New U.S. policy on nuclear retaliatory strikes for cyber-attacks is raising concerns, with Russia claiming that it’s already been blamed for a false-flag cyber-attack – namely the election hacking allegations of 2016, explain Ray McGovern and William Binney.
By Ray McGovern and William Binney
Moscow is showing understandable concern over the lowering of the threshold for employing nuclear weapons to include retaliation for cyber-attacks, a change announced on Feb. 2 in the U.S. Nuclear Posture Review (NPR).
Explaining the shift in U.S. doctrine on first-use, the NPR cites the efforts of potential adversaries “to design and use cyber weapons” and explains the change as a “hedge” against non-nuclear threats. In response, Russia described the move as an “attempt to shift onto others one’s own responsibility” for the deteriorating security situation.
Moscow’s concern goes beyond rhetoric. Cyber-attacks are notoriously difficult to trace to the actual perpetrator and can be pinned easily on others in what we call “false-flag” operations. These can be highly destabilizing – not only in the strategic context, but in the political arena as well.
Russian President Vladimir Putin has good reason to believe he has been the target of a false-flag attack of the political genre. We judged this to be the case a year and a half ago, and said so. Our judgment was fortified last summer – thanks to forensic evidence challenging accusations that the Russians hacked into the Democratic National Committee and provided emails to WikiLeaks. (Curiously, the FBI declined to do forensics, even though the “Russian hack” was being described as an “act of war.”)
Our conclusions were based on work conducted over several months by highly experienced technical specialists, including another former NSA technical director (besides co-author Binney) and experts from outside the circle of intelligence analysts.
On August 9, 2017, investigative reporter Patrick Lawrence summed up our findings in The Nation. “They have all argued that the hack theory is wrong and that a locally…