December 9, 2016 – Could Russian hackers have laid the groundwork for a Donald Trump victory in the November presidential vote? The former head of the national security division in the U.S. Justice Department is quoted this week saying “we may have crossed a new threshold here.” President Obama has asked his intelligence agencies including the Federal Bureau of Investigation (FBI) to report on what appears to be evidence of stolen emails and potential interference with the vote-counting systems.
In a recent article appearing in Bloomberg Technology, Chris Strohm writes that the incursions by Russian hackers also used social media to influence the election outcome. He writes, “Material stolen by Russia’s intelligence services was feverishly promoted by online personas and numerous fake accounts through links to leaked material and misleading narratives.”
The evidence of this comes from FireEye, a company that tracks Russian and Chinese hackers making attempts to break into U.S. computer systems. Strohm quotes David DeWalt, Chairman of FireEye who states, “The dawning of Russia as a cyber power is at a whole other level than it ever was before…..We’ve seen what I believe is the most historical event maybe in American democracy history in terms of the Russian campaign.” The Russians not only hacked the Democratic Party’s email servers and then gave the contents to whistle blowers to put on the web, but also created fake news largely denigrating to Hillary Clinton, which was then spread through the Facebook and Twitter universe using artificial intelligence bots to do postings. FireEye mapped the Russian campaign identifying six key false “hactivist” personas including Guccifer 2.0, DC Leaks, Anonymous Poland and Fancy Bears’ Hack Team. Bots automatically spread the misinformation through fake social media accounts to generate a significant volume of lies and deception. More legitimate whistle blowers like Gawker and Smoking Gun were sent material which they then spread not knowing its legitimacy or illegitimacy. Even legitimate journalists were offered stolen and false information from false email accounts. And FireEye states that the activity post-election continues.
Chairman of the House Homeland Security Committee, Michael McCaul, Republican, from Texas referred to the hacking as a “wake-up call.” John McCain, Republican Senator from Arizona has also called for hearings on Russian cyber activity.
Worldwide the problem is just as severe. Back in September the German government and industry described 20 daily hacks of sensitive networks. Volkswagen reported 6,000 attacks per day and one in five German companies noted attempted or successful hacks of internal networks. Yesterday, Germany’s head of federal security, Hans-Georg Maassen, warned of Russian tampering with the upcoming 2017 election with the goal to “weaken or destabilize the Federal Republic of Germany.” As in the United States the Germans claim that Russia is financing misinformation campaigns using state actors to launch cyberattacks. To underscore the level of exposure, this week German steelmaker, ThyssenKrupp, reported a massive cyber attack that started in February and ran through April. Project data from the company’s engineering division was stolen.
A report on the extent of the Russian hacks will be useful to help the U.S. government, others nations and businesses to better understand how to shore up defences. But what other actions can be taken? Is this the first round in what will become a cyberwar between nations and businesses?
In a recent IBM study it was found that 66% of organizations fail to recover from cyberattacks. Those companies participating in the study reported:
- 53% experienced at least one data breach in the past two years.
- 74% experienced threats caused by human error.
- 74% experienced malware incidents.
- 64% experienced phishing attacks
IBM reported that 2016 was one of the worst for cyberattacks with denial of service causing major web outages such as the October 21, 2016 attack that disrupted Paypal, Spotify, and Twitter. The attackers targeted Dyn, an Internet hub by using Internet-connected devices with embedded malicious code. The outage began in the Eastern United States and then spread to the rest of the country, Canada and Europe. The attack took down CNN, the New York Times, the Wall Street Journal and some Amazon-hosted business sites. Bruce Schneier, a security guru, believes that a country is behind the October 21st attack and that it was a test of the resilience of the system to overcome the security breach.
Russia, not wanting to be left out of being a potential cyber victim, stated in the last week that it too was being targeted by “foreign spy agencies” out to create chaos in its banking system. The attack was supposed to begin on December 5th originating from servers in the Netherlands. The Russians, however, claim that they parried the threat and that the “situation is under control.” At the time of the alleged attack Vice President of the United States, Joe Biden, had indicated to Russia that any cyberattack by them would be met with a proportional American response.
The United States currently has a lack of qualified information security people on board to fight back despite Vice President Biden’s “proportional response” remark. The industry is short about 200,000 to meet the current job listings. The U.S. federal government has called for 3,500 new hires by the end of 2016. Worldwide the shortage amounts to 1 million.
An answer to this decided lack of human security expertise is to bring artificial intelligence into the mix. This involves, states Amir Husain, CEO of SparkCognition, an artificial intelligence start up, “a diminished role for humans.” It’s not such a stretch when you consider every PC includes a firewall and antivirus software, pattern recogniton algorithms that help protect our home and office computer systems. Husain is just talking about upping the level of surveillance through more sophisticated software capable of responding to cyberattacks. DARPA, the Defense Advanced Research Projects Agency of the U.S. Department of Defense, recently organized a hacking competition which Mike Walker, DARPA program manager, describes as a way “to build autonomous systems that can arrive at their own insights, do their own analysis, make their own risk equity decisions of when to patch and how to manage that process.” IBM has also turned Watson, its cognitive technology, to the task of detecting cyberattacks and computer crimes by having it absorb everything in print on the subject.
States Husain, “Insofar as machines can sense and monitor the world in ways that go beyond our biological abilities, they will have greater insight – higher quality insight with more depth.”