President Trump has laid claim to a 2018 cyber attack on Russia’s Internet Research Agency (IRA) – framing it as evidence that he’s responded to Russia’s provocations in an interview with the Washington Post. It’s an unconventional move, and one experts say could hand Russia an advantage in the cyber sphere.
Kevin Curran, professor of cyber security at Ulster University says that by owning up to the attack, “Donald Trump would undoubtedly be sharing patterns of exploits which allow the enemy to reverse engineer both the tactics and the very source code mechanisms used against them. They will be able to more easily pinpoint future attacks from IP addresses, regions and manner of attack […] Any such information leaked from a cyber-command has made it much harder for that cyber-command to reuse the tactics used in that previous attack.”
In 2019, US officials claimed credit for the attack – which knocked the IRA, a troll farm in Russia that was allegedly behind a 2016 election influence campaign, offline for a few days. That Russia influenced the outcome of the US election is a persistent yet unsubstantiated element of the Russiagate conspiracy theory that has doggedly attempted to tie Trump to Russia. Facebook data found that only one in 23,000 pieces of content on its platform could be traced to Russia. The platform said that the IRA spent $46,000 on ads, and Russian disinfo sources $100,000 in total, compared to the $81 million collectively spent by the Clinton and Trump campaigns. Despite this, the myth persists.
Ahead of the 2020 elections is an opportunistic moment for Trump to take credit for the IRA attack. The New York Times surmised that Trump was attempting to look hard-line on the Kremlin in light of criticism that he ignored (now mostly debunked) intelligence about Russia likely offering bounties to Afghan militants to execute American troops.
Regardless, directly claiming the attack is unorthodox. “More usually, nation state cyber attacks try to plant false flags to throw those conducting forensic analysis off the scent,” says Alan Woodward, professor of cyber security at the University of Surrey. “Just because a file has a date time stamp from Moscow doesn’t necessarily mean it was Russian in origin […]”
However, the flipside is a country claiming responsibility when “it[s] politically expedient to do so, even though they didn’t actually mount the operation,” says Woodward. “The world of cyber warfare is one littered with false trails.”