Chitchat Trump, putin, and the new cold war

Trump has given risibly inconsistent accounts of his own ties to Russia. When he was in Moscow for the Miss Universe contest in 2013, and an interviewer for MSNBC asked him about Putin, he said, “I do have a relationship and I can tell you that he’s very interested in what we’re doing here today”; at a subsequent National Press Club luncheon, he recalled, “I spoke indirectly and directly with President Putin, who could not have been nicer.” During the Presidential campaign, he said, “I never met Putin, I don’t know who Putin is.” Trump has tweeted that he has “nothing to do with Russia”; in 2008, his son Donald, Jr., said that “Russians make up a pretty disproportionate cross-section of a lot of our assets.” At a news conference on February 16th, Trump was asked, again, if anyone in his campaign had been in contact with Russia, and he said, “Nobody that I know of.” He called reports of Russian contacts “a ruse,” and said, “I have nothing to do with Russia. Haven’t made a phone call to Russia in years. Don’t speak to people from Russia.” The next day, the Senate Intelligence Committee formally advised the White House to preserve all material that might shed light on contacts with Russian representatives; any effort to obscure those contacts could qualify as a crime.

Russian cyber army

4. HYBRID WAR

Putin rarely uses a computer, but he has moved his country into the digital age. Russia was once a technological laggard: the Soviets did not connect to the global Internet until 1990, and the state security services were so befuddled by the technology that, according to “The Red Web,” by Andrei Soldatov and Irina Borogan, agents demanded that Relcom, Russia’s first commercial Internet Service Provider, print out every communication that crossed its network. (Engineers rebelled, and the order was abandoned.) By 1996, however, a new generation of hackers in Russia had achieved the first state-directed penetration of America’s military network, pilfering tens of thousands of files, including military-hardware designs, maps of military installations, and troop configurations. In 2008, according to “Dark Territory,” a history of cyberwar by Fred Kaplan, Russian hackers accomplished a feat that Pentagon officials considered almost impossible: breaching a classified network that wasn’t even connected to the public Internet. Apparently, Russian spies had supplied cheap thumb drives, stocked with viruses, to retail kiosks near nato headquarters in Kabul, betting, correctly, that a U.S. serviceman or woman would buy one and insert it into a secure computer. In the past decade, cyber tactics have become an essential component of Russia’s efforts to exert influence over its neighbors.

Late one evening in the spring of 2007, President Toomas Hendrik Ilves of Estonia was at home using his laptop computer. He had trouble getting online. The news sites were down. The banks were down. Government sites were down. The President figured that it must be some kind of technical glitch. “The first reaction is not ‘We’re under attack,’ ” he said recently. But, after a few calls, he realized that someone was attacking one of Estonia’s core assets.

The birthplace of Skype and the home of other tech firms, Estonia is known in technology circles as “eStonia”; it is one of the most wired countries in the world. But Estonia was involved in a conflict with Russia over plans to move a Second World War-era statue of a Soviet soldier out of the center of Tallinn, the capital. Estonians regarded it as a symbol of occupation. The Russian government had warned publicly that moving it would be a grave offense to history and “disastrous for Estonians.”

On April 27th, the statue was moved. Almost immediately, commentators in Russian-language chat rooms posted instructions on how to become a “script kiddie,” an amateur hacker. The attackers did not need to “hack” Estonia’s sites, exactly; they simply swamped them with a “distributed denial of service”—DDoS—assault, which continued for two weeks. Investigators never pinpointed the source of the attack, but Ilves, who left the Presidency in October, 2016, believes that it was an alliance between members of the Russian government and organized crime. “I call it a public-private partnership,” he said wryly. “It was a state actor that paid mafiosos.”

Although the incident barely registered in international headlines, it was a landmark event: a state-backed cyberattack for political purposes. “What Estonia showed was that Russia was going to react in a new but aggressive way to perceived political slights,” Michael Sulmeyer, a senior Pentagon official in charge of cyber policy under Obama, said. “What was the offending act? The Estonians moved a statue.”

Russia was acquiring a reputation, in defense circles, for ambition, technical acumen, and speed. Barely a year after the Estonia attack, during a conflict with Georgia over the territory of South Ossetia, Russian tanks and planes crossed into the disputed territory at the same moment that hackers broke into fifty-four Web sites serving the government, media, and banks. They stole military information and immobilized the nation’s Internet. Georgian officers struggled to send orders to troops, and bewildered citizens had no way to find out what was happening.

The Georgia campaign was “one of the first times you’ve seen conventional ground operations married with cyber activity,” Sulmeyer said. “It showed not just an understanding that these techniques could be useful in combined ops but that the Russians were willing to do them. These guys implemented.”

