Nearly three decades after Glasnost and the fall of the Berlin Wall, it would appear that the cold war never officially ended. On Tuesday, US intelligence agencies informed the White House they have “high confidence” that Russia is to blame for DNC emails being hacked.
However, now that the question of where the attack originated appears to be answered, it has raised an even larger one and that is – what was Russia’s intention? Intelligence officials have stated that they are uncertain if the DNC email hack was carried out as part of fairly common cyberespionage, or if the motive was more sinister.
Often, spy agencies, including those within the United States, collect this type of information in an attempt to learn more about the politics of other nations. However, in the past, Russian spy agencies have published damaging information in an effort to sway political events in regions they consider within their influence. For example, during the 2015 Ukranian elections an organization known as CyberBerkut threw the election into chaos.
If Russia released the DNC emails in an effort to influence a US election then it far exceeds anything US counterintelligence officials have faced before, suggesting we are entering an era in which intelligence findings are now being “weaponized”. And, if this is the case, it can be expected that the relationship between the United States and Russia will grow even icier.
If Russia released the DNC emails in an effort to influence a US election then it far exceeds anything US counterintelligence officials have faced before, suggesting we are entering an era in which intelligence findings are now being “weaponized”.
What does Russia gain by hacking DNC emails and influencing the US election?
The theory reported by the New York Times is that Russian President Vladimir Putin would rather deal with an isolationist-minded President like Donald Trump rather than a more hawkish and less friendly President like Hillary Clinton. Trump dismisses those claims.
The released DNC emails do seem to be having a negative effect by dividing and weakening the Democratic Party. The damaging DNC emails exposed favoritism toward Hillary Clinton over her one-time rival, Bernie Sanders. This caused an uproar from Bernie Sanders’ supporters as they believe this proves the DNC was never neutral and impartial as it claimed. At a time when the Party is desperately trying to bring Democrats together, the leaked DNC emails have only served to deepen the divide.
In addition, the DNC email leak was responsible for the resignation of DNC chairwoman Debbie Wasserman Schultz on the eve of the convention.
To top off the disastrous week for the Democrats, the Washington Post reported Hillary Clinton’s poll numbers on Monday and the results were bleak. According to a CNN poll, 68% of respondents say Hillary Clinton is not honest or trustworthy and a CBS poll showed that only 31% of respondents view her favorably. Separate from the Washington Post article, a CNN poll now places Donald Trump ahead in the race toward the White House.
It isn’t known if the leaked DNC emails have anything to do with Hillary Clinton’s shrinking favorability ratings, but it is hard to imagine that they could have had a positive impact in any way.
At a time when the DNC is desperately trying to bring Democrats together at the convention, the leaked DNC emails have only served to deepen the divide.
How did Russia hack the DNC Emails?
The cyber attack that wrecked havoc on the Democratic Party really shouldn’t come as too much of a surprise. According to CNN, Federal investigators warned the DNC about a potential breach in their network months before the DNC even made an effort to remedy the problem.
In April, when the DNC finally brought in private security firm, CrowdStrike, the hackers had already been inside the system for a year.
So, how did the hackers gain access to the DNC emails? Motherboard reporter, Thomas Rid put together a highly detailed account of the DNC email hack:
“The forensic evidence linking the DNC breach to known Russian operations is very strong. On June 20, two competing cybersecurity companies, Mandiant (part of FireEye) and Fidelis, confirmed CrowdStrike’s initial findings that Russian intelligence indeed hacked the DNC. The forensic evidence that links network breaches to known groups is solid: used and reused tools, methods, infrastructure, even unique encryption keys. For example: in late March the attackers registered a domain with a typo—misdepatrment[.]com—to look suspiciously like the company hired by the DNC to manage its network, MIS Department. They then linked this deceptive domain to a long-known APT 28 so-called X-Tunnel command-and-control IP address, 45.32.129[.]185.
One of the strongest pieces of evidence linking GRU to the DNC hack is the equivalent of identical fingerprints found in two burglarized buildings: a reused command-and-control address—176.31.112[.]10—that was hard coded in a piece of malware found both in the German parliament as well as on the DNC’s servers. Russian military intelligence was identified by the German domestic security agency BfV as the actor responsible for the Bundestag breach. The infrastructure behind the fake MIS Department domain was also linked to the Berlin intrusion through at least one other element, a shared SSL certificate.”
What does the future hold?
According to Lisa Monaco, President Barack Obama’s homeland security and counterterrorism adviser, we are witnessing a cyber threat “revolution”.
“To put it bluntly, we are in the midst of a revolution of the cyber threat – one that is growing more persistent, more diverse, more frequent and more dangerous every day,” Monaco said at a cybersecurity conference in New York. “Unless we act together – government, industry, and citizens – we risk a world where malicious cyber activity could threaten our security and prosperity. That is not a future we should accept.”
This dire warning comes on the heels of the DNC email hack and is also the result of a number of cyber attacks against both organizations and governments alike.
In an effort to make Washington’s response to major cyber attacks more efficient and effective, President Obama released a policy directive that establishes six levels of severity for attacks along with a color coded system similar to that used by the Homeland Security Department.
While creating a cyber security policy directive is a step in the right direction, more must be done to protect data against increasingly sophisticated and aggressive hackers. This time it is the DNC that is left to deal with the fallout created by hackers, but any organization without a strong cyber security system in place could find itself in much the same disastrous position.
To learn more about how Mice 360 can help you protect your valuable information from a cyber attack contact us today.