Posts

Trump Russia Investigation Update: Did Campaign HELP Russians Plot Disinformation Strategy?

Honestly, we don’t know yet. There was a time when our voting preferences, our political leanings, our policy choices were our own business. Now they are someone else’s business, quite literally. There are so many stories coming out about Donald Trump’s connections to and collusion with the Russians that it is getting hard to keep these accusations straight. Here’s the latest:

Trump Russia Investigation Update

The key word is help. As in, actively provide information that the Russians may not have been able to discover on their own. “Help” is not a synonym for encourage, appreciate or enjoy.

Without getting too political (because after all, this is a cyber security blog), here are the basics of the Trump-Russia Investigation from a cyber security perspective:

  1. The Trump campaign had possession of a huge amount of information about American voters from Cambridge Analytica, the data mining firm hired to help collect and use social media information to identify and persuade voters to vote (or not vote), through an activity known as political micro-targeting.
  2. Jared Kushner, the president’s son-in-law and now a senior adviser in the White House, was head of digital strategy during the campaign, meaning he was overseeing this effort to micro-target voters.
  3. The Russians unleashed bots, or robotic commands, that swept across the Internet and picked up fake news stories or harshly critical news stories about Hillary Clinton and disseminated them across the United States. By Election Day, these bots had delivered critical and phony news about the Democratic presidential nominee to the Twitter and Facebook accounts of millions of voters.
  4. Some investigators suspect the Russians micro-targeted voters in swing states, even in key precincts where Trump’s digital team and Republican operatives were spotting unexpected weakness in voter support for Hillary Clinton.

So the question is this: Did the Trump campaign, using what we assume to be lawfully-obtained micro-targeted voter intelligence, give access to the Russians so that they could point harmful disinformation campaigns at those vulnerable  jurisdictions?

Many top security analysts doubt Russian operatives could have independently “known where to specifically target … to which high-impact states and districts in those states.” As Virginia Sen. Mark Warner said recently, “I get the fact that the Russian intel services could figure out how to manipulate and use the bots. Whether they could know how to target states and levels of voters that the Democrats weren’t even aware (of) really raises some questions … How did they know to go to that level of detail in those kinds of jurisdictions?”

And that is Senator Mark Warner’s mistake – that the micro-targeting had to be so specific that it only hit potential Trump voters in certain jurisdictions. It did not. The campaigns could have been aimed at every person in that state, let alone the jurisdiction, only touching the opinions of those who were ready to hear the message. A phishing campaign isn’t sent only to those people in an organization most vulnerable to that type of social engineering – it is sent to everyone, and the most vulnerable are the only ones that respond. Similarly, it was good enough for Russia to cast their anti-Hillary message in the general vicinity of the target; there was no need for a bullseye to render the disinformation campaign to be effective. Those who received the message but were slightly outside of the voter profile or geographical jurisdiction simply recognized it for what it was, false news. The rest were unethically influenced.

But we don’t know yet if there is a connection between the micro-targeting big data purchased by the campaign and the Russian botnet disinformation attack.  We do know, however, that Russia attempted to influence the outcome of the election – and that is what we as cyber security experts, must focus on. 

Either way – collusion or not – the implications against our privacy (let alone the political ramifications of foreign entities influencing our election process) are huge. Remember, the Trump campaign had obtained this huge volume of information on every voter, maybe as much as 500 points of data from what kind of food do they eat to what are their attitudes about health care reform or climate change. And yes, I’m sure the Democrats had much of the same information and probably didn’t “play fair” either. The point is that we have gotten so far beyond just accepting that our personal information is readily available and easily manipulated that no one is even bringing up that part of the story.

We, America, have been lulled into allowing everyone else – corporations, our government, even foreign nations – to have more access to our data footprint than even we do. 

