Advertisement

Russia, newly accused of cyberattacks, is hit with more U.S. sanctions for helping North Korea evade international penalties

Russia, newly accused of cyberattacks, is hit with more U.S. sanctions for helping North Korea evade international penalties
President Trump, left, and Russia's President Vladimir Putin at their summit in Helsinki, Finland. (Tass)

The Trump administration on Tuesday imposed more sanctions against Russia — this time for helping North Korea evade international sanctions — as Moscow separately was accused anew of cyberattacks in the United States apparently aimed at undermining the midterm election in November.

The Russia sanctions were not related to the latest allegations of election interference but are the newest punitive measures in what has become a large — and apparently ineffective — package of penalties to force Russia to end its alleged violations of international norms and agreements.

Advertisement

They come, however, amid mounting evidence that people or groups associated with the Kremlin are actively hacking U.S. political institutions, national infrastructure such as the electricity grid, and major social media outlets, with an eye toward disrupting the American democratic system.

The action against Russia also was another example of the disconnect between administration action and the president’s words that has flummoxed both parties in Congress. It came as President Trump continued to speak ambivalently about Russia’s interference in the 2016 presidential election. In an interview with Reuters this week, Trump added a caveat, “if it was Russia,” when speaking of that interference, which the entire U.S. intelligence community has concluded was masterminded by Russia’s government.

Microsoft announced Tuesday that it took control of six internet domains created by a group with ties to the Russian government, which sought to trick people into believing they were legitimate sites related to the U.S. Senate and two conservative Washington-based think tanks that have been critical of Trump: the Hudson Institute and the International Republican Institute.

The move by Microsoft, based on court orders and executed last week by its digital crimes unit, marked the 12th time in the last two years that the technology giant has moved to shut down fake websites created by the group variously known as Strontium, Fancy Bear or ATP28.

Microsoft has shut down a total of 84 of the group’s sites during that period.

“We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections,” Microsoft President Brad Smith said in a written statement.

Similarly, Facebook announced late Tuesday that it had removed 652 pages and accounts worldwide that were part of disinformation efforts by Russia as well as Iran. The company said there was no evidence the campaigns were aimed at disrupting the November midterm election. Just last month Facebook shut down 32 U.S. pages and accounts that it called part of a covert operation to stoke racial tensions in this country.

Facebook and investigators from the Digital Forensic Research Lab at the Atlantic Council, a nonpartisan think tank, later concluded that the shuttered pages and accounts were run by or linked to Russia’s Internet Research Agency.

The agency is the troll farm in St. Petersburg that U.S. officials say meddled in the 2016 election. It and 13 employees have been indicted on charges brought by special counsel Robert S. Mueller III in his ongoing investigation of Russia and possible Trump campaign complicity.

An estimated 580 sanctions have been levied against Russian firms, entities and individuals, including a number of oligarchs close to President Vladimir Putin. The sanctions are punishment for assorted transgressions: violations of human rights, use of chemical weapons, sabotage of elections and refusing to abide by U.S. sanctions against other countries.

Tuesday’s sanctions fall into the last category. The Treasury Department said it was blacklisting two Russian citizens and two large Russian shipping companies for using at least seven Russian-flagged vessels to illegally ship refined petroleum products to North Korea.

Under United Nations sanctions unanimously approved by the Security Council, North Korea is barred from trade in most oil, coal, minerals and other commodities as punishment for its development of nuclear weaponry and inducement to halt the program. So it has sought willing partners to evade the limits.

“The Treasury Department is disrupting Russian efforts to circumvent our sanctions,” said Steven T. Mnuchin, the secretary of the Treasury.

The Trump administration — as the Obama administration before it — has also expelled Russian spies, closed down Russian diplomatic offices and seized Russian-owned properties in the United States. But after Congress overwhelmingly approved additional sanctions late last year as punishment for election activities, Trump only reluctantly and belatedly signed them into law, aware that Congress probably would overturn any veto.

Advertisement

The gulf between his administration’s tough action on Russia and Trump’s refusal to condemn Moscow or Putin has long vexed lawmakers and other White House watchers.

On Tuesday, Assistant Secretary of State Wess Mitchell went before a skeptical Senate panel to explain U.S. policy toward Russia. Several members of the Senate Foreign Relations Committee, from both parties, repeatedly questioned why there was a disparity between the president’s actions and that of his administration.

Democrats also said they were deeply concerned that there has been no full official report of what Trump and Putin said in their roughly two-hour, one-on-one meeting in Helsinki, Finland, last month, with only translators present.

Mitchell asserted several times that the administration’s actions are at Trump’s behest. “We are executing the policy directives of the president. Full stop,” he said.

The sanctions are biting, he added, noting that Russia has lost $8 billion to $10 billion in arms sales, other export revenue is falling, and foreign direct investment in Russia is down 80% since 2013.

The administration is prepared to take additional steps up “an escalatory ladder” of sanctions, he said.

"Putin wants to break apart the American republic, not by influencing an election or two, but by systematically inflaming the perceived fault lines that exist within our society," Mitchell said. "His is a strategy of chaos for strategic effect."

Downstairs in the Senate building, members of the Senate Banking Committee were airing similar grievances and forcing senior State and Treasury officials to defend the administration’s approach toward Russia.

"It seems to many of us that our efforts are not effective enough," Sen. Tim Scott (R-S.C.) said. "There's so little we can show for our efforts."

Indeed, sanctions do not seem to have made much of a dent in the work of the cyberspies, as shown by the examples disclosed by Microsoft involving the U.S. Senate; the International Republican Institute, which is affiliated with the Republican Party; and the Hudson Institute, whose website on Tuesday featured a report entitled, “Countering Russian Kleptocracy.”

Advertisement

The cyberattackers created realistic-looking internet domains using words from the targeted entities’ official website addresses to fool users, Microsoft said. Cybersecurity experts say the strategy can be employed to disseminate false information, spread viruses or steal passwords and other credentials from people.

Microsoft’s Smith said that despite shutting down the sites, hackers will probably continue to target politicians and think tanks across the ideological spectrum.

“Taken together, this pattern mirrors the type of activity we saw prior to the 2016 election in the United States and the 2017 election in France,” Smith said.

International Republican Institute President Daniel Twining said the think tank, whose board has Russia critics including Sens. John McCain (R-Ariz.) and Marco Rubio (R-Fla.), has been targeted by hackers before and has taken steps to defend itself.

“Cyberattacks have become one of the preferred tools of authoritarians around the world to harass and undermine independent organizations and democratic governments,” Twining said.

The latest example, he added, “is clearly designed to sow confusion, conflict and fear among those who criticize Mr. Putin’s authoritarian regime.”

5:20 p.m.: This article was updated with Facebook’s announcement.

This article was originally published at 4:05 p.m.

Advertisement
Advertisement