Technology giants increasingly are casting themselves as defenders of online integrity as American democracy, yet again, comes under attack. A recent string of revelations from companies including Facebook, Microsoft and Google about foreign hacking and disinformation amount to a public answer to charges that the technology industry should have done more to thwart Russia’s online attacks in 2016.
But the industry’s highly publicized moves against Russian and Iranian online meddling also have thrown into sharp relief the fractured response by the federal government, say experts, lawmakers and former U.S. officials who have served in Democratic and Republican administrations.
They express frustration that a sophisticated, meticulously documented and allegedly criminal attack from Russia in 2016 has generated so little White House response, even as federal agencies are taking steps to forestall a repeat this year. They further wonder why — with the November midterm elections looming amid signs that Russia and other nations are ramping up their online interference campaigns — private companies have been left to take the most public roles in protecting the country from well-financed, hostile foreign government hackers and disinformation operatives. They also warn foreign nations — especially Russia — are waging a multi-front assault on U.S. democracy and its critical computer systems.
“Mr. President, Trump, our nation is under attack. To members of Congress, our nation is under attack,” warned GOP Sen. Lindsey O. Graham (S.C.) in a hearing Tuesday. “Not just by Russia, by other outside influences. They’re not knocking buildings down. They’re not killing people. But they are trying to destroy our democracy.”
The FBI and other federal agencies have been quietly supplying intelligence that has helped tech companies make their discoveries.
Several technology companies, including Facebook and Twitter, are meeting Friday in San Francisco to discuss combating disinformation. No government representatives are expected to attend.
White House officials have repeatedly insisted they are forcefully engaged in the fight against foreign online interference. In response to a request for comment, a National Security Council spokeswoman referred to White House spokeswoman Sarah Huckabee Sanders’s comment to reporters last month that “the president has been incredibly tough on Russia,” including “unprecedented sanctions.” The administration in March imposed sanctions on Russian hackers and spy agencies for interfering in the 2016 election, though several had already been sanctioned under the Obama administration.
Trump’s national security adviser, John Bolton, said in Geneva on Thursday after a meeting with his Russian counterpart, Nikolai Patrushev, “I made it clear that we wouldn’t tolerate meddling in 2018 and that we were prepared to take necessary steps to prevent it from happening.” On Friday in Kiev, Bolton said the government was taking “not simply defensive methods but other steps” to secure the upcoming election. He added that sanctions ''will remain in force until there’s the required change in Russian behavior.”
Yet the White House has struggled to maintain a consistent message in light of Trump’s repeated public challenges to U.S. intelligence findings about Russia’s disinformation campaign and its hacking of the Democratic National Committee and other sensitive targets.
Special counsel Robert S. Mueller III has indicted 12 Russians in that intrusion and 13 others related to the disinformation campaign by the Internet Research Agency in St. Petersburg, but Trump has repeatedly sought to undermine Mueller’s investigation.
“There is nothing more important than having the commander in chief, the chief executive of the United States, clearly verbally assert the threats and challenges that America faces so that the American people, government, private sector and civil society are galvanized and focused,” said Evelyn Farkas, who was deputy assistant defense secretary for Eurasia in the Obama administration.
Tech companies, which have been pilloried for nearly two years for not doing enough to combat disinformation during the presidential vote, increasingly are acting in urgent, public ways.
Microsoft has announced detecting hacking attempts on politicians and think tanks. Facebook, YouTube and Twitter have closed Russian and Iranian disinformation accounts. Twitter has become more aggressive in tackling its long-standing problem with fake and automated accounts, called “bots,” suspending tens of millions of suspicious accounts each month.
Friday’s tech industry meeting in San Francisco follows a previous meeting in May that was attended by high-level officials from agencies responsible for election security and was organized by Facebook’s recently departed chief security officer, Alex Stamos.
Both sides, while publicly praising each other, argue the other could be more aggressive. Stamos said he thought that since the election, the tech industry’s response has been “appropriate,” but it can only do so much without a stronger federal government response.
Federal officials “have done more, to be fair, but it’s very disjointed. There are like five guys over here and 10 guys over there,” said Stamos, who recently took a position at Stanford University and wrote about the struggle against foreign interference for Lawfare, a national security blog associated with the nonprofit think tank Brookings Institution.
