Senators support intel findings on Russia, call for deterrence policy

As President-elect Donald Trump continues to express doubts about the intelligence community's assertion that Russia hacked Democratic Party servers to influence the 2016 election, intelligence officials are standing by their findings.

At a Jan. 5 Senate Armed Services Committee hearing focused on foreign cyber threats to the United States, Director of National Intelligence James Clapper told senators he stands "more resolutely" on his Oct. 7 joint statement with the secretary of Homeland Security that said Russia hacked Democratic Party servers and emails.

Clapper is finalizing a comprehensive report on efforts by foreign actors to interfere with or undermine U.S. elections in 2016, 2012 and 2008. That report will be presented to President Obama on Jan. 6, and a declassified version will be released next week.

The DNI said that he did not want to preempt the report in his testimony, and many of the findings are classified, but he said President Putin had "more than one motive" behind what Clapper characterized as a "multifaceted" information operations campaign to influence the election.

During the hearing, senators did not challenge the IC's assessment that Russia conducted an operation that went well beyond the bounds of traditional espionage and crossed into what some argued could be considered an act of war against the U.S.

Many senators also took the opportunity to express support for the IC and indirectly or, in the case of Lindsey Graham (R-S.C.), directly chastise President-elect Trump for disparaging the IC.

"Mr. President-elect, when you listen to these people, you can be skeptical, but understand they're the best among us, and they are trying to protect us," Graham said after warning that Trump will need to rely on the IC when making decisions about dealing with threats from China, North Korea and other adversaries.

In addition to expressing solidarity with the IC and its findings on Russia's attempts to influence the election, senators also hammered the points that the U.S. still lacks a clear cyber deterrence policy and that the country faces a growing risk of cyber attacks because it has not imposed a significant cost on cyber criminals.

"What seems clear is that our adversaries have reached a common conclusion: that the reward for attacking America in cyberspace outweighs the risk," said SASC Chairman John McCain (R-Az.). "For years, cyberattacks on our nation have been met with indecision and inaction. Our nation has had no policy, and thus no strategy, for cyber deterrence."

He and other senators argued that the U.S. must define what constitutes a cyber act of war, what responses are appropriate and what the nation’s deterrence policy is. It must also determine whether the government – including Congress – is properly aligned and organized to address cyber threats. After the hearing, McCain told reporters that he was taking steps to form his planned cybersecurity-focused subcommittee of the Armed Services Committee and that Graham would lead the panel.

At the hearing, Graham argued that the U.S. sanctions against Russia amounted to "throwing pebbles," when instead the U.S. needs to "throw rocks" at Russia with a more forceful response.

"We have a chance as a nation to lay down a marker for all would-be adversaries," he added, "and we should take that opportunity before it is too late."

"We have a lot more work to do to put the right deterrence and response framework in place on cyber," said Marcel Lettre, under secretary of defense for intelligence. "In my personal opinion, the next administration would be well served to focus very early on those questions."

"The biggest frustration to me is speed, speed, speed," said Mike Rogers, director of the National Security Agency and head of U.S. Cyber Command. "We have got to get faster, we have got to get more agile."

Throughout the hearing, the panelists reiterated that Russia is the No. 1 cyber threat to the U.S. and is a "peer competitor" with extensive offensive capabilities. China, Iran, North Korea and terrorist organizations such as ISIS and al-Qaida were also identified as serious and growing threats.

The panelists cautioned, however, that coming up with a clear policy of deterrence in the cyber domain is difficult because adversaries do not use the same rational calculus that the Soviet Union did during the Cold War when nuclear weapons were a tangible threat.

Clapper warned that retaliating to cyber attacks with a cyber response could trigger a cycle of escalation and counter response that could be more damaging to the U.S. "It's in my view best to consider all instruments of national power," in responding to cyber attacks, he said.

Regarding the forthcoming intelligence report on Russia's campaign to influence the election, Clapper said he intends to "push the envelope" in terms of what can be declassified in order to provide the public with clear details and evidence. But, he said, there are limits because of the need to protect sources.

"We have invested billions and we have put people's lives at risk to glean such information, and so if we were to fulsomely expose it in such a way that would be completely persuasive to everyone, then we can just kiss that off because we'll lose it," he said.