Modern field guide to security and privacy

Opinion: Trump has a point about 'the cyber'

During the last two presidential debates, Donald Trump cast doubt on US claims that Russia carried out cyberattacks on political organizations. But without clear evidence from the government, how can the public really be sure it was Moscow? 

|
Jim Young/Reuters
Republican nominee Donald Trump at the presidential town hall debate against Democratic presidential nominee Hillary Clinton at Washington University in St. Louis.

In between news coverage of Hurricane Matthew and reactions to the leaked Donald Trump videotape, the Department of Homeland Security and the Office of the Director of National Intelligence released a joint statement last week accusing Russia of orchestrating cyberattacks to interfere with US elections.

This marks only the fourth time that the US has formally accused a nation of digital breaches. The first was in December 2014 when the FBI accused North Korea of orchestrating the devastating Sony Pictures attack. In May of that year, the Justice Department formally charged five Chinese military officers for several cyberincidents at US nuclear power, metals, and solar products companies.

Earlier this year, the Justice Department filed indictments against seven Iranians who supposedly carried out distributed denial of service, or DDoS, attacks against US banks and apparently illegally accessing control systems at a small dam in Rye, N.Y. 

In all four cases, the US government presented the accusations to the American public without supporting evidence. And, that's a problem. It's something that Mr. Trump has latched onto, casting doubts about Russia's involvement in recent attacks, and raising the level of skepticism whenever the US points the finger following cyberattacks.

"As far as the cyber, I agree to parts of what Secretary Clinton said. We should be better than anybody else, and perhaps we're not. I don't think anybody knows it was Russia that broke into the [Democratic National Committee]. She's saying Russia, Russia, Russia, but I don't – maybe it was. I mean, it could be Russia, but it could also be China. It could also be lots of other people. It also could be somebody sitting on their bed that weighs 400 pounds, OK? You don't know who broke into DNC," Trump said during the first debate.

And even after the US officially blamed Russia for the DNC hack, Trump said this during Sunday's presidential debate: "She doesn't know if it's the Russians doing the hacking. Maybe there is no hacking. But they always blame Russia."

While the idea of the 400-pound hacker has become a pretty humorous meme (see here and here) among information security professionals, Trump is actually onto something. As far as the American public can tell, since the US government hasn't revealed its evidence against Russia, China, or Iran, he might be right. 

According to NBC News, a senior US intelligence official called Trump's statements willful misrepresentations, claiming that both candidates had been briefed on the situation. This may be true, but the US public hasn't received any briefings.

There's a long history of blaming "hackers" without evidence. In 1995, the government blamed famed hacker Kevin Mitnick for breaking into North American Aerospace Defense Command (NORAD). At the time, the claims seemed fanciful and were later proven false

In 1999, British news reports blamed hackers for commandeering a military satellite and holding it for ransom. That turned out to be wrong, too. Richard Clarke, former US cyber czar, once claimed hackers knocked out power in Brazil. Yet, too much soot at an electric utility actually caused the blackout. Hackers have been blamed for everything from pipelines exploding to oil rigs tipping over. And, in case after case, further investigation revealed that hackers weren't involved. 

In the corporate world, incident response teams follow up on breaches. They gather tons of evidence to determine how the attackers gained entry and how they siphoned off data. Evidence includes log files, Internet protocol (IP) addresses, network traffic, and malware samples. The experts examine evidence to determine how to fix security loopholes and keep other attackers from getting back into critical systems.

The job of placing blame for cyberattacks is usually left to law enforcement. But it's another matter altogether when it comes to blaming foreign nationals. That's a political maneuver. Formal declarations such as the one that came from Homeland Security and intelligence officials last week give politicians new reasons to rattle their sabers and stoke cybersecurity paranoia. But without evidence backing up these claims, the finger pointing is simply reckless and negligent. 

Without facts, the US government is trusting the US public and the rest of the world to take their claims at face value. Yes, there could be tactical reasons not to reveal too much about how adversaries carry out their attacks, and too much information could even reveal how the US carries out similar operations abroad. 

President Kennedy faced a similar dilemma in 1962. After military officials showed him top secret U2 spy plane photos that revealed a buildup of nuclear missiles in Cuba, Mr. Kennedy made the photos public, leaving little doubt about Soviet aggression.

Releasing the photos, which was done against the wishes of Kennedy's top national security advisers, compromised the operational security of the U2 program. But Kennedy felt it was a necessary compromise.

While I'm certain the four formal hacking attributions levied by the US government are accurate, facts should still accompany these claims. Otherwise, as far as the US public knows, Trump is correct: "It could also be lots of other people. It also could be somebody sitting on their bed that weighs 400 pounds."

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Opinion: Trump has a point about 'the cyber'
Read this article in
https://www.csmonitor.com/World/Passcode/Passcode-Voices/2016/1011/Opinion-Trump-has-a-point-about-the-cyber
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe