Open up any decent history textbook and one can read about governments spying on each and trying to interfere with smooth operations, steal information and gain advantages over one another in technology development. One of the longest ongoing terms of espionage was between the Soviet Union and the United States in what is called “The Cold War.” The Soviets would spy on the Americans, and the Americans would spy on the Soviets.
After this period ended and the Soviet Union dissolved, it came to light just how vast and complex the espionage was on both sides. In the modern era, national intelligence agencies spy on each other for various reasons and the advent of the internet has made this a virtual free-for-all for interception of information and spying.
Recently it has come to light that Russia may have attempted to tamper with the United States’ federal election process. As of this writing, the United States government has acknowledged this intrusion and has begun taking action against the Russian government. This article is not about the politics of the situation.
Rather, it’s about the aspects of espionage as they pertain to cyber warfare and since the United States and Russia are in a cyber war with each other, we will examine some of the methods that can be employed by either side to disrupt or hinder each other.
Hacking a National Election Is Tougher Than You Think!
From a purely technical standpoint, to pull off nationwide election fraud is virtually impossible in the United States, especially for a foreign government.
Even if hackers were targeting strategic areas of swing voters, it would still be nearly impossible. The election process is a loose confederation of laws and voting methods that do not lend itself to widespread fraud. Allow me to explain here.
Consider that each state, county and city have their own standard for processing the election. Some use paper ballots that voters may have to punch. Other use paper ballots where a marker is used to draw lines, similar to the Scantron sheets we all used in school for test taking. Others use computerized ballots on computers that are not directly connected to the internet. To top it off, many places allow the voter to choose their method. To fully hack this kind of system would require manpower to physically tamper with machines, add more paper votes and also discard undesirable votes.
Every election season, reports of voter fraud are found, but the frequency is so low that it’s statically insignificant. So how could one national government or entity affect another’s election? In the same way, a government can keep control of its citizenship; information control.
Cyberwarfare 101: Disinformation and Exposing Secrets is Your Best Friend
If you cannot stuff the ballot box, then the next best method of disruption is to poison the pool of voters against their candidate of choice.
In a joint report published by the US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI), both agencies confirmed that Russian intelligence agencies were using Cyberattacks against US government infrastructure including political parties, think tanks, and major learning institutions which resulted in a compromise of United States Election Security.
By hacking into these networks and collecting sensitive data, the hackers were able to publicly release confidential information that had the effect of making one political party look less appealing than the other.
The bonus for the hackers is also that public confidence in the hacked organization would also wane. Who would want to donate money to a political party when their credit or banking information would be potentially exposed to hackers?
The New Arms Race: Not Quite Mutually Assured Destruction
In a Cyberwar, there are many avenues for attack and this latest incursion is designed to undermine the public’s confidence in their elected leaders and government.
It’s an effective tactic but as a Cyberwar ramps up, so does the direct impact to general public and government. As I’ve written previously, America’s infrastructure is at risk from Cyberattack and with a now escalating situation, it is possible we can see infrastructure attacks begin to rise.
Both sides of this potential conflict have been developing an arsenal of talented hackers and methods that are both cutting edge and rather dangerous to their opponents. Russia has proven themselves effective at disabling infrastructure through deep penetration and denial-of-service attacks, the most notable being knocking out Ukraine’s power grid and tying up phone systems during the period where Russia was annexing Crimea from Ukraine.
Not to be outdone, the United States is excellent at programming infections that are custom tailored to knock out specific equipment and also excel at data collection and analytics around the world.
Given the power and capability of each side, one would think that the logical solution is that a Cold War-era policy of “Mutually Assured Destruction” would be in effect. Here, each side might be unwilling to strike for fear of reprisal. However, that’s not the case.
Unlike nuclear detonations, a Cyberwar leaves all buildings and non-computer infrastructure standing. It can disrupt an economy, knock out essential services temporarily and expose secrets both governments would prefer to have left in the dark. Cyberwar can also give each side something that launching a missile doesn’t: plausible deniability.
The Toughest Confirmation of Attack: Proving They Are Who You Think They Are
In the joint report by DHS and the FBI, it states that Russian government actors would impersonate third party entities or people in an attempt to cover their tracks and use someone else as a scapegoat.
This is where confirmation of threats gets rather tricky.
The internet can offer excellent anonymity. Many angry people anonymously hide behind Twitter accounts and feel comfortable enough to rant and rave at others about everything.
I recently wrote an article about how I hacked into a CEO’s personal life by impersonating people in his life. In this respect, it’s possible to become virtually anyone online. I could turn myself into a Russian hacker, or anyone else for that matter, by routing my internet connection to local Russian IP addresses and by employing hacking methods known to whatever region I was spoofing.
Situations like this end up being nightmares for some law enforcement agencies. However, many intelligence agencies and private cybersecurity firms have a methodology to validate if a person is who they say they are, even at rather deep levels, that may employ validation beyond simple online methods.
The Next Steps in an Open Cyberwar
Now that the United States has declared sanctions against Russia for their alleged intrusion that may include a cyber-related response, the options for escalation on both sides are many.
The continuation of hacking and penetration will never stop on each side as there is always more information to steal and more networks to infect.
As we’ve been seeing a major rise in large scale denial of service (DoS) attacks lately, a next logical step would be for each country to begin using their bandwidth against each other in this manner.
Sabotage of infrastructure, such as electrical grids, financial systems and even against large corporations would also be in the cards as these attacks would have serious consequences for the society being attacked. The potential panic and chaos that could ensue are the stuff of horror movies.
Depending on how far each side is willing to go, it is also possible for actions to move beyond cyberspace and enter our physical world. Let’s just hope this potential hot war stays cold.
Learn How to Stop the Hacker
Start our Stop the Hacker Course! Shut down social engineers and malicious outsiders!