Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Fraud Risk Management
US Cybercom Considers Bold Election Security Moves: Report
Measures Could Include 'Limited Cyber Operation' Against RussiansThe U.S. Cyber Command is weighing several cyber strategies to counter Russian influence and interference during the 2020 presidential election, The Washington Post reports. citing current and former officials familiar with those discussions.
See Also: 57 Tips to Secure Your Organization
The proposed countermeasures include targeting the private data of Russia's political and business elites to show that their information would be susceptible to hacking if the country's interference in U.S. elections continued, according to the Post. The U.S. officials quoted in the story declined to offer more specifics.
"The messaging would be accompanied by a limited cyber operation that demonstrates the Americans' access to a particular system or account and the capability to inflict a cost," an individual familiar with the matter told the Post. "The message would implicitly warn the target that if the election interference did not cease, there would be consequences."
The officials who spoke to the Post on the condition of anonymity noted that these cyber operations would not target President Vladimir Putin because such a move would be "too provocative."
Any cyber operation would need approval from several federal agencies, including the CIA and U.S. State Department, and the secretary of defense would need to sign off on Cyber Command involvement.
The U.S. Cyber Command, a unit of the Defense Department, includes military units that focus on bolstering and integrating the nation's cyber capabilities.
Continuing Efforts
U.S. Cyber Command's efforts to counter Russian influence during election season started in 2018 with a similar campaign that targeted Russian internet trolls by sending emails, pop-ups and text messages, the Post reports. The trolls worked at Russia’s Internet Research Agency, which is financed by a Russian oligarch. The agency has targeted U.S. citizens with fake news content and social media posts in an effort to spread discord.
When the interference from the Internet Research Agency continued, Cyber Command knocked out the agency’s servers for two days near election day in 2018, the Post reports.
In September, the U.S. Treasury Department issued sanctions against six individuals associated with the Internet Research Agency, including Yevgeniy Prigozhin, who American officials suspect of financing the troll farm's activities (see: Russian Troll Farm Targeted With Fresh US Sanctions).
The Post also reports that in 2018, the Cyber Command targeted some of the hackers working directly for Russian military intelligence with messages that their identities were known and could be published. The Post notes that these messages were not signed, but that Russians would know where they had originated.
As it prepares for the 2020 presidential election, the Cyber Command is planning to build on these 2018 operations and could target Russian leaders, security officials and other elite citizens, the Post reports.
Russian Activity
The U.S. Senate Intelligence Committee issued a report in July that found Russian hackers and trolls targeted election systems and infrastructure in all 50 states in the run-up to the 2016 presidential election (see: Russia Targeted All 50 States During 2016 Election: Report).
According to the report, Russian-backed hackers attempted to infiltrate the voting systems and infrastructure as early as 2014. The report, however, failed to determine the motive of the Russian actor or if the election interference altered the voting tallies or results.
That Senate report was published a few days after former Special Counsel Robert Mueller testified before two U.S. House committees about Russian interference in the 2016 elections. As part of his testimony, Mueller warned that Russia was planning to interfere in the 2020 presidential election (see: Mueller: Russian Interference 'Serious' Threat to Democracy).
Election Security Scrutiny
Since the interference in the 2016 presidential election, lawmakers and federal agencies have attempted to increase election security scrutiny.
In November, for instance, the Trump administration revealed new protocols for notifying the public of nation-state hacking or other interference during the 2020 presidential election cycle (see: Election Interference Notification Protocols Unveiled).
President Donald Trump signed a $1.4 trillion spending bill on Dec. 20 that includes $425 million in federal grants to help local and state officials better secure systems and infrastructure before the 2020 election, Reuters reports.
That money comes at a time when many are concerned about the security of voting machines. In August, for example, security researchers showed how voting machines in the U.S remain susceptible to tampering, hacking and other security vulnerabilities (see: Report: US Voting Machines Still Prone to Hacking).