Forensics , Incident & Breach Response , Managed Detection & Response (MDR)
Rubio: Russia's Intent Is to Spread Disarray
Senate Panel Reacts to Report on Pre-Election Hacks, LeaksDon't think of the Russian-government breach of Democratic Party computers as merely an attempt to influence the U.S. presidential election, but rather as a sophisticated campaign aimed to spread disarray through the U.S. federal government and American society.
See Also: AI and ML: Ushering in a new era of network and security
That's the view of Sen. Marco Rubio, R-Fla., who contends Russian President Vladimir Putin's intent in directing the hack of Democratic Party computers was to undermine the credibility of America's political leaders and government institutions.
Rubio is a member of the Senate Permanent Select Committee on Intelligence, which held a hearing Jan. 10 on the report issued last week by U.S. intelligence agencies that concludes Putin was behind a campaign that wielded security breaches, social media and fake news to sway votes in the U.S. presidential election (see Intelligence Report Blames Putin for Election-Related Hacks).
The Florida senator said the Russian hacking and propaganda campaign resulted in one presidential candidate - presumably Donald Trump - warning of voter fraud after the breach of several state voter rolls, Democrats questioning the legitimacy of Trump's victory and the president-elect raising doubts about the credibility of the intelligence community's assessment that the Russians favored Trump.
"This sounds like a pretty effective, successful effort to sow chaos, undermine credibility of our leaders and our government institutions," Rubio said. "In essence, it sounds like they achieved what they wanted, to get us to fight against each other over whether our elections were legitimate and divide us in the way that sows the sort of chaos they sought to achieve."
Using Hacking to Frame a Lawmaker
Rubio offered the following hypothetical scenario: A senator or representative proposes a policy opposed by the Kremlin, then falls victim to a phishing attack in which the Russians gain access to the lawmaker's computer. The hackers manipulate the computer's data to make it look as if the legislator engaged in money laundering. Law enforcement agencies might then be notified and police seize the computer containing the fabricated evidence and then arrest the lawmaker.
"Is that not a tactic they have used to discredit individual political figures [overseas], and isn't it true that that could very well happen here in the United States?" Rubio asked National Intelligence Director James Clapper.
Clapper responded: "It is well within their technical competence and their potential intent to do some things like that. ... The next worrisome trend in the cyber business will be the compromise of the fidelity of information, and whether it's for a criminal purpose or a political purpose, this is well within the realm, I think, of possibilities."
Russians Breached 'Old' GOP Computers
FBI Director James Comey, at the hearing, said Russian hackers gained access to Republican National Committee records stored on computers "no longer in use."
"There was evidence that there was hacking at state-level organizations, state-level campaigns and the RNC, but of old domains of the RNC; email domains that they were no longer using," Comey testified. "And, information was harvested from there, but it was old stuff. None of that was released. We did not develop any evidence that the Trump campaign or the current RNC was successfully hacked."
Democrats contend that the Russians only leaked pilfered data, supporting the intelligence community's assessment that the Kremlin wanted to see Trump elected. Republicans responded that the Russians hadn't gained any new information to use against Trump.
Republican leaders, including White House Chief of Staff-designate Reince Priebus, have said that the Democrats were partly culpable in the attack on DNC computers because they failed to take proper steps to protect their systems and webmail accounts from the Russians, as did the RNC (see Deep Dive: US Intelligence Report Into Russian Hacking). Priebus said the GOP approved the FBI request to have access to Republican Party computers to conduct digital forensic examinations, but the Democrats did not.
Comey: FBI Requested Access to DNC Servers
The FBI director also said that the bureau repeatedly requested - but was denied - access to hacked DNC servers, Democratic Party congressional computers and John Podesta's computing devices to conduct forensic examinations on them. Podesta served as chairman of Hillary Clinton's presidential campaign and his Gmail account was hacked following a phishing attack. Leaks of Podesta's emails proved embarrassing to Clinton.
Comey said instead of gaining access, the DNC shared a forensics report conducted on the servers by the security firm CrowdStrike. "We always prefer to have hands-on ourselves, if that is possible," he said.