronavirus adviser Scott Atlas resigns

Photo: Nicholas Kamm/AFP via Getty

Scott Atlas, a controversial member of the White House coronavirus task force, handed in his resignation on Monday, according to three administration officials who discussed Atlas' resignation with Axios.

Why it matters: President Trump brought in Atlas as a counterpoint to NIAID director Anthony Fauci, whose warnings about the pandemic were dismissed by the Trump administration. With Trump now fixated on election fraud conspiracy theories, Atlas' detail comes to a natural end.

Get Axios AM in your inbox

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!