As the US presidential election draws ever-closer, there is growing concern among the security community about the effect cyber-criminals are having on the outcome of the voting process.
Spy agencies are becoming ever-keener to gain access to and exploit the sort of sensitive data that can inform their geopolitical movements and allow them to effectively pivot to address changes in an administration or new international policies that may occur after a new President takes over.
This is, of course, a particularly sensitive issue – citizens take a great deal of time in deciding where their vote goes and so the possibility of hackers using malicious, electronic means to interfere with this marks a game-changer for information security professionals.
This was highlighted in a recent Tripwire survey which found that almost two-thirds of security pros quizzed at the Black Hat conference in Las Vegas think hackers are directly influencing the election, with 82% saying state-sponsored attacks should be considered acts of cyber-war.
This is no doubt a knock-on effect of the significant compromises of sensitive Democratic National Committee information that we have witnessed over the last few months, which are suspected to have been carried out by Russian hackers who are seeking to disrupt the election process.
“With the recent hacks surrounding the 2016 election, espionage via hacking has entered the public consciousness perhaps more than ever before,” Eric O’Neill, national security strategist at Carbon Black, told Infosecurity. “I think the public will begin to view such attacks as warfare when a state-sponsored campaign takes out the energy grid, for example, or targets major national infrastructure with the clear intent to injure or kill. However, there is often a fine line between espionage and war.”
Hacking is nothing more than the necessary evolution of espionage, added O’Neill. The new ‘hackers’ are criminals and spies who have pivoted to survive in a new age of information theft.
“They are devious, sophisticated, technologically proficient, often well-funded, and leverage traditional espionage techniques to perpetrate cyber-penetrations. As long as geopolitical relationships exist, we’ll likely still see espionage via hacking.”
What’s more, Tripwire’s research drew attention to the fact that there's still little consensus on what an appropriate response to state-sponsored hacking should be, with almost half (44%) of respondents not convinced that a ‘self-defense right’ to retaliate will improve national or global cybersecurity.
This is something that absolutely needs to be addressed by the powers that be, and it's time for discussions to be held that define exactly what is considered cyber espionage/war and what constitutes an appropriate response. However, as O’Neill argues, until there is a consensus in place, the onus is on security professionals to ensure they are doing all they can to keep critical data safe from state-sponsored interference in the build up to elections.
“To defeat cyber-espionage, cybersecurity professionals must disrupt this cycle of ‘attack – locate and remediate breach – attack.’ This disruption occurs when cybersecurity inserts itself in the cycle before the attack occurs by defending the endpoint, controlling applications, sharing knowledge about possible intrusions among the cyber community, and ACTIVELY hunting for threats. This disruption requires the cybersecurity professional to take an active role in defending against a predator by becoming a spy hunter.”