John Sileo is an an award-winning author and keynote speaker on cyber security. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

Investigate Russian Hacking for Security, Not Politics (and get on with governing)

Our national security depends on cyber security, and Russian hacking threatens those defenses. Every day that I come to work, I see an erosion of traditional power structures at the hands of increasing cyber threats. The hacking of Yahoo by Russian operatives and the DNC are two such examples that have potentially shifted the balance of power from our marketplace and political sphere into the hands of Vladimir Putin, Russian cyber criminals and anyone piggybacking on their technology. Now that Roger Stone, an administration advisor, has admitted to contact with the DNC hacker (Guccifer 2.0), the ties are too direct to ignore. But we shouldn’t be doing this for purely political reasons, we should be doing it to clear our President and his administration of wrongdoing so that they can go on about governing the country and implementing their vision. 

If we don’t investigate the potential Russian hacking of the DNC with a thoroughness similar or better than the Yahoo hack, we are as much as admitting defeat in the cyber realm and simultaneously suggesting a coverup for political expediency. This isn’t about a single politician, this is about an entire political system. Cyber IS the new warfare, and we as a nation can acknowledge it now or after it is generally too late (which is what most corporations do). We don’t just need to get to the bottom of administration involvement, we need to get to the bottom of how Russian has inserted itself firmly in the midst of our democracy via hacking, trolling and kompromat (a Russian term for compromised materials, like hacked emails and tax records). 

Here are my recommendations for proceeding to have a neutral investigation of the charges so that we can clear our President and move on to discovering the source or our weakness: 

  1. Name a bipartisan select committee to investigate the alleged Russian hacking of our presidential election and President Trump’s ties to Russia. As they say, sunlight is the best disinfectant, and I’m certain that the administration has nothing to hide. But doing nothing sends exactly the opposite message – one of coverups and collusion for the sake of an election. 
  2. Since both Intelligence Committee Chairmen, Senator Burr and Representative Nunes, have close ties to President Trump, their involvement gives the appearance of bias. Taking a page from the book of Attorney General Sessions, both should recuse themselves from the investigation to eliminate all accusations of impropriety. 
  3. Appoint a well-respected Republican to chair the investigation so that it will be neutral, aggressive and fair. This is the only way to quiet the suspicion of corruption. Again, since the administration has nothing to fear, this is the only way to make the findings credible. To have colluded with Russia in any way would have been political suicide, so let’s prove this conversation false once and for all. 
  4. As part of it’s process, the committee would be wise to review Trump’s tax returns (in a confidential, non-public setting) to dispel any beliefs about his business or financial ties to Russia (of which he has assured us there are none) and extinguish two myths with a single stroke. 
  5. Commission an external, forensic cyber-penetration test to determine where the weaknesses lie within our cyber security so that loopholes can be closed before the next attack. This MUST be an external audit because there is too much at stake to leave this to governmental IT teams just trying to keep their jobs. Like students grading their own papers without oversight, unscrutinized self-assessments are necessarily faulty assessments. 

The end game of this investigation should be apolitical and focused on righting the cyber weaknesses inherent in our national cyber infrastructure.

John Sileo is the award-winning author of Privacy Means Profit (Wiley & Sons), a cyber security expert and a keynote speaker on all topics involving cyber security training. Contact him directly here.

Happy About the Election Hacking of Your Presidential Vote?

Election Hacking Confirmed: The NSA, CIA and FBI have universally concluded that Russian President Vladimir Putin interfered with and  quite possibly changed the outcome of our Presidential election. Regardless of who you voted for, your vote has been hacked. If you are a Clinton supporter, you face the prospect of your candidate having lost the election due to manipulation. If you are a Trump supporter, it’s possible that our future President’s mandate and credibility have been significantly undermined and eroded.

This is a major loss for both sides of the political spectrum – it is a massive loss for America as voiced by politicians both Republican and Democrat. In case you haven’t had time to keep up with the findings of the Director of National Intelligence, here are the nuts and bolts of what the NSA, CIA and FBI agreed on unanimously and with high confidence (a nearly unprecedented occurrence in intelligence history).

