This week in the Russia investigations: America's cyber-troops may be fighting back against Russia's influence brokers. Will it be enough?
Everyone knows how to picture the special operations troopers of, for example, the Army's elite Delta Force: Rough-looking customers with custom carbines and advanced night vision goggles stepping off the skids of a black helicopter in the middle in the night.
What do America's cyber-forces look like?
They don't have the same kind of public relations machine and they work in some of the most secret facilities in the world, but it's possible to patch together a rough picture:
They're probably a little bit less aggro. They're drawn from all four branches of the military. Many deploy overseas, but many of them also drive to work each day in the suburban sprawl between Washington, D.C. and Baltimore at the National Security Agency on the Army's Fort Meade.
And according to a report this week in The New York Times, they have been busy delivering subtle pressure to their opposite numbers in Russia associated with Moscow's interference campaigns against the West.
The American troops are "targeting individual Russian operatives to try to deter them from spreading disinformation to interfere in elections, telling them that American operatives have identified them and are tracking their work, according to officials briefed on the operation," as The Times' Julian Barnes reported.
The details, unsurprisingly, were omitted, but we can also patch together a rough picture of this, too.
Eye in the sky
The NSA and U.S. Cyber Command can exercise near-godlike omniscience over the Internet.
In court documents and other materials released by the office of Justice Department special counsel Robert Mueller, the U.S. intelligence community has documented individual emails sent by one Russian influence-monger to another, and even specific user-level behavior, including the case of a person in Russia clearing his browser history.
How does the NSA have this kind of awareness? We may never know — or we may, given the problems the agency has had with keeping some of its most sensitive secrets under wraps — but suffice it to say that whenever any bit of information moves anywhere on the global information grid, someone in Fort Meade probably can find out about it.
With that knowledge, according to The Times, U.S. cyber-troopers are waging what appears to be a low-grade influence campaign of their own, one highly focused on individual Russians.
The Americans aren't threatening them, the newspaper said:
"Still, former officials said anyone singled out would know, based on the United States government's actions against other Russian operatives, that they could be indicted or targeted with sanctions."
Greetings, from the United States of America
The tailored meet-and-greet approach reflects an evolution in the thinking of U.S. intelligence and defense officials in how to respond to Russian cyber-aggression. That problem has stymied them since the intelligence community first discovered the spike in active measures during the Obama administration.
The Pentagon, State Department and the spy agencies all reportedly differed on how to respond:
Maybe the United States should use cyberattacks to brick the servers that were being used in the attacks, according to one line of thinking — literally melt them with malware that could shut down their cooling fans, for example.
Maybe it should try to embarrass Russian President Vladimir Putin by revealing his secret assets around the world.
Maybe it should wage an influence campaign of its own.
Under President Obama, according to reports then and since, the cons often were found to outweigh the pros:
The United States is much more susceptible to cyber-escalation than Russia, as the administration concluded. Russian cyberattacks have seeded potential vulnerabilities across the U.S. and no one was certain about where a spiraling cyber-skirmish might stop if Washington decided to light the fuse.
The New York Times report about CyberCom suggests that Washington has concluded the smartest bet is to keep this as low-key as it can.
So maybe an army intelligence officer working for Russia's military spy agency, the GRU, leans over in the morning to pick up his smartphone and he has a direct message from an unknown account that says something like: "We know what you're doing. It would be a shame if you were to be sanctioned like the others."
Or up in St. Petersburg, an influence operations specialist logs onto the workstation where she spends the day posing as an American Facebook user. She receives a message there that says something like, "What you're doing is hurtful. We take these kinds of actions very seriously."
If, in fact, this is what CyberCom has decided to do, the next question is how effective it may prove.
Court documents and congressional testimony have now made it possible to form the most detailed impression yet about Russia's influence operations against the West, code named "Project Lakhta."
In the case of the social media agitation, the people involved are evidently private employees — as compared to the government officials such as the intelligence officers who launched cyberattacks against the Democratic National Committee, state election systems and many other targets in the U.S.
Maybe that means these kinds of incentives might work? Our imaginary influence specialist in St. Petersburg might think to herself: I want to be able to travel to Europe on holiday. I don't want my name to come up in a Google search in connection with this influence work. So I'll go and find another job.
The GRU official, in our little scenario, is a tougher nut to crack. He's an army officer following orders and probably has no love for the United States given his knowledge about what its cyber-professionals are doing to Russia. It's tough to imagine him being scared of a Justice Department criminal complaint filed some 5,000 miles away on the other side of the planet.
In fact, the Russian government, in a way, has embraced and tried to short-circuit the West's strategy of "naming and shaming" those involved with today's latter-day spy games.
When the British government charged two GRU officers by name with the nerve agent attacks that killed and injured people in Great Britain, the men appeared on TV in Russia. They explained that yes, they had visited the town of Salisbury, where the poisonings had taken place — but they simply wanted to visit its famous cathedral.
When the Justice Department charged a Russian woman who's been accused of being a bookkeeper for Moscow's influence-mongering operations, she appeared in a video of her own: I'm just a simple accountant, she proclaimed. I don't even speak English! But she did say she hoped that America would, ultimately, be made great again.
Trolling of this magnitude has become an important feature of statecraft among the great powers in the 21st century — China's foreign ministry executed a gem of its own by positing that Beijing could close its trade surplus with the United States by buying four notoriously expensive nuclear-powered aircraft carriers from the U.S. Navy.
(That is unlikely.)
Now that relations among the United States and these sometime antagonists have reached this tenor, it raises the question question about how much difference CyberCom might make with its reported campaign of digital shoulder-tapping.
And what else the U.S. military and intelligence community might be doing.