President Barack Obama's administration is close to announcing measures to punish Russia for its interference in the 2016 presidential election, including economic sanctions and diplomatic censure, U.S. officials said.
The administration still is finalizing the details, which also are expected to include covert action that likely will involve cyber operations, the officials said. An announcement on the public elements of the response is expected as early as this week.
The sanctions part of the package culminates weeks of debate in the White House about how to revise an executive order from last year meant to give the president authority to respond to cyberattacks from overseas, but which did not originally cover efforts to influence the electoral system.
The Obama administration last year rolled out the order to great fanfare as a way to punish and deter foreign hackers who harm the United States' economic or national security.
The threat to use it last year helped wring a pledge out of China's president that his country would cease hacking U.S. companies' secrets to benefit Chinese companies.
But officials this fall concluded that it could not, as written, be used to punish the most significant cyber-provocation in recent memory against the United States -- Russia's hacking of Democratic Party organizations, targeting of state election systems and meddling in the presidential election.
With the clock ticking, the White House is working on adapting the authority to punish the Russians, according to the officials, who spoke on the condition of anonymity to discuss internal deliberations. Obama last week pledged that there would be a response to Moscow's interference in the U.S. elections.
One clear way to use the order against the Russian suspects would be to declare the electoral systems part of the "critical infrastructure" of the United States, officials said. Or it could be amended to clearly apply to the new threat -- interfering in elections.
Administration officials said they also would like to make it difficult for President-elect Donald Trump to roll back any action they take.
"Part of the goal here is to make sure that we have as much of the record public or communicated to Congress in a form that would be difficult to simply walk back," said one senior administration official, who like others spoke on the condition of anonymity to discuss internal deliberations.
Obama issued the executive order in April 2015, creating the sanctions tool as a way to hold accountable people who harm computer systems related to critical functions such as electricity generation or transportation or who gain a competitive advantage through cybertheft of commercial secrets.
The order allows the government to freeze the assets in the United States of people overseas who have engaged in cyber acts that have threatened U.S. national security or financial stability. The sanctions also would block commercial transactions with the designated individuals and bar their entry into the country.
But just a year later, a Russian military spy agency hacked into the Democratic National Committee and stole a trove of emails that were released a few months later on WikiLeaks, U.S. officials said. Other releases followed, including the hacked emails of Hillary Clinton's campaign chairman, John Podesta.
"Fundamentally, it was a low-tech, high-impact event," said Zachary Goldman, a sanctions and national security expert at New York University School of Law. And the 2015 executive order was not crafted to target hackers who steal emails and dump them on WikiLeaks or seek to disrupt an election. "It was an authority published at a particular time to address a particular set of problems," he said.
So officials "need to engage in some legal acrobatics to fit the DNC hack into an existing authority, or they need to write a new authority," Goldman said.
Administration officials said they would like Obama to use the power before leaving office to demonstrate its utility.
"When the president came into office, he didn't have that many tools out there to use as a response" to malicious cyber acts, said Ari Schwartz, a former senior director for cybersecurity on the National Security Council. "Having the sanctions tool is really a big one. It can make a very strong statement in a way that is less drastic than bombing a country and more impactful than sending out a cable from the State Department."
The National Security Council concluded that it would not be able to use the authority against Russian hackers because their malicious activity did not clearly fit under its terms, which require harm to critical infrastructure or the theft of commercial secrets.
"You would (a) have to be able to say that the actual electoral infrastructure, such as state databases, was critical infrastructure, and (b) that what the Russians did actually harmed it," said the administration official who spoke on the condition of anonymity. "Those are two high bars."
A Section on 12/28/2016