There are a few explanations. To start, U.S. intelligence agencies traditionally have seen cyberattacks by other nations as a window to collect intelligence on the attackers’ own sources and methods. In this sense, the less said about an intrusion the better. The National Security Agency often chooses to respond to foreign government hacking with hacking of its own.
There are also diplomatic considerations. While the U.S. has sanctioned sectors of Russia’s economy for the annexation of Ukrainian territory, Secretary of State John Kerry has also tried unsuccessfully now for a year to entice Russia to use its leverage with the Syrian regime to end the civil war there. A public response to Russian cyber-aggression could invite a diplomatic response from Russia in Syria.
A senior administration official told me Saturday that there was no “across-the-board policy regarding Russia when it comes to prosecution or attribution.” Lisa Monaco, the president’s adviser on homeland security on Saturday told an audience at Aspen that the administration approaches each cyberattack on a “case by case basis,” depending on the quality and preponderance of evidence linking the hack to a state actor.
But one explanation for the lack of punishment is that, until recently, most of Russia’s cyberattacks were aimed at probing networks and not destroying them or leaking the pilfered data onto the internet.
Join the conversation as a VIP Member