The 2016 presidential election put the spotlight on cybersecurity in a way that no one could have imagined ahead of time. When we looked at cybersecurity as an election issue earlier this year, the focus was on how cybersecurity policy in general might emerge as a campaign issue in relation to issues such as privacy and surveillance.

Instead, cybersecurity became a leading driver of the presidential campaign — including concerns about security posture of the election itself. In the process, the election offered many cybersecurity lessons, and a year of teachable moments about protecting data and networks.

Cybersecurity Lessons From the Campaign Trail

Most recent public and business awareness about data security has revolved around personally identifiable information (PII), especially financial information such as credit card data. Consumers fear identity theft and companies fear theft of customers’ account data.

Thanks to the presidential election, we have all learned — again — that email is insecure. It can easily be compromised and released online with potentially dramatic consequences. It is unlikely that analysts will ever be able to conclude whether controversies over email had a major impact on the election, but the very word became an effective campaign slogan.

More Than Meets the Eye

At the basis of this surprising turn are issues related to how email is secured and the consequences of email being compromised, whether it contains classified materials or merely unguarded and potentially embarrassing remarks. These considerations figured into the high-profile Sony breach of 2014, but the election brought them back into the public spotlight. The lesson here is applicable beyond just email: All kinds of unstructured data, such as social media content, is potentially sensitive and potentially vulnerable to compromise.

Similarly, the cybersecurity lessons of the 2016 election extend to the election process itself. Worries about compromised voting machines are not entirely new, but they were front and center this year. The Department of Homeland Security (DHS) also warned that state election systems were being probed and encouraged officials to share information regarding election cybersecurity.

Cybersecurity in the National Spotlight

The 2016 election ultimately went smoothly, with unexpected results but no hint of cybercrime. U.S. elections are, in fact, difficult to breach. This is partly because they are decentralized, carried out by thousands of local authorities, and partly because voting machines are simple devices and not connected to the internet, even where votes are tabulated electronically.

Nevertheless, election security has now emerged as a key component of national security policy. Although there was little formal discussion about cybersecurity as a policy issue, the 2016 election offered countless cybersecurity lessons and informed the public about the need to protect all kinds of information, not just financial or health data.

Security Intelligence

The White House confirmed that the potential for election hacking led to using the special "red phone" to contact Russia eight days before the U.S. presidential election and issue a warning about influencing the process.

The original report said the White House used a secret "hotline"-style message on October 31st to clearly ask Russia to stop any cyberattacks that could undermine the election results. Anonymous White House officials told The Washington Post about the election hacking warning and said the Russian government response was "noncommittal." Even so, the officials said they hadn't seen an escalation in cyberattacks from Russia leading up to the election.

In a statement to The New York Times¸ the White House confirmed it had "contacted the Russian government directly regarding malicious cyberactivity" that was "targeting U.S. state election-related systems" using the Washington-Moscow Direct Communications Link connecting the Nuclear Risk Reduction Centers in both countries.

Cyberattacks attributed to Russia have been so plentiful this year that the White House previously admitted to considering "proportional response" to election hacking by the Russian government following attacks on voter registration systems and the Democratic National Committee. These attacks, as well as the breach of Clinton campaign chairman John Podesta's email account, were attributed to Russian hacker groups allegedly under orders by the Russian government.

Konstantinos Karagiannis, CTO of security consulting at BT America, said via Twitter that the leaks from these attacks likely prompted the warning.

Privacy Professor CEO Rebecca Herold said the leaks imply Russia's intent was likely to influence the election rather than perform direct election hacking. But, she said the White House's warning may been aimed at stopping more leaks in the lead-up to the election.

"It is likely Russia had just as much information, emails, and databases from the Republicans as they did for the Democrats (reports indicated the GOP systems were just as weak and vulnerable as the DNC's were), but chose to only release select information about the DNC, Clinton, and others, and possibly use it in other ways as well, to influence voters," Herold told SearchSecurity via email.

FBI Director James Comey said in September that state voter registration systems had been targeted by malicious actors and the Department of Homeland Security offered to help states to make sure systems were protected against potential election hacking. However, Comey also assured the public that the presidential election itself would be "very, very hard for someone to hack into because it's so clunky and dispersed."

Herold agreed that hacking of any election system was unlikely but Russia's attacks on voter registration databases would have provided "such things as voting histories, political group memberships, cause group memberships, addresses, polling and survey results, etc."

"It is feasible for such data to be run through big data analytics to determine the topics for which the voting population groups would have the most concerns, and thus the topics and/or specific types of hacked information that could be publicized with regard to each of the candidates to potentially help sway the voters to switch votes to the other candidate, or to even kill their motivation to even vote at all," Herold said. "If Russia had such data, and wanted to use it to try and make one candidate look bad, the other good, etc., that is how they would be viewed as influencing, or 'hacking' the election."

