U.S. Imposes Stiff Sanctions on Russia, Blaming It for Major Hacking Operation

WASHINGTON — The Biden administration on Thursday announced tough new sanctions on Russia and formally blamed the country’s premier intelligence agency for the sophisticated hacking operation that breached American government agencies and the nation’s largest companies.

In the broadest effort yet by President Biden to give more teeth to financial sanctions — which in recent years have failed to deter Russian activity — the actions are aimed at choking off lending to the Russian government.

In an executive order, Mr. Biden announced a series of additional steps — sanctions on 32 entities and individuals for disinformation efforts and for carrying out Moscow’s interference in the 2020 presidential election. Ten Russian diplomats, most of them identified as intelligence operatives, were expelled from the Russian Embassy in Washington. The United States also joined with European partners to impose sanctions on eight people and entities associated with Russia’s occupation of Crimea.

For the first time, the U.S. government squarely placed the blame for the hacking, known as SolarWinds, on the Kremlin, saying it was masterminded by the S.V.R., one of the Russian intelligence agencies that was also involved in the intrusion of the Democratic National Committee six years ago. The finding comports with the findings of private cybersecurity companies.

In Moscow, the Foreign Ministry’s spokeswoman, Maria Zakharova, said a response would be “inevitable” but did not immediately disclose what it would entail. The U.S. ambassador was summoned to a meeting with Russian officials, she added.

“Such aggressive behavior will of course receive a decisive response,” Ms. Zakharova said. “In Washington, they should know there will be a cost for the degradation of bilateral relations. Responsibility for what is happening lies wholly with the United States.”

Widely anticipated, the sanctions come amid a large Russian military buildup on the borders of Ukraine and in Crimea, the peninsula that Moscow annexed in 2014.

They comprise the public elements of what United States officials described as “seen and unseen” steps in response to the SolarWinds hacking and to Russia’s longstanding effort to interfere in U.S. elections on behalf of Donald J. Trump. The effectiveness of the sanctions, officials say, rests in part on implying that the United States could extend the ban to cut off financial institutions around the world from dealing in those Russian bonds, much as it enforced “secondary sanctions” against those who do business with Iran.

In a conversation with President Vladimir V. Putin on Tuesday, Mr. Biden warned that the United States would act to protect its interests, but he also raised the prospect of a summit meeting between the two leaders.

Inside American intelligence agencies, there have been warnings that the SolarWinds attack — which enabled the S.V.R. to place “back doors” in the computer networks — could give Russia a pathway for malicious activity against government agencies and corporations.

Jake Sullivan, Mr. Biden’s national security adviser, has often said that sanctions alone will not be sufficient. Before he took office, Mr. Biden suggested the United States would respond in kind to the hacking, which seemed to indicate some kind of clandestine response. But it may take weeks or months for any evidence of that to come to light, if it ever does.

The order also designates six Russian companies for providing support to the cyberactivities of the Russian intelligence service.

Administration officials said the actions were also a response to intelligence reports that Russia had paid bounties to encourage Taliban attacks on American troops, adding that they had sent diplomatic messages to Russia expressing concern about the reports. But a senior official said intelligence agencies only had low-to-moderate confidence in their assessment, because it was based in part on information from detainees.

In the SolarWinds breach, Russian government hackers infected network management software used by thousands of government entities and private companies in what officials believe was, at least in its opening stages, an intelligence-gathering mission.

The S.V.R., or the Russian Foreign Intelligence Service, is primarily known for espionage operations. In a statement, the administration said American intelligence agencies had “high confidence in its assessment of attribution” of responsibility to Russia.

The United States also described specific details about the software vulnerabilities that the Russian intelligence agencies used to infiltrate the systems of companies and governments. Most of those have been widely known since FireEye, a private security company, first found evidence of the hacking in December. Until then, the U.S. government had not noticed the actions, largely because the attack was initiated from inside the United States — where, as the Russians know well, American intelligence agencies are prohibited from operating.

Sanctions against Russia in recent years have been more narrowly drawn and have largely affected individuals. As such, the Kremlin has largely appeared to absorb or shrug off the penalties without changing its behavior. Broader sanctions targeting sectors of the Russian economy were imposed for Russia’s military intervention in Ukraine in 2014.

In early trading in Moscow before the announcement, the ruble’s exchange rate to the dollar dropped about 1 percent, underlining nervousness over how the sanctions would play out. The main stock index, Mosbirzhi, also fell just over 1 percent.

The fallout so far reflects years of Russian government policy to harden its financial defenses against sanctions and low oil prices by running budget surpluses and salting away billions of dollars in sovereign wealth funds.

Balanced budgets have been a core economic policy principle of Mr. Putin, who came to power more than 20 years ago during a post-Soviet debt crisis that he saw as humiliating for Russia and vowed not to repeat.

Still, analysts say strains from the past year of the pandemic and the drop in the global price of oil, a major Russian export commodity, have left Russia more vulnerable to sanctions targeting sovereign debt. By the first quarter of this year, however, a recovery in oil prices had helped return the federal budget to surplus.

Russia’s total debt issued in rubles rose to 14 trillion rubles, or about $190 billion, by the end of the year, around 80 percent of it held by investors unlikely to dump it in a panic.

In recent debt auctions last month, the Russian Finance Ministry issued five-year bonds with an interest rate just over 7 percent. The relatively high yields made these bonds popular with foreign investors, though they have been selling down portfolios for weeks in anticipation of possible sanctions, RBC, a Russian business newspaper, reported.

Michael D. Shear and David E. Sanger reported from Washington, Steven Erlanger from Brussels, and Andrew E. Kramer from Moscow.