with Aaron Schaffer

President Biden's decision to begin his term with an order to investigate Russian hacking and election interference is a dramatic elevation of cybersecurity issues in U.S. national security policy. 

As Biden seeks to extend a treaty limiting the world's largest nuclear arsenals – with just days before it expires – he is also preparing to punish Russia for its behavior in cyberspace. He's asking the newly-installed director of national intelligence to investigate the extensive Russian hack of at least eight government agencies tied to the SolarWinds breach and Russia's interference in the 2020 election to inform this decision.

The stakes are extremely high as Biden avoids seeking a "reset” with Moscow as many U.S. presidents have done since the end of the Cold War, our colleague John Hudson reports: “Letting the treaty expire would allow Moscow and Washington to deploy an unlimited number of nuclear-armed submarines, bombers and missiles in what many experts fear could spark a nuclear arms race and further exacerbate U.S.-Russia relations.” 

“I think more what you’re going to see is cyber become a more normal part of the discussion of a strategic relationship with Russia … rather than becoming a special space like nuclear," Trey Herr, director at the Atlantic Council's Cyber Statecraft Initiative, tells me. 

The opening move sends a strong signal to Russia that the U.S. is serious about deterrence in cyberspace, experts say. 

“This will be the first post-Soviet U.S. administration that has not come into office vowing to forge a warmer relationship with Russia,” Angela Stent, a senior intelligence official in Russia during the George W. Bush administration, told John.

Ad hoc sanctions from both the Obama and Trump administrations failed to deter continued aggressions by Russia, both against the United States and neighboring nations like Ukraine, says Tarah Wheeler, a cybersecurity fellow at Harvard University’s Belfer Center for Science and International Affairs.

The Biden administration's examination signals "a measured look … over time instead of the wild lurches in public policy response that weve seen over the last several years.”

Biden's strategy has support in Congress, where the urgency to address the hack remains high.

The Democratic chairs of both the Senate and the House Intelligence committees have already spoken in support of the president's actions, the New York Times reports.

“If we hope to be successful in thwarting future threats to our national security from Russia, we must examine Putin’s malign conduct with objectivity and our eyes wide open.” Rep. Adam B. Schiff (D-Calif.) told the Times.

It could take a lot of pressure for Russia to change its behavior, experts warn.

Members of the Biden team, including new DNI Avril Haines, have already floated the idea of sanctions against Russia for the SolarWinds hack. 

James Lewis, a cybersecurity expert at the Center for Strategic and International Studies and a former official at the State and Commerce department, says that the Biden administration may need to go further if it wants to force Russia’s hand on national security issues. “Another sanction isn’t going to change Russian behavior, says Lewis.

Instead, the United States is going to have to work with international allies including Germany to put pressure on Russia and establish norms for dealing with cyberespionage that Russia and others are engaged in, says Lewis.

Wheeler also pointed to the importance of Biden looking at his response to Russia in a global context. “There’s a complex set of international conflict challenges to balance in getting the response to the Russian cyberespionage correct,” says Wheeler.

The keys

The Biden administration will keep Christopher A. Wray as FBI director.

Wray has led the bureau since 2017 and adds stability to the agency during a time of transition. Meanwhile, John Carlin and David Newman are joining the Justice Department as acting deputy attorney general and associate deputy attorney general, respectively, according to law firm Morrison & Foerster

Both are Justice Department alums, with Carlin overseeing the Justice Department investigation of the cyberattack on Sony Entertainment in 2014 that was attributed to North Korea. Newman served as counterterrorism director on President Barack Obama’s National Security Council. Newman’s portfolio will include national security and cybersecurity.

Prosecutors added theft of government property to the charges against a woman accused of stealing Pelosi's laptop.

A judge released Riley June Williams into her mother's custody yesterday, Amy Worden and Marisa Iati report.  

An ex-boyfriend claims Williams intended to hand over House Speaker Nancy Pelosi's (D-Calif.) laptop to Russian intelligence. Williams' public defender called the charges "overstated.”

Williams is also being charged with trespassing as well as violent entry to and disorderly conduct on Capitol grounds, and obstructing, influencing or impeding an official proceeding. 

U.S. authorities launch a ransomware awareness campaign.

The Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security will begin warning organizations about the risks of ransomware attacks and encouraging them to use best practices to protect themselves, the organization said Wednesday.

Acting CISA director Brandon Wales announced the initiative at a virtual meeting of the U.S. Conference of Mayors on Thursday, Maggie Miller of the Hill reports

CISA will focus on organizations responding to the coronavirus pandemic and K-12 educational institutions in the project. It comes on the heels of a December joint cybersecurity advisory warning that ransomware has rendered some school systems inoperable for distance learning — “and these types of attacks are expected to continue through the 2020/2021 academic year.”

Cyber insecurity


  • Mike Rogers, the former chairman of the House Permanent Select Committee on Intelligence, speaks at a CSIS event on combating foreign interference today at 9 a.m.
  • SANS hosts a virtual forum on cyberthreat intelligence today.
  • The Atlantic Council holds a virtual event on the future of domestic terrorism on Monday at 2:30 p.m. 
  • George Washington University Law School holds a webinar on emerging threats and solutions in cybersecurity and procurement issues Feb. 2 at 9 a.m.

Chat room

Former CISA director Chris Krebs has an agent and is meeting with producers to develop a television show, Erich Schwartzel and Ellen Gamerman of the Wall Street Journal report. The former federal election security chief is a vocal critic of former president Donald Trump, who fired him in November. Not everyone is happy:

Lawfare Blog managing editor Quinta Jurecic:

Politico's Martin Matishak has a better idea:

Secure log off

Have a good weekend and keep those passwords safe!