And yet Russian military planners and officials in the Kremlin regarded Georgia as a failure in the realm of international propaganda. Although Russia prevailed militarily, its narrative was overshadowed by the Georgian one from the first minutes of the campaign. For Russia, the five-day conflict represented a “total defeat in the information space,” said Pavel Zolotarev, a retired major general in the Russian Army, who is now a professor at the Academy of Military Sciences. “Our television showed how the shelling started, the incursion of Georgian forces, and so on,” Zolotarev, who helped draft Russia’s national-security doctrine in the nineteen-nineties, said. “These pictures were shown in the West two days later—but as if Russia were doing the shelling, attacking Georgia.” Russian generals took this lesson to heart, and began to study how to use the media and other instruments to wage “information war,” later putting what they learned into practice in Ukraine and then Syria.

The United States, meanwhile, had its own notable cyberwar success. In 2008, in tandem with Israeli intelligence, the U.S. launched the first digital attack on another country’s critical infrastructure, deploying a “worm,” known as Stuxnet, that was designed to cause centrifuges in Iran to spin out of control and thereby delay its nuclear development.

Yet diplomatic concerns inhibited some of the United States’ active measures. The Obama Administration had a “reset” policy with Russia, forging agreements and coöperating on select issues, despite an over-all increase in tension. “Cyber was an area where we were trying to work with Russia,” Evelyn Farkas, the Pentagon official, said. “That’s the irony. We were meeting with their big spies, trying to develop some kind of arms control for cyber.”

When Robert Knake arrived as the director of cybersecurity policy at the National Security Council, in 2011, the White House had a formal initiative to combat Chinese hacking, known as the Counter-China strategy. Knake recalled, “The question was: ‘O.K., now, what’s the counter-Russia plan? And the counter-Iran plan?’ ” The difficulty was that, in the aftermath of Stuxnet, the U.S. needed Iran’s coöperation on diplomatic priorities. From 2011 to 2013, Iranian-backed hackers waged a sustained DDoS attack on dozens of American banks and financial-services companies, but the U.S. didn’t respond in kind, partly because the Administration was negotiating with Iran to curb its nuclear program. “If we had unleashed the fury in response to that DDoS attack, I don’t know if we would have gotten an Iran deal,” Knake said. In other cases, the Administration declined to respond forcefully so that it could retain the option of deploying similar means on other countries. “As long as we think we’re getting more value from this set of rules than we’re losing, then this is the set of rules we want to promote,” Knake said.

A new doctrine was taking shape, under which Russia sought to study the nefarious tools of the West, as it understood them, so as to counteract them at home and put them into practice abroad. One indication of what that might look like came in February, 2013, when, in the pages of the Military-Industrial Courier—a journal with a tiny yet influential readership of Russian military strategists—Valery Gerasimov, the Russian chief of general staff, published an article with the anodyne title “The Value of Science in Prediction.” The article identified and urged the adoption of a Western strategy that involved military, technological, media, political, and intelligence tactics that would destabilize an enemy at minimal cost. The strategy, which came to be known as “hybrid war,” was an amalgam that states have used for generations, but the text took on the status of a legend, and is now known in international military circles as the Gerasimov doctrine.

Gerasimov is sixty-one years old, and is always photographed in a stiff, forest-green military uniform and with a perpetually sagging frown. He trained as a tank commander, and then climbed the military hierarchy; he led the Fifty-eighth Army during the Second Chechen War. In the article for Military-Industrial Courier, Gerasimov suggested that, in the future, wars will be fought with a four-to-one ratio of nonmilitary to military measures. The former, he wrote, should include efforts to shape the political and social landscape of the adversary through subversion, espionage, propaganda, and cyberattacks. His essay, written in the shadow of the Arab Spring, cited the anarchy and violence that erupted in Libya and Syria as proof that, when faced with the combination of pressure and interference, a “perfectly thriving state can, in a matter of months, and even days, be transformed into an arena of fierce armed conflict, become a victim of foreign intervention, and sink into a web of chaos, humanitarian catastrophe, and civil war.”

Such events were “typical of warfare in the twenty-first century,” he wrote. “The role of nonmilitary means of achieving political and strategic goals has grown, and, in many cases, they have exceeded the power of force of weapons in their effectiveness.”

Pavel Zolotarev, the retired Russian general, explained that, when Gerasimov’s essay was published, “we had come to the conclusion, having analyzed the actions of Western countries in the post-Soviet space—first of all the United States—that manipulation in the information sphere is a very effective tool.” Previously, one had to use “grandfather-style methods: scatter leaflets, throw around some printed materials, manipulate the radio or television,” Zolotarev said. “But, all of a sudden, new means have appeared.”