Next Steps

Learn how predictive modeling and forecasting failed to pick the election winner.

Find out why experts feared voting machine hacks during the general election.

Get info on the president-elect being silent on cybersecurity.



Find more PRO+ content and other member only offers, here.

SearchSecurity: Security Wire Daily News

Two US lawmakers who are members of their respective intelligence committees said Thursday that a spate of recent cyber attacks suggests Russia is trying to disrupt the November election.

"Based on briefings we have received, we have concluded that the Russian intelligence agencies are making a serious and concerted effort to influence the US election," said a statement from Senator Dianne Feinstein and Representative Adam Schiff, both Democrats from California.

"At the least, this effort is intended to sow doubt about the security of our election and may well be intended to influence the outcomes of the election -- we can see no other rationale for the behavior of the Russians."

US officials have stopped short of blaming Moscow for the wave of computer intrusions, but many analysts have said the attacks appear to be from Russian hackers.

Feinstein and Schiff, who as members of their intelligence committees receive classified briefings, said they believe that the hacks "could come only from very senior levels of the Russian government" and called in Russian President Vladimir Putin "to immediately order a halt to this activity."

"Americans will not stand for any foreign government trying to influence our election," they said.

"We hope all Americans will stand together and reject the Russian effort."

The recent breach of Democratic National Committee data, along with other electronic intrusions, has raised concerns about cyber incidents that could affect the outcome of the US presidential race, or other contests.

The campaign of Democratic presidential candidate Hillary Clinton said one of the hacks had accessed an analytics data program.

Cybersecurity experts see a potential for more hacks and incidents in the coming months which could hurt the integrity of the election campaign.

Related: XTunnel Malware Specifically Built for DNC Hack

view counter

© AFP 2016


SecurityWeek RSS Feed

The US homeland security chief said Friday authorities have confidence in the integrity of electoral systems despite growing cybersecurity threats.

Department of Homeland Security Secretary Jeh Johnson offered his agency's assistance to state and local election authorities in protecting voting systems.

Johnson's comments come amid reports of cyberattacks on Democratic Party systems and on voter databases in some jurisdictions. Some reports have said Russia may be behind some attacks, although US officials have not confirmed this.

"In recent months, we have seen cyberintrusions involving political institutions and personal communications," Johnson said in a statement. "We have also seen some efforts at cyberintrusions of voter registration data maintained in state election systems. We have confidence in the overall integrity of our electoral systems. It is diverse, subject to local control, and has many checks and balance built in."

Nonetheless, Johnson added that "we must face the reality that cyberintrusions and attacks in this country are increasingly sophisticated, from a range of increasingly capable actors that include nation-states, cyber hacktivists, and criminals. In this environment, we must be vigilant."

The Department of Homeland Security "stands ready to assist state and local election officials in protecting their systems" as it does for private businesses and other organizations, he added.

He noted that DHS does not take over systems or regulate them but can offer "cyber hygiene scans" and other tools to help identify vulnerabilities.

DHS also will publish "best practices" for securing voter registration databases and addressing potential threats to election systems from ransomware.

"In recent weeks, a number of states have reached out to us with questions or for assistance," he said. "We strongly encourage more state and local election officials to do so."

Related: XTunnel Malware Specifically Built for DNC Hack

Related: FBI Probes Democratic Email Hack, but is Russia to Blame?

Related: FBI Investigating Democratic Party Email Hack

view counter

© AFP 2016


SecurityWeek RSS Feed

The FBI is taking "very seriously" the possibility a foreign country is trying to meddle with America's electoral process and even influence voting outcomes, the agency's director James Comey said Thursday.

US agencies, companies and individuals are frequently targeted by overseas hackers, and Democratic presidential nominee Hillary Clinton's campaign has accused Moscow of hacking into Democratic National Committee (DNC) emails.

The recent breach of DNC data, along with other electronic intrusions, has raised concerns about cyber incidents that could affect the outcome of the US presidential race, or other contests.

FBI agents "take very seriously the notion that a state actor is messing someway in our electoral process -- whether that is to disrupt, to influence, to sow discord, or to create doubt," Comey said at a Washington security summit, without specifically mentioning Russia.

The FBI is "working very hard" to understand the size and scope of any hacking attempts, he said, but tried to reassure the public that the old-fashioned way of tallying ballots in many states protects them from hackers.

"The actual vote counting in this country tends to be kind of clunky, in a way that's a blessing because it makes it more resilient," he said.

Director of National Intelligence James Clapper on Wednesday said Russia hacks US computer networks "all the time."

view counter

© AFP 2016


SecurityWeek RSS Feed