Months after hack, US poised to announce sanctions on Russia

WASHINGTON — The Biden administration is preparing to announce sanctions in response to a massive Russian hacking campaign that breached vital federal agencies, as well as for election interference, a senior administration official said Wednesday night.

The sanctions, foreshadowed for weeks by the administration, would represent the first retaliatory action announced against the Kremlin for last year’s hack, familiarly known as the SolarWinds breach. In that intrusion, Russian hackers are believed to have infected widely used software with malicious code, enabling them to access the networks of at least nine agencies in what U.S. officials believe was an intelligence gathering operation aimed at mining government secrets.

Besides that hack, U.S. officials last month alleged that Russian President Vladimir Putin authorized influence operations to help Donald Trump in his unsuccessful bid for reelection as president, though there’s no evidence Russia or anyone else changed votes or manipulated the outcome.

The measures are to be announced Thursday, according to the official, who was not authorized to discuss the matter by name and spoke on condition of anonymity to The Associated Press.

It was not immediately clear what, if any, other actions might be planned. Officials had previously said they expected to take actions both seen and unseen.

The sanctions, presumably intended to send a clear retributive message to Russia and to deter similar acts in the future, come amid an already tense relationship between the U.S. and Russia.

President Joe Biden told Putin this week in their second call to “de-escalate tensions” following a Russian military buildup on Ukraine’s border, and said the U.S. would “act firmly in defence of its national interests” regarding Russian intrusions and election interference.

In a television interview last month, he replied “I do” when asked if he thought Putin was a “killer.” He said the days of the U.S. “rolling over” to Putin were done. Putin later recalled his ambassador to the U.S. and pointed at the U.S. history of slavery and slaughtering Native Americans and the atomic bombing of Japan in World War II.

It remained unclear whether the U.S. actions would actually result in changed behaviour, especially since past measures by the U.S. have failed to bring an end to Russian hacking. The Obama administration expelled diplomats from the U.S. in 2016 in response to interference in that year’s presidential election. And though Trump was often reluctant to criticize Putin, his administration also expelled diplomats in 2018 for Russia’s alleged poisoning of an ex-intelligence officer in Britain.

U.S. officials are still grappling with the aftereffects of the SolarWinds intrusion, which affected agencies including the Treasury, Justice, Energy and Homeland Security departments, and are still assessing what information may have been stolen. The breach exposed vulnerabilities in the supply chain as well as weaknesses in the federal government’s own cyber defences.

The actions would represent the second major round of sanctions imposed by the Biden administration against Russia. Last month, the U.S. sanctioned seven mid-level and senior Russian officials, along with more than a dozen government entities, over a nearly fatal nerve-agent attack on opposition leader Alexei Navalny and his subsequent jailing.

Aamer Madhani And Eric Tucker, The Associated Press