Gerasimov’s prescriptions began to look prophetic a year later, when Russia annexed Crimea in a quick operation that caught U.S. officials by surprise and contravened international law. Russian-made propaganda whipped up pro-Moscow sentiment in a population that was already wary of Ukrainian political leaders in Kiev and had deep, historical ties with Russia. Unidentified soldiers (the so-called “little green men”) surrounded Ukrainian bases in Crimea, and within days Russia had pulled off a hastily organized, stage-managed referendum.

Even with the rise of new technologies, the underlying truth about such operations hasn’t changed. They are less a way to conjure up something out of nothing than to stir a pot that is already bubbling. In the U.S., a strategy like the alleged hacking of the Democrats was merely an effort to deepen an existing state of disarray and distrust. “For something to happen, many factors have to come together at once,” said Alexander Sharavin, the head of a military research institute and a member of the Academy of Military Sciences, in Moscow, where Gerasimov often speaks. “If you go to Great Britain, for example, and tell them the Queen is bad, nothing will happen, there will be no revolution, because the necessary conditions are absent—there is no existing background for this operation.” But, Sharavin said, “in America those preconditions existed.”

As tensions with Russia rose over the conflicts in Ukraine and Syria, in early 2014, the U.S. was stung by a tactic common in Moscow politics: the weaponized leak. While the U.S. and the European Union discussed the details of a potential transitional government in Ukraine, an aide to the Russian deputy prime minister tweeted a reference to part of a wiretapped conversation, posted soon afterward to YouTube, between Victoria Nuland, a U.S. Assistant Secretary of State, and her colleague Geoffrey Pyatt, the U.S. Ambassador in Ukraine. Nuland is heard saying “Fuck the E.U.”—a line that the Russians knew would cause difficulties between the Americans and their E.U. counterparts. The State Department called the leak “a new low in Russian tradecraft.” Asked what form of penalty was extracted from Russia, Michael McFaul, the Ambassador to Moscow during the Obama Administration, said, “To the best of my knowledge, there was none. I think that was a mistake.”

Obama’s adviser Benjamin Rhodes said that Russia’s aggressiveness had accelerated since the first demonstrations on Maidan Square, in Kiev. “When the history books are written, it will be said that a couple of weeks on the Maidan is where this went from being a Cold War-style competition to a much bigger deal,” he said. “Putin’s unwillingness to abide by any norms began at that point. It went from provocative to disrespectful of any international boundary.”

In the fall of 2014, a hacking group known as the Dukes entered an unclassified computer system at the U.S. State Department and gained enough control so that, as one official put it, they “owned” the system. In security circles, the Dukes—also referred to as Cozy Bear—were believed to be directed by the Russian government. Very little is known about the size and composition of Russia’s team of state cyberwarriors. In 2013, the Russian Defense Ministry announced that it was forming “scientific” and “information operations” battalions. A defense official later explained their purpose as “disrupting the information networks of the probable enemy.” Oleg Demidov, an expert on information security and cybercrime, and a consultant at the PIR-Center, a research institute in Moscow, said, “At the time, this idea was met with laughter. But this was something real, these units were indeed formed, and staffed by graduates of the country’s leading technical universities.” The next year, the Russian military expanded its public recruitment of young programmers; social-media ads for the “Research Squadron of the Russian Federation” depicted a soldier putting down a rifle and turning to a keyboard, accompanied by a heavy-metal soundtrack.

A retired K.G.B. colonel recently told the magazine Ogonyok that Russia had about a thousand people working in military and security operations online. According to a detailed report that appeared last November in the well-regarded online publication Meduza, several hundred technical specialists have left commercial firms to work for state-run cyber teams. A Defense Ministry spokesperson refused to confirm any details, telling a Meduza correspondent that the topic is secret, “so no one can see how we might apply these methods,” and warning against publication: “Don’t risk doing anything further—don’t put yourself in the crosshairs.”

After penetrating the State Department, the Dukes moved on to the unclassified computer network that serves the executive office of the President. (The network manages, for instance, details of his movements.) By February, 2015, the increasing intensity of Russian intrusions into sensitive political targets had raised alarms in Washington, and Clapper, the director of national intelligence, told a Senate hearing that the “Russian cyberthreat is more severe than we have previously assessed.”

