What Trump's victory means for cybersecurity

During the campaign, Donald Trump split with intelligence officials over Russia's involvement in hacking US political organizations and offered few details about cybersecurity policies.

President-elect Donald Trump greeted supporters at his election night rally in Manhattan.

Mike Segar/Reuters

November 9, 2016

Other than a few technological glitches, voting systems Tuesday appeared to run smoothly. Election Day concerns that malicious hackers might tamper with voting, after a presidential season marked by digital attacks, didn't materialize. But that wasn't the biggest surprise of the night. That honor went to President-elect Donald Trump, whose win stunned pollsters and pundits alike.

So, what does Mr. Trump's victory mean for cybersecurity? There are already some indications. 

"To truly make America safe, we truly have to make cybersecurity a major priority," Trump told a Virginia crowd in October, adding that cyberattacks from other countries including "China, Russia, and North Korea constitute one of our most critical national security concerns." 

Howard University hoped to make history. Now it’s ready for a different role.

His cybersecurity plan promises an "immediate review" of the country's "cyberdefenses and vulnerabilities" including within US critical infrastructure, which includes the energy and banking sectors. He pledged to create task forces to respond to digital threats throughout the country – and get recommendations on how to enhance the military's Cyber Command with "with a focus on both offense and defense."

Still, Trump may need to brush up cybersecurity issues when he's in office. His response to a question on cybersecurity at a September debate – in which he invoked his 10-year-old son's prowess with computers and inadvertently started an internet meme by calling digital threats "the cyber" – was widely dismissed by the tech press as "incoherent" and "utterly disconnected."

There are also important questions about how a future President Trump will engage with those on the front lines of intelligence gathering in cyberspace. 

During his campaign, he refused to blame Russia for hacking US political organizations. That position contradicted US intelligence officials, prominent cybersecurity researchers who investigated the hacks, and even his own senior military adviser retired Army lieutenant general Michael Flynn, who all said there was enough evidence to blame Moscow. 

Instead, Trump offered up his own idea that China or "someone sitting on their bed that weighs 400 pounds" may have been responsible.

Ukraine’s Pokrovsk was about to fall to Russia 2 months ago. It’s hanging on.

There are also lingering questions about what Trump's election means for the US quest to forge international norms for cyberspace in the Digital Age. Trump drew outrage from critics when he went so far as to encourage Russia – if its intelligence services had indeed hacked his opponent Hillary Clinton's email server – to publish the data it might have stolen. 

"Russia, if you’re listening," he said, "I hope you’re able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press." The New York Times reported at the time that this call was "essentially urging a foreign adversary to conduct cyberespionage against a former secretary of state."

Now that Trump will soon hold the Oval Office, Politico's Tim Starks noted there could be consequences for remarks made in the frenzy of a heated campaign: "Trump's election may herald an era of Russian free rein ... the prospect that Russia will face no US punishment for its behavior, something experts fear will embolden President Vladimir Putin and his regime to keep mounting cyberattacks around the globe."

Trump's election may also renew the encryption fight that went unresolved during the Obama administration. Trump went so far as to call for a boycott of Apple for its stance on encryption as it pledged to fight a court's ruling to help the FBI unlock the iPhone used by the shooter in the San Bernardino terror attack.

His antiencryption stance, says security researcher Jonathan Zdziarski, adds urgency to the need for people to adopt encryption:

In the remaining months of Obama's presidency, digital rights advocacy groups are making a final play for the current commander-in-chief to rein in the government's spying powers – a rallying point since former National Security Agency contractor-turned-whistleblower Edward Snowden exposed sweeping surveillance programs in 2013.

Yet, as noted privacy advocate and author Cory Doctorow wrote Wednesday on the tech blog Boing Boing, "The seven years of GW Bush-after-9/11 gave us the foundations for a surveillance state that was one madman away from totalitarianism. Then, eight years of Obama operationalized that surveillance state, gave it the competent administrators and diverse stakeholders – local police, international partners, military-industrial contractors with fat lobbying budgets – that it needs to sustain itself indefinitely." 

Now, he adds, Trump will inherit control "over a surveillance arsenal that includes the legal authority to spy on all of us, all the time ... and a hoard of deadly technological vulnerabilities in tools we all rely upon that America has weaponized to attack its enemies, even if that means leaving Americans undefended against criminals, nihilist griefers, and foreign state and industrial spies." (Mr. Doctorow views him as unfit for the responsibility.)

So some advocates such as Evan Greer of tech advocacy group Fight for the Future want to see Obama take action before Trump takes office: