Hack­ers are shap­ing US elec­tion: Pre­pare the Bat­tle­field

Kuwait Times - - TECHNOLOGY - By Alas­tair Pater­son, CEO and Co-Founder, Digital Shad­ows

To say that the 2016 US Pres­i­den­tial elec­tion cy­cle has been un­usual would be an un­der­state­ment for a num­ber of rea­sons. As a se­cu­rity pro­fes­sional, what stands out is the steady stream of cy­ber se­cu­rity-re­lated in­ci­dents, par­tic­u­larly when com­pared to the US elec­tions of 2012 and 2008. We’ve all read mul­ti­ple re­ports of high­pro­file com­pro­mises of party sys­tems, nu­mer­ous pub­lic data leaks, sus­pected na­tion-state in­ter­fer­ence, low-level hack­tivism, and fears over the po­ten­tial com­pro­mise of vot­ing sys­tems on Elec­tion Day.

Amidst all the noise and sen­sa­tion­al­ism it can be dif­fi­cult to un­der­stand the true im­pact and im­pli­ca­tions of this ac­tiv­ity. Map­ping cy­ber events to polling sta­tis­tics in an at­tempt to re­veal di­rect cor­re­la­tions be­tween ac­tiv­i­ties in­tended to weaken a par­tic­u­lar can­di­date’s po­si­tion and re­al­ity is spec­u­la­tive at best. Opin­ion polls are no­to­ri­ously volatile and vary greatly de­pend­ing on the data con­sulted. It is dif­fi­cult to know how widely or quickly leaked in­for­ma­tion reaches the vot­ing pub­lic. And, of course, there can be a va­ri­ety of rea­sons for polling fluc­tu­a­tions.

How­ever, de­spite lit­tle ev­i­dence to demon­strate a di­rect im­pact on a par­tic­u­lar can­di­date’s po­si­tion due to cy­ber events, there are larger trends that may be far more sig­nif­i­cant as cy­ber emerges as the lat­est front on the elec­tion bat­tle­field.

First and fore­most, the series of net­work breaches that have been at­trib­uted to the ac­tions of a na­tion-state, though un­con­firmed, suggest a no­tice­able shift in tac­tics. The tar­get­ing of elec­tions and party can­di­dates by a for­eign state ac­tor is noth­ing new, but un­til now it has been chiefly mo­ti­vated by in­tel­li­gence gath­er­ing ob­jec­tives and the con­tin­u­a­tion of un­de­tected ac­cess to their tar­get’s sys­tems in order to main­tain their strate­gic view­point. For ex­am­ple, in 2013, media re­ports re­vealed that Chi­nese gov­ern­ment hack­ers gained ac­cess to the com­puter net­works of Sens. Barack Obama and John McCain dur­ing the 2008 pres­i­den­tial elec­tion. Cam­paign staffers at the time said that they grew sus­pi­cious that they were be­ing mon­i­tored af­ter Chi­nese of­fi­cials ap­proached them to com­plain about for­eign pol­icy po­si­tions writ­ten in se­cret, in­ter­nal doc­u­ments that had not yet been pub­li­cized. Ac­cord­ing to media re­ports, it ap­peared that the Chi­nese had pen­e­trated the cam­paign net­works to ob­serve how the can­di­dates’ poli­cies on China were be­ing de­vel­oped.

How­ever this elec­tion cy­cle has shown that state ac­tors may also be­lieve that some data has more value if it is made pub­lic. The United States In­tel­li­gence Com­mu­nity and a num­ber of se­cu­rity ven­dors and com­men­ta­tors sus­pect that leaks orig­i­nat­ing from Wik­ileaks, Guc­cifer 2.0, and DC Leaks may be tied to Rus­sian state-spon­sored ac­tors.

Sec­ond, al­though pub­lic con­fi­dence in elec­toral sys­tems has been on the de­cline for over 12 years ac­cord­ing to re­search by the Pew Re­search Cen­ter, these con­cerns have now been ex­ac­er­bated by de­bates on the threat to vot­ing sys­tems by cy­ber ac­tors. In fact, in­creased lev­els of con­cern sur­round­ing the ac­cu­racy of the vot­ing sys­tem are so high that the Depart­ment of Home­land Se­cu­rity and the Of­fice of the Di­rec­tor of Na­tional In­tel­li­gence on Elec­tion Se­cu­rity felt the need to is­sue a joint state­ment that pointed out that vot­ing sys­tems are not at risk from cy­ber­at­tacks as they are not con­nected to the In­ter­net. It re­mains to be seen whether pub­lic con­fi­dence con­tin­ues to de­cline in the fu­ture, though with on­go­ing cy­ber ac­tiv­ity and sub­se­quent media at­ten­tion the ero­sion will likely con­tinue.

These two trends may be a sign of things to come, and it is pos­si­ble that sim­i­lar op­er­a­tions may be re­peated in the fu­ture, not only tar­get­ing the US but other coun­tries as well. In fact, such ev­i­dence sur­faced in April of this year when a South Amer­i­can hacker re­vealed his in­volve­ment in a covert cam­paign to swing the 2012 pres­i­den­tial elec­tion in Mex­ico. Ac­cord­ing to an in­ter­view, the hacker, An­drÈs Sep?lveda, was in­volved in rig­ging pres­i­den­tial elec­tions in Nicaragua, Panama, Hon­duras, El Sal­vador, Colom­bia, Mex­ico, Costa Rica, Gu­atemala and Venezuela.

It’s safe to say that more pub­lic leaks will con­tinue be­fore the end of the elec­tion. And fu­ture cam­paigns must be pre­pared for bat­tle on this new front. In the arse­nal of se­cu­rity weapons that or­ga­ni­za­tions have at their dis­posal, cy­ber sit­u­a­tional aware­ness pro­vides an or­ga­ni­za­tion with an at­tacker’s eye view into in­for­ma­tion about them­selves that is avail­able on­line as well as in­stances of po­ten­tial leaks, com­pro­mises and in­ter­fer­ence. While hack­ers will con­tinue to hone their craft with a fo­cus on can­di­dates and cam­paigns, we must do our own re­con­nais­sance, us­ing cy­ber sit­u­a­tional aware­ness to ex­am­ine mil­lions of so­cial sites, cloud-based file shar­ing sites and other points of com­pro­mise across a multi-lin­gual, global en­vi­ron­ment span­ning the vis­i­ble, dark and deep web. With this in­for­ma­tion we can be bet­ter armed to deal with ma­li­cious ac­tiv­ity in the short term, and take a strate­gic ap­proach to more ef­fec­tive de­fenses on this new front in the long term.

Alas­tair Pater­son, CEO and Co-Founder of Digital Shad­ows

Newspapers in English

Newspapers from Kuwait

© PressReader. All rights reserved.