U.S. hits back at Russian spies, cyber groups

shutterstock ID: 295517744 By David Carillet 

The U.S. executed its most significant retaliation to date against the Russian government and related cyber organizations on March 15, levying economic sanctions against five entities and 19 individuals through the Treasury Department and formally outing Russia as the sponsor of Dragonfly, an advanced persistent threat hacking group that has been targeting federal agencies and critical infrastructure in the U.S. and Europe before and after the 2016 elections.

Treasury designated five organizations for economic sanctions under authorities derived from the Countering America's Adversaries Through Sanctions Act as well as Executive Order 13694 issued under President Barack Obama in 2015. The sanctions affect officials from two Russian intelligence agencies, the Federal Security Services and Main Directorate Unit as well as employees from the Internet Research Agency, a troll farm indicted by Special Counsel Robert Mueller as part of his investigation.

"The Administration is confronting and countering malign Russian cyber activity, including their attempted interference in U.S. elections, destructive cyberattacks, and intrusions targeting critical infrastructure," Treasury Secretary Steven Mnuchin said in a statement announcing the sanctions. "These targeted sanctions are a part of a broader effort to address the ongoing nefarious attacks emanating from Russia."

Mnuchin also said that Treasury intends to impose additional sanctions in the future on Russian government officials and businessmen.

On the same day, the Department of Homeland Security and the FBI updated a joint technical alert on cyberattacks on U.S. government and critical infrastructure entities, attributing a host of ongoing attacks to Russia. An earlier version of the alert was issued in October 2017. The updated alert firmly links Dragonfly to the Russian government and provides more details around the strategies the group has been using to attack its targets.

Congressional Democrats welcomed the sanctions but criticized the Trump administration for not moving quicker or going far enough. Rep. Bennie Thompson (D-Miss.), ranking Democrat on the House Homeland Security Committee, released a statement saying the administration "has finally come to its senses" and the findings reinforce the need for additional security measures ahead of the 2018 mid-term elections.

Sen. Mark Warner (D-Va.) said the move was long overdue but does not go far enough.

"Nearly all of the entities and individuals who were sanctioned today were either previously under sanction during the Obama Administration, or had already been charged with federal crimes by the Special Counsel," Warner said. 

Rep. Jim Langevin (D-R.I.), co-chair of the Congressional Cybersecurity Caucus, was even more critical, calling the economic sanctions and joint technical alert "woefully inadequate."

"Sanctioning individuals already under indictment thanks to Special Counsel Robert Mueller is not going to change Russia's behavior," Langevin said. "Relisting Russian intelligence agencies already sanctioned under different authority will not deter them."

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.