It's difficult for anything to cross
international borders faster than digital information. But the
convenience of technology that allows more than 2.6 million emails,
nearly 60,000 Google searches and 8,000 tweets to be sent each second inevitably puts the estimated 3.6 billion global internet users at risk of hacking.
"Our lives are powered by the technology we use.
It's how we communicate with the world and interact with the world,"
says Gadi Evron, an influential cybersecurity thought leader and founder
of the cyberdeception start-up, Cymmetria. "Whatever motive you have to
use a tool do something, someone else has the opposite."
A pencil can be used by one individual to write a
love note and another to write a hate note, just as a phone can be used
to communicate with someone or disrupt a conversation by listening in,
he says. And "the same is true for the internet, except it is much
faster and the systems are much, much more complex."
Hacking can be loosely defined as unauthorized
access to a computer or computer system. Meddling fingerprints can be
easily masked within complex webs of information, making it a prime
tactic for individuals, groups and governments that wish to spread
messages quickly.
"Not all hacking is 'black hacking' with
malicious intent," says Clint Watts, a senior fellow at the Center for
Cyber and Homeland Security at George Washington University who testified to Congress on the subject. But the allegations against Russia. leading to what FBI Director James Comey confirmed
as an investigation into the "Russian government's efforts to interfere
in the 2016 presidential election," could be an example.
Some cybersecurity experts agree that the
internet may be Russia's latest, most powerful tool among the resurging
propaganda-like tactics in use since the Cold War and earlier to
influence global events in favor of Russia's interests, particularly by
discrediting democratic governments.
In the case of the U.S. election, Russia
is suspected of orchestrating the leak of classified information to the
public, in large part through hacking servers that held information
connected to the Democratic National Convention.
The U.S. intelligence community has called it an "influence campaign," and cybersecurity experts have referenced the country's long history of employing "active measures," or coordinating efforts to influence international events.
Sometimes the most basic hacking tactics are
enough to break through security barriers, Watts says. When pursuing a
specific goal, he says, groups of hackers can spend all day sending
targeted spam campaigns that include "spear phishing emails" that
collect passwords as soon as they are clicked on and "watering hole
attacks" that prompt users to enter login information on fake websites
that appear to be real.
But politics aside, hackers are tough to hack.
Because the cyberworld is so complex and because
the sheer volume of cyberattacks happening at any given time is so
large, it is hard to pinpoint the source of any attack, Evron says from
his offices in Israel. A person in Denmark could access a computer in China to connect to another system in Australia to breach a smartphone in the U.K., all in a matter of minutes.
"What we do understand is that it's not just
about computers. It's about people, information and what they can be
made to believe," he says.
Other countries, including China, Iran and North Korea, have attempted similar campaigns using the internet.
“Authoritarian regimes believe these instruments
serve them well in discrediting Western democracy,” Godson says, and
are able to succeed due to their control over the media coupled with a
lack of checks and balances.
In a blog post,
internationally renowned security expert Bruce Schneier cites China's
attacks against the New York Times in 2012 and North Korea's attack on
Sony in 2014, among others. “It’s one thing for the government to know
who attacked it. It’s quite another for it to convince the public who
attacked it,” he writes, especially when key evidence in tracking
hacking attacks is becoming increasingly secret.
While it's difficult to track down budgets, some
experts say it's likely that Russia is investing millions – or perhaps
billions – into technology and training to spread a more convincing
message, directly or indirectly.
"As far as we know, the Russian government is
recruiting people to specialize in this [intelligence] instrument," says
Roy Godson, an emeritus professor of government at Georgetown
University who also testified
to Congress on the topic. While some of these "agents of influence" are
Russian nationals, others aren't, he says. But they're "hired because
they will be influential people in society."
In addition to these experts trained for a
career in the practice, Godson says, there is another category of
agents: the "useful idiots," who "don't know very much but who can be
useful in terms of their influence."
Thanks to the internet, methods of communication
have grown exponentially since the term was used in Lenin's day, but
today's useful idiots are the people who retweet, reblog and repost
messages that are meant to serve interests that are not their own. A New
York Times editorial called Donald Trump one.
To cut down on the number of useful idiots who
spread propaganda-like messages unknowingly, experts recommend
significantly enhancing training for government officials, individuals
and private businesses. Building response strategies that are more
offensive than defensive is critical, they say, as the waves of populism sweeping through Western Europe serve as the perfect foothold for similar attacks.
After assessing its impact on the U.S. election,
"Russia is regrouping and will strategically continue what they're
doing," Watts says. "They'll shift to any entity or issue that would
help propel their message."
No comments:
Post a Comment