On Tuesday, 8 November, American citizens will head to the polls and vote for the next President of the United States. Whoever wins that election could champion significant policy changes in a number of key areas. That includes information security.
Not everyone is concerned about how the election will affect infosec, however. In June 2016, Tripwire asked 400 attendees of the Infosecurity Europe 2016 conference about their thoughts on the election. Of those who responded, more than half (54 percent) said they weren’t concerned the election’s outcome would leave a negative impact on digital security worldwide.
The same can’t be said about the other side of the infosec coin: cyber criminals.
For instance, in June 2016, news broke about how a group of hackers believed to be associated with the Russian government infiltrated the Democratic National Convention’s computer network and stole opposition research on Republican presidential nominee Donald Trump, among other documents. Researchers at security firm CrowdStrike believe hackers perpetrated the breach to “engage in extensive political and economic espionage for the benefit of the government of the Russian Federation.”
That incident lends credence to the position of one Andrés Sepúlveda, a man who is serving a 10-year prison sentence for rigging elections in Latin America. When Bloomberg asked him if he thought criminals were manipulating the U.S. presidential election, he replied: “I’m 100 percent sure it is.”
To obtain a wider perspective on this possibility, Tripwire asked 200 information security professionals who attended Black Hat USA 2016 to weigh in on how digital security issues were affecting the election. When asked if computer criminals were influencing the outcome of the upcoming election, nearly two-thirds (63 percent) of respondents answered, “yes.”
Tim Erlin, director of IT security and risk strategy for Tripwire, is careful to point out the significance of that finding:
“This is an unprecedented moment in both politics and information security. A foreign power possibly influencing the U.S. presidential election through electronic means is a game changer for information security professionals. While these survey results aren’t surprising, they are very important. We’re seeing a significant shift in the role that information security plays on the global stage. While the DNC attack is the most visible, it’s not the first incident. We’ve been building up to this type of event for a number of years.”
Tripwire also asked respondents to comment on attacks perpetrated by nation-state computer criminals in its survey. It found that only 10 percent of respondents considered nation-state attacks one of the top two security threats confronting their organizations. Even so, when put in the context of a national election, an overwhelming majority (82 percent) of IT professionals felt state-sponsored attacks constituted acts of war, whereas 55 percent went so far as to say a victim state had “a self-defense right” to retaliate.
Dwayne Melancon, chief technology officer and vice president of research and development for Tripwire, fears this mindset could threaten international security:
“In addition to considering nation-state cyber attacks to be an act of war, respondents favor an organization’s right to strike back. These two positions have one thing in common: a high margin for error. Attribution of cyber attacks is very difficult. For example, investigations sometimes discover that attacks appearing to come from other countries actually have a command and control base in the U.S., and vice versa. If a cyber attack escalates into war or retribution, you’d better be certain of its origin.”
Given the difficulties of attribution, countries should begin working together to lay out a “code of conduct” for engagement in the digital space, including what should constitute a proportionate response.
Erlin couldn’t agree more:
“While it’s clear that the majority of respondents believe state-sponsored attacks are an act of cyber war, there’s little consensus on what an appropriate response should be. It’s time for the conversation to move beyond true and false to defining an appropriate cyber war response.”
Nations need to update the rules of just war for the digital age. In so doing, they will help check the escalation of conflict across the digital-kinetic divide and keep the occurrence of war at a minimum.
Interesting in learning how you can defend your organization’s endpoints against state-sponsored actors and other attackers? Please click here.