As quoted or summarized from the non-partisan report:

  • “Putin ordered an influence campaign aimed at the US presidential election” in order to “undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency.”
  • “Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton.”
  • Putin held a grudge against Clinton because he publicly blamed her for inciting mass protests against his regime in late 2011 and early 2012.
  • “Putin publicly pointed to the Panama Papers disclosure [which implicated many of his wealthy friends and political supporters] and the Olympic doping scandal [which embarrassed him publicly] as US-directed efforts to defame Russia.” [Explanatory emphasis mine]. The hacking of the US election is seen to be a retaliatory effort against those and other perceived slights against his leadership.
  • “Russian intelligence services collected [information] against the US primary campaigns, think tanks, and lobbying groups they viewed as likely to shape future US policies.”
  • The GRU [Russian military intelligence] used fake media outlets like DCLeaks.com to disseminate hacked emails from the DNC, Colin Powell and John Podesta [Clinton’s campaign manager] in a massive traditional media and social media campaign aimed at undermining the Clinton candidacy.
  • Russian media hailed President-elect Trump’s victory as vindication of Putin’s advocacy of global populist movements – the theme of Putin’s annual conference for Western academics in October 2016 – and the latest example of Western liberalism’s collapse.

Trump has continued to downplay and even deny Russia’s role in influencing the election, despite overwhelming evidence from every American intelligence agency. Can you blame him? For Trump to give Russia or Putin credit would be to undermine his own legitimacy and claim to the presidency. After all, who wants to feel like they won the election as a byproduct of someone else cheating on their behalf?

This is where we get to see what Congress is made of. Will they bury the story to protect their new leader and risk the stability and credibility of our country? If not, Putin will have achieved his ultimate goal – significantly weakening our democracy.

Can Size of Trump’s Hands Explain DNC Hack?

Not unlike the purported size of his hands, Donald Trump has a rather small file of publicly known information compared to those who have been in the political spotlight for many years. That could be one of the motivating factors behind the recent hacking of the Democratic National Committee. While the size of Trump’s hands has little to do with any serious conversation, it does remind us that foreign nation states are highly motivated to collect the private information of powerful people. 

The DNC revealed recently that two groups had gained access to their information; one (dubbed Cozy Bear) had been monitoring the committee’s emails and chats for as long as a year. The other, “Fancy Bear”, hacked into the DNC in April to get opposition research files and was able to gain access to all of the DNC’s research staff computers.

The DNC said that no financial, donor or personal information appears to have been accessed or taken, suggesting that the breach was traditional espionage, not the work of criminal hackers. They suspect hackers used spearphishing emails to gain access. The DNC, who became aware of a possible beach after noticing “unusual network activity”, immediately contacted CrowdStrike to shut down the intrusion. CrowdStrike attributes the hack to Russian government hackers (although an individual calling himself Guccifer 2.0 has claimed responsibility and even released supposed documents). The two groups have hacked government agencies, tech companies, defense contractors, energy and manufacturing firms, and universities in the United States, Canada and Europe as well as in Asia. Cozy Bear, for instance, compromised the unclassified email systems of the White House, State Department and Joint Chiefs of Staff in 2014.

The Why Behind the DNC Hack

Naturally, other countries have a keen interest in the U.S. presidential election because they will have to deal with the particular policies, strengths and weaknesses of a potential future president. The emails and chats they’ve been able to observe probably contained very informative strategy and analysis.

As for the information on Trump, which was largely news stories, court documents and video clips that anyone could gather, what makes it so valuable is due to the fact that he has one of the shortest political resumes of any modern presidential candidate. The DNC has spent the better part of a year gathering research going back years on Trump. Rather than spend their own time aggregating data on trump, the hackers simply stole from the DNC.

Foreign governments would want to know, for example, about Trump’s foreign investments in order to understand how he would deal with countries where he has those investments should he be elected.  They may also want to know about his style of negotiating.

As the Presidential Election nears and the rhetoric ramps up, expect to see additional breaches of political data. The DNC Hack is a perfect example of politically motivated cyber espionage that has nothing to do with financial gain. Has your organization identified and protected its critical information assets? Failing to do so might allow your risk to get out of hand. 

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.