Last week, President Barack Obama ordered a full review into claims that the 2016 presidential election was tainted by Russian hacking, to be completed before the President-elect Donald Trump takes office on Jan. 20, 2017. In the months leading up to the election, e-mail break-ins were reported by the Democratic National Committee, the Democratic Senatorial Campaign Committee and Clinton campaign Chairman John Podesta.
In a joint statement issued in October, all 17 agencies in the Intelligence Community agreed that the Russian government was behind this cyber activity, and that it was intended to interfere with the US election process. While there is no consensus within the intelligence community as to whether the hacking was a deliberate move to help elect Trump, many prominent Republicans and Democrats have insisted that this should not become a partisan issue. Although both Russia and China have engaged in cyber espionage against the United States for years, this type of interference with the U.S. election system is seen to be unprecedented.
Jamie Winterton
ASU cybersecurity expert Jamie Winterton discusses the extent, impact and meaning of this type of hacking, and to consider possible solutions moving forward. Winterton is the director of strategic research initiatives with Arizona State University’s Global Security Initiative, which focuses on defense and security research with a special emphasis on cybersecurity.
Question: What is the “apparatus” or system for these operations? Are most of these Russian hackers working for the government or operating independently?
Answer: It’s worth noting that many other countries have a different relationship with hackers than the US government does. For the most part, the US government keeps hackers at arm’s length. In other countries, Russia included, hackers often work closely with government.
Analysis by CrowdStrike found that much of the work done on the DNC hack was performed from 8am to 8pm Moscow time which indicates that this was a more organized, official operation, rather than unaffiliated individuals. The sophistication and breadth of some of these methods also indicates a coordinated effort. It’s hard to pull off advanced persistent threat (APT) activities as a single hacker or loose collective.
Q: What do you think is the likelihood that Russian hackers interfered with the US elections?
A: Nations interfering with each others’ elections isn’t new — that’s been happening for decades, at least — but the electronic networks we rely upon bring a whole new set of issues to the game. Attribution — knowing who’s doing what in cyberspace — is an incredibly difficult problem. That said, there is evidence that Russia was involved in the election in multiple ways, such as breaking into voter registration databases and the DNC email server. It’s important to note that no evidence has been found that the vote tallies themselves were hacked — and there are far easier ways to influence an election outside of vote-counting software.
Q: Going forward, what can be done to slow or stem these intrusions?
A: First, we should establish national standards for election hardware and software. Complexity is rarely good for security, and right now, we have an insanely complex system. Managing software updates and security upgrades is nearly impossible. And it’s not just a complex system — it’s one that’s too old. Election officials are stockpiling old parts, buying them from eBay because they aren’t available from the manufacturer any more.
Second, we need a routine audit of every election, whether they’re contested or not. The most secure networks include continual monitoring to characterize and alert for abnormal activity. Our election systems should as well.
Finally, we need to verify our information sources while at the same time protecting free speech. There’s been a lot of talk about the effect that “fake news” had on the election. Whether that misinformation comes from a foreign entity or domestic, we can’t ignore the social element of democracy when it comes to securing the vote.
Q: We often use the term “cyberwarfare.” Do you see this as a form of war?
A: I’m leery of the term "cyberwar" because it draws false equivalences with conventional warfare. When we think of war, we think of two nation states attacking each other in well-defined, kinetic, easily quantifiable ways. Operations in cyberspace are vastly different. There can be physical damage inflicted via cyberattack, but not always. An attack on the power grid could result in physical damage (and even loss of life). But often the results are not physical. They can be economic; sometimes they impact confidence or morale. The actors are often unknown, they may not even belong to any organized group, much less one that occupies set geographic boundaries. There is no easily defined ‘proportional response.’ We’re experiencing a sea change in attack and defense; we should create a unique term that reflects this new reality.
More Science and technology
3 ASU faculty members earn highest honor for early-career scientists, engineers
Three faculty in The College of Liberal Arts and Sciences at Arizona State University have been awarded the Presidential Early Career Award for Scientists and Engineers, or PECASE, by former…
The Polytechnic School at ASU hits milestone mark at 10 years
The year was 2014.Taylor Swift released “1989.” "Frozen” and its soundtrack were stuck in the minds of many.Facebook was still the most popular social media site, and “Happy” by Pharrell…
Study finds cerebellum plays role in cognition — and it's different for males and females
Research has shown there can be sex differences between how male and female brains are wired.For example, links have been made between neurobehavioral diseases — such as attention-deficit/…