Posts

Anonymous vs Russia (Ironically) for Ukraine

Who thought that Anonymous vs Russia would be the top billing cyber event of the Russian invasion of Ukraine? We watch in horror and disgust as Russia continues its assault on the Ukrainian people. Tanks roll down streets, missiles are launched, neighborhoods are shelled and innocent civilians are killed. Some things never change in war.

As each new conflict begins in our modern age, in addition to military weapons being used, it is inevitable that we also now must consider the other weapon at the disposal of Vladimir Putin: Cyber Warfare.

Russia, which has a history of launching cyberattacks against other countries, particularly Ukraine, could shut off power (as they did in 2015 and 2016), disrupt communications, destroy technology capabilities (as the NonPetya malware attack did in 2017) and cause further chaos and hardship in the lives of Ukrainians. At this writing, there have been some Distributed Denial of Service (DDoS) and malware attacks, but the effects have not been as devastating as past attacks.

In addition to the government-sanctioned hackers, cybercriminals and hacktivists have become involved. This includes the infamous hacker collective known as Anonymous, who has claimed credit for several cyber incidents in the Anonymous vs Russia battle. This includes DDoS attacks that have shut down Russian government websites and Russia Today. The hackers were able to post pro-Ukraine content, including patriotic songs and images from the invasion – something the average Russian citizen would never see on the state-backed news service.

Russia Today openly attributed the problems with its website to Anonymous, and claimed the attacks came from the US. Of course, the major concern is that Russia will not only turn their cyber sights on Ukraine, but on any country imposing sanctions or otherwise openly supporting Ukraine. So far, the cyber activity has been limited, but that could change and many warn that the US and others should be on high cyber alert, especially for those in critical sectors such as finance and health care.

A slew of other players have entered the field, from Facebook, YouTube and Twitter banning content  by Russian state media to Elon Musk providing satellite internet access to Ukraine via his Starlink satellites to Ukrainian citizens forming an “IT Army” to launch digital attacks that take down sites sharing Russian propaganda.

There are two major longer-term concerns about the “open season” for hackers this has created. One is that due to the urgency of this crisis, there is a strong possibility of digital errors and unintended consequences, such as excessively destructive malware or unintended collateral damage. Hacking events by non-governmental entities could also be mistaken for government-backed hacks and lead to escalating retaliation that could force the United States (and Allies) into a larger, ongoing cyber conflict with Russia.

The most eye-opening aspect of the conflict is the realization that cyber warfare is being used in a hostile act of war for the first time. In addition to theaters of war on land, in the air, on the water and from space, there is now the additional arsenal of cyberattacks that will change warfare forever.

 

John Sileo is a sought-after keynote speaker who focuses on the human elements of cybersecurity, including the implications for cyber warfare. His clients include the Pentagon, Homeland Security and Charles Schwab. Bring John in to educate and engage your group on how to avoid the disastrous data breach headlines that destroy profits and reputation. 303.777.3221 to learn more. 

Trump Russia Investigation Update: Did Campaign HELP Russians Plot Disinformation Strategy?

Honestly, we don’t know yet. There was a time when our voting preferences, our political leanings, our policy choices were our own business. Now they are someone else’s business, quite literally. There are so many stories coming out about Donald Trump’s connections to and collusion with the Russians that it is getting hard to keep these accusations straight. Here’s the latest:

Trump Russia Investigation Update

The key word is help. As in, actively provide information that the Russians may not have been able to discover on their own. “Help” is not a synonym for encourage, appreciate or enjoy.

Without getting too political (because after all, this is a cyber security blog), here are the basics of the Trump-Russia Investigation from a cyber security perspective:

  1. The Trump campaign had possession of a huge amount of information about American voters from Cambridge Analytica, the data mining firm hired to help collect and use social media information to identify and persuade voters to vote (or not vote), through an activity known as political micro-targeting.
  2. Jared Kushner, the president’s son-in-law and now a senior adviser in the White House, was head of digital strategy during the campaign, meaning he was overseeing this effort to micro-target voters.
  3. The Russians unleashed bots, or robotic commands, that swept across the Internet and picked up fake news stories or harshly critical news stories about Hillary Clinton and disseminated them across the United States. By Election Day, these bots had delivered critical and phony news about the Democratic presidential nominee to the Twitter and Facebook accounts of millions of voters.
  4. Some investigators suspect the Russians micro-targeted voters in swing states, even in key precincts where Trump’s digital team and Republican operatives were spotting unexpected weakness in voter support for Hillary Clinton.

So the question is this: Did the Trump campaign, using what we assume to be lawfully-obtained micro-targeted voter intelligence, give access to the Russians so that they could point harmful disinformation campaigns at those vulnerable  jurisdictions?

Many top security analysts doubt Russian operatives could have independently “known where to specifically target … to which high-impact states and districts in those states.” As Virginia Sen. Mark Warner said recently, “I get the fact that the Russian intel services could figure out how to manipulate and use the bots. Whether they could know how to target states and levels of voters that the Democrats weren’t even aware (of) really raises some questions … How did they know to go to that level of detail in those kinds of jurisdictions?”

And that is Senator Mark Warner’s mistake – that the micro-targeting had to be so specific that it only hit potential Trump voters in certain jurisdictions. It did not. The campaigns could have been aimed at every person in that state, let alone the jurisdiction, only touching the opinions of those who were ready to hear the message. A phishing campaign isn’t sent only to those people in an organization most vulnerable to that type of social engineering – it is sent to everyone, and the most vulnerable are the only ones that respond. Similarly, it was good enough for Russia to cast their anti-Hillary message in the general vicinity of the target; there was no need for a bullseye to render the disinformation campaign to be effective. Those who received the message but were slightly outside of the voter profile or geographical jurisdiction simply recognized it for what it was, false news. The rest were unethically influenced.

But we don’t know yet if there is a connection between the micro-targeting big data purchased by the campaign and the Russian botnet disinformation attack.  We do know, however, that Russia attempted to influence the outcome of the election – and that is what we as cyber security experts, must focus on. 

Either way – collusion or not – the implications against our privacy (let alone the political ramifications of foreign entities influencing our election process) are huge. Remember, the Trump campaign had obtained this huge volume of information on every voter, maybe as much as 500 points of data from what kind of food do they eat to what are their attitudes about health care reform or climate change. And yes, I’m sure the Democrats had much of the same information and probably didn’t “play fair” either. The point is that we have gotten so far beyond just accepting that our personal information is readily available and easily manipulated that no one is even bringing up that part of the story.

We, America, have been lulled into allowing everyone else – corporations, our government, even foreign nations – to have more access to our data footprint than even we do. 

John Sileo is an an award-winning author and keynote speaker on cyber security. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.