The Washington PostDemocracy Dies in Darkness

U.S. gives ‘no free pass’ to Russia, other nations on cyberespionage, Justice official warns

FBI Director James B. Comey, right, speaks during an interview with National Security Division Assistant Attorney General John Carlin at an event with the Center for Strategic and International Studies and the Justice Department on Sept. 14 in Washington. (Zach Gibson/AFP/Getty Images)

A senior Justice Department official this week issued a thinly-veiled warning to Russia that significant acts of cyberespionage will not be ignored.

That would include the Democratic National Committee hack, which would be considered an act of political cyberespionage of the sort the United States traditionally has not publicly attributed to a culpable foreign spy agency.

That set of intrusions, disclosed by the DNC in June, has been linked to the Russian government by FBI investigators, though the U.S. government has not publicly acknowledged that.

Lawmakers say Obama should start thinking about sanctioning Russia for hacking

Nonetheless, said Assistant Attorney General for National Security John Carlin, if Russia or any other country thinks “there’s going to be a free pass, that we can’t figure out what they’re doing in cyber-enabled espionage, I think the message should be clear: You’re wrong. You can and will be held accountable.” Carlin was speaking at a conference Wednesday at the Center for Strategic and International Studies held on the 10th anniversary of the Justice Department’s National Security Division.

He added that although all nations have spy operations, that does not mean the U.S. government will not take action against cyber spies who are detected. “If you get caught spying,” he said, “there are consequences.”

A White House official echoed Carlin when asked if the administration would take action against Russia for the DNC hack. “Look, we know Russia is a bad actor in cyberspace, just as China has been, just as Iran has been,” said Lisa O. Monaco, President Obama’s adviser on counterterrorism and homeland security, who also spoke at CSIS. “Nobody should think that there is a free pass when you’re conducting malicious cyber activity.”

Putin denies that Russia hacked the DNC but says it was for the public good

But she said she did not want to say what response the government might take until the FBI completes its investigation into the DNC hack and related incidents, including a mass disclosure by the anti-secrecy site WikiLeaks of stolen DNC emails.

Other officials at the conference made clear that a U.S. response might be under the radar. “We have a variety of tools that we as a government use to try and deter behavior on the Internet outside of norms,” FBI Director James B. Comey said. “That can involve a variety of things, only some of which would be visible to the public. Just because you can’t see something doesn’t mean your government’s not doing something to change behavior.”

The administration is struggling with whether to publicly blame Russia for the DNC hack. There are political and diplomatic concerns — and a reluctance to do something that might escalate the situation.

“There’s a question of whether public attribution will further the administration’s goals and national security interests,” said one administration official, who spoke on condition of anonymity because of the matter’s sensitivity. “That’s always a part of the equation.”