European officials voice similar concerns. The Directorate-General for External Security, the French spy agency, is reportedly worried that Russian spies, hackers, and others are working to help Marine Le Pen, the Presidential candidate of the far-right National Front Party. Russian state media have suggested that one of her opponents, Emmanuel Macron, is a tool of American banks and has a secret gay lover. Le Pen, whose party has received loans from a Russian bank, has toed the Kremlin line on Crimea, saying that the territory was always part of Russia.

Bruno Kahl, the head of Germany’s foreign-intelligence agency, has expressed concern that Russian hackers are also trying to disrupt the German political scene, where Chancellor Angela Merkel is standing for reëlection as a stalwart supporter of nato and the E.U. Citing Russian interference in the American elections, Kahl told the newspaper Süddeutsche Zeitung, “The perpetrators are interested in delegitimizing the democratic process, as such, regardless of whom that ends up helping.” The director of Germany’s domestic-intelligence agency has since warned of “growing evidence for attempts to influence the federal election.” He told the Times that there has already been an increase in “aggressive cyberespionage” aimed at German politicians.

When the Dukes turned their attention to the Democratic National Committee, in 2015, the evident goal was to exploit divisions among Party members. In September, an F.B.I. agent called the D.N.C. and said that its computer network appeared to have been hacked. The agent was transferred to the help desk, where a tech-support contractor jotted down the information, checked Google for information on “the Dukes,” and ran a basic check for evidence of hacking. The F.B.I. agent left follow-up messages in October but never visited the office, and the D.N.C. leadership failed to mount a full-scale defense.

By March, 2016, the threat was unmistakable. Cybersecurity experts detected a second group of Russian hackers, known as Fancy Bear, who used “spear-phishing” messages to break into accounts belonging to John Podesta and other Democratic officials. Like Cozy Bear, Fancy Bear had left a trail around the globe, with its technical signature visible in cyberattacks against the German parliament, Ukrainian artillery systems, and the World Anti-Doping Agency. “I’ve never seen a group that doesn’t change its style of work after it has been detected,” Ilya Sachkov, who runs a leading cybersecurity firm in Moscow, said. “What logic led them to not adjust their methods?” Charles Carmakal, a specialist at FireEye, a cybersecurity organization that had previously studied the hacking groups implicated in the election operation, said that sophisticated hackers often leave forensic trails. “Even the best teams make mistakes, and, a lot of times, the guys who are great at hacking are not forensics guys who also know how to do investigations and understand all the artifacts that they’re leaving on a machine.”

Ultimately, the attack didn’t require an enormous amount of expertise. Gaining access to an e-mail account through spear-phishing is more akin to breaking into a car with a clothes hanger than to building a complex cyberweapon like Stuxnet. Oleg Demidov, the information-security expert, said that, from a technical perspective, the hacking was “mediocre—typical, totally standard, nothing outstanding.” The achievement, from Demidov’s perspective, was the “knowledge of what to do with this information once it had been obtained.”

On July 22nd, three days before the Democratic National Convention, WikiLeaks released nearly twenty thousand e-mails, the most damaging of which suggested that the D.N.C., though formally impartial, was trying to undermine Bernie Sanders’s campaign. In one e-mail, the D.N.C. chair, Debbie Wasserman Schultz, said of Sanders, “He isn’t going to be President.” Her resignation did little to tamp down public anger that was fuelled by the themes of secrecy, populism, and privilege—already a part of Trump’s arsenal against Clinton. Months later, Wasserman Schultz reproached the F.B.I. for not reacting more aggressively to the hacking. “How do they spend months only communicating by phone with an I.T. contractor?” she said in an interview. “How was that their protocol? Something has to change, because this isn’t the last we’ve seen of this.”

The interim chair of the D.N.C., Donna Brazile, had worked on seven Presidential campaigns, but she was unprepared for the level of anger, including death threats, directed toward D.N.C. staff and donors. “I’m from the South, and I’ve been through the traditional kind of campaigns where everybody got to call you the N-word, the B-word, or the C-word,” she said. “But this was not the usual kind of antipathy that you find in American politics. It was something else.” Someone created a fake e-mail account in her name and sent messages to a reporter at the Times. “It was psychological warfare at its best,” she said. (CNN, where Brazile had been a commentator, cut ties with her when hacked e-mails revealed that, after attending network strategy sessions, she shared potential debate questions with the Clinton campaign.)

While officials in the Obama Administration struggled with how to respond to the cyberattacks, it began to dawn on them that a torrent of “fake news” reports about Hillary Clinton was being generated in Russia and through social media—a phenomenon that was potentially far more damaging. “The Russians got much smarter since the days of rent-a-crowds and bogus leaflets,” one Obama Administration official said. “During the summer, when it really mattered, when the Russian social-media strategy was happening, we did not have the whole picture. In October, when we had it, it was too late.”