Technology companies grew frustrated with law enforcement in the run-up to the 2016 election because they did not believe they were given enough guidance on how to confront a fundamentally new kind of threat. The firms had sophisticated defenses against traditional cyberattacks, but were not ready to combat disinformation in the form of divisive social media posts and phony websites.
Stamos in particular clashed with government officials and repeatedly asked for more assistance after the election, according to three people familiar with the discussions.
By waging their information warfare on turf that is almost entirely in the private sector, Russia and other foreign adversaries have exploited the fact that their battleground is off-limits to unfettered government surveillance. That means federal agencies such as the National Security Agency and the FBI do not have a holistic view of what is happening inside these networks, putting much of the burden on the private sector to detect and thwart malicious behavior.
"The NSA will never see all of these threats,” said Eric Rosenbach, a former senior Pentagon official who runs the Defending Digital Democracy project at Harvard University. “We would never want the NSA to be positioned to see all of these threats. So it will have to be Facebook, Google, Microsoft, Twitter, working together to exchange threat information and taking actions on their own.”
Information sharing with Congress is also hampered, tech firms say, by privacy laws that bar them from voluntarily disclosing user information — unless it is to federal law enforcement agencies with a court order.
For years, technology companies wanted to create platforms that would host speech for the largest number of voices — who of course, also were customers for rapidly growing businesses. They were reluctant to police most content, no matter how objectionable, out of concern it could open them up to new legal scrutiny and responsibility.
But that calculus has changed in the aftermath of Russian meddling, the surge in fake news and abuse by ideological actors. Technology companies say they increasingly realize there are serious reputational costs to the public perception that they are hurting democracy and that they face potential regulation if they are seen as not doing enough to stop the problems.
Microsoft President Brad Smith this week said companies were accustomed to operating more secretively. “I think we in the tech sector have been on a journey for how to talk about this publicly and how much to talk about this publicly.”
The government response, meanwhile, has been hamstrung by a shortage of visible presidential leadership. Some of the most important actions when nations clash, say experts and former officials, are political, economic or diplomatic. Forceful sanctions — or the credible threat of action — can be more effective at curbing bad international behavior than an entire army of cyber warriors trying to protect the nation’s digital resources.
A clear declaration from the president could galvanize the creation of a comprehensive strategy and prompt more coordinated action among government agencies and with the private sector, experts and current and former U.S. officials say. Such a public statement also could put other nations on notice that there will be serious consequences for interfering in America’s democratic processes.
“It’s very important for Russia and for President Putin to hear a declaratory statement from the president,” said Richard Ledgett, former deputy director of the National Security Agency. “It’s important for our allies to hear it and for folks in the United States, to include people in the government, to hear that because it adds heft to the idea of an integrated U.S. government response directed from the top. By not having the president say that, Putin could perceive that the president doesn’t really support this and he could keep on doing the things with impunity.”
Though the government does not have free license to peer into the private sector networks, it is gathering intelligence overseas on what activities foreign adversaries are preparing against the United States, and, when directed, advances options for countering them. Taking action as a government — and with allies — is an important deterrent, experts say. In particular, they say, hard-hitting sanctions that have an immediate impact on Russia’s economy are most likely to produce results.
Other options might include beefing up military alliances in the Baltic and Eastern Europe, cyber operations that can disrupt Russian disinformation efforts, and diplomatic steps like ensuring Russia is not readmitted to the group of highly industrialized nations, currently the G-7, experts say.
No one U.S. agency is in charge of countering foreign disinformation operations, much less advancing a strategy. “Our government just doesn’t have a coordinated plan, and it makes it extremely difficult to understand who is in charge,” said Stamos, the former Facebook executive.
The government could also enhance its sharing of intelligence with tech firms so they have the most relevant data possible to help detect attacks on their networks. And, experts say, the government should be more strategic about convening private sector partners to help formulate a coordinated national response.
“Neither under Bush nor Obama nor Trump have we articulated a cyber doctrine that says ‘if you punch us, if you interfere in our elections, if you steal our intellectual property, if you shut down our grid, here’s what we’ll do in response,'” Sen. Mark R. Warner (D-Va.) said. “This problem is not going away until we do that.”
Gabriel Pogrund contributed to this story.