Russian hacking warrants sanctions, cybersecurity CEO says

US has well-known cyber capabilities: CrowdStrike CEO
US has well-known cyber capabilities: CrowdStrike CEO

The U.S. has the capability to retaliate against Russian hackers — and it probably should, one cybersecurity CEO said.

The FBI, CIA and some other intelligence officials have pinpointed Russian hackers as a source of interference in the 2016 U.S. presidential election. While U.S. president Barack Obama has called for a "thoughtful, methodical" response, simply "naming and shaming" Russia might not be sufficient, said George Kurtz, co-founder and CEO of cybersecurity firm CrowdStrike.

"I don't know that it's enough," Kurtz told CNBC's "Squawk on the Street" on Tuesday. "I think sanctions are warranted here."

Russia's President Vladimir Putin
Mikhail Klimentyev | TASS | Getty Images

CrowdStrike released some of the first research tying Russian intelligence sources to the hacking of the Democratic National Committee.

WikiLeaks revealed more than 19,000 pages of hacked emails from the Democratic National Committee earlier this year, uncovering messages that seemed to dismiss Sen. Bernie Sanders and other details that ultimately prompted the resignation of DNC chair Debbie Wasserman Schultz.

"It just highlights, when we look at the broad, global economic environment, just how intertwined cyber is with our political — and our industrial — base," Kurtz said.

Obama has said that some of what the U.S. does in response to Russia is not publicized, and that there would be severe consequences for the hacking. But while he has denied Russian involvement in the hack, Russian President Vladimir Putin has called the DNC breach a "public service."

The Russian hack is the latest in a string of high-profile attacks from regimes like North Korea, where relations with the U.S. are tense. It's a growing threat, as hacking is increasingly a quick way to improve a nation's economy, Kurtz said.

"When we think about the overall environment, it's just too easy to create malware that's not detected by the current generation of anti-virus products," Kurtz said. "That's the reason that we're seeing a lot of these attacks. ... It's so easy to do, it's very little cost and very little opportunity to actually get caught."

Chinese industrial espionage on U.S. companies has declined a bit, Kurtz said, since the two nations agreed in 2015 that neither government would support or conduct cyber-enabled theft of intellectual property. But the agreement doesn't mean that China "can't steal from other folks around the globe," Kurtz said.

"Doesn't mean that all espionage activity has dropped — certainly, if you're in the defense industrial base, you're still subject to those sorts of attacks," Kurtz said. "But in terms of actually stealing intellectual property and secrets via cyber, we've seen a substantial reduction over the past year."

Still, while President-elect Donald Trump has vowed to use "every lawful presidential power" to stop Chinese theft of American trade secrets, Trump has called the ties between Russia, hackers and the election outcome "ridiculous."

"Does the U.S. have capabilities to take action? They certainly do," Kurtz said. "It will be up to the current and future administrations to decide what they are going to do."