In the weeks after WikiLeaks released the D.N.C. e-mails, John Mattes, a Bernie Sanders organizer who ran a Facebook page for supporters in San Diego, noticed a surge of new adherents with false profiles. One “Oliver Mitov” had almost no friends or photographs but belonged to sixteen pro-Sanders groups. On September 25th, Mitov posted to several pro-Sanders pages: “new leak: Here Is Who Ordered Hillary To Leave The 4 Men In Benghazi!—USAPoliticsNow.” It was a baseless story alleging that Clinton had received millions of dollars from Saudi royals. Mattes said, “The fake news depressed and discouraged some percentage of Bernie voters. When I realized it, I said, ‘We are being played.’ ”

A post-election study by two economists, Matthew Gentzkow, of Stanford, and Hunt Allcott, of New York University, found that, in the final three months of the campaign, fabricated pro-Trump stories were shared four times as often as fabricated pro-Clinton stories. The researchers also found that roughly half the readers of a fake-news story believed it. A study led by Philip N. Howard, a specialist in Internet studies at Oxford University, found that, during the second debate of the general election, automated Twitter accounts, known as “bots,” generated four tweets in favor of Trump for every one in favor of Clinton, driving Trump’s messages to the top of trending topics, which mold media priorities. Internet researchers and political operatives believe that a substantial number of these bots were aligned with individuals and organizations supported, and sometimes funded, by the Kremlin.

On October 7th, WikiLeaks released the first installment of a total of fifty thousand e-mails from Podesta’s account. In the years since WikiLeaks gained prominence, in 2010, by posting secret U.S. government documents, its founder, Julian Assange, had taken refuge in the Ecuadorean Embassy in London to avoid a Swedish rape investigation that he considers a pretext for an American effort to extradite him. He has remained politically outspoken, hosting a show on Russian television for a time and later criticizing Clinton’s candidacy, writing, in February, 2016, that she “will push the United States into endless, stupid wars which spread terrorism.”

WikiLeaks put out a new batch of the e-mails nearly every day until the election. Reporters covered the contents of the messages—gossipy asides, excerpts from Hillary Clinton’s highly paid Wall Street speeches, internal discussion about Clinton’s statements on Benghazi, infighting at the Clinton Foundation over the political risks of foreign donations—and Podesta believes that the impact of individual stories was magnified by manipulation on social media. The Clinton campaign tried to shift focus from the details in the e-mails to the fact that they had been hacked. That argument was largely futile. “You don’t see the full extent at the time,” he said. “But it’s corrosive and it’s eating away underneath.”

Some Clinton aides suspect that Roger Stone, an on-again, off-again adviser to Trump, counselled WikiLeaks on the optimal timing for its disclosures. Six days before the leaks began, Stone tweeted, “@HillaryClinton is done. #Wikileaks.” Stone said that he was “flattered” by the suspicion but denied that he had given the group advice. He said that he was merely alerted to the leaks by a “mutual friend” of his and Assange’s: “And I was told that the information he had would be devastating to Hillary. I was not told the subject matter.” Stone was among those named in news reports about evidence that Trump associates had had exchanges with Russian intelligence officials. According to Stone, he has not been contacted by the F.B.I., and such suspicions are unfounded. (“If they have evidence of a crime, indict somebody,” he said. “I have not been in touch with anybody in Russia. I’ve never been to Russia. I don’t know any Russians.”)

The Clinton campaign was making plenty of tactical errors, without foreign assistance, and Trump was reaching white working-class voters far more effectively than the media recognized. But, in Podesta’s view, hacked e-mails did heavy damage to the campaign, because they revived a preëxisting liability, the unconnected story about Clinton’s use of a private e-mail server. “It shaped the Facebook newsfeed,” he said. “It kept ‘e-mails’ front and center, even at a very slow boil. There was just a dark cloud under the banner of ‘e-mails.’ ”

On Friday, October 28th, the F.B.I. director, James Comey, announced that new e-mails from Clinton had surfaced, in an unrelated case. Podesta said, “It’s not until that Friday, eleven days out, that you see a major movement of public opinion. The group in the electorate that was moving around the most was non-college-educated women. I think particularly the pushing of the fake news in the last couple of weeks was important in the places that mattered. When you lose by a total of seventy thousand votes in three states, it’s hard to say if any one thing made the difference. Everything makes a difference. I think it definitely had an impact. The interaction between all of this and the F.B.I. created a vortex that produced the result.”