Cybersecurity is Critical to the US Presidential Election Agenda
October 31st, 2016
Trump or Hillary, Democrats or Republican. Whatever the political affiliation, one thing is clear- cybersecurity is now a legitimate, even crucial issue, in the US presidential elections. A recent survey conducted by Raytheon and the National Cyber Security Alliance (NCSA) found that 53 percent of young adults in the U.S. between the ages of 18 and 26 say that a political candidate’s position on cybersecurity impacts their level of support for that candidate.
This indicates just how critical the internet is, in the eyes of this generation. It also indicates how widespread, and the amount of media attention, cybersecurity incidents boast nowadays. The number of young adults who have either read or heard about cyber-attacks increased from 36 percent in 2015 to 64 percent in 2016. Consider the recent Yahoo! Hack, LinkedIn Hack (occurred in 2012 but made public this year), GOP hack, Hillary’s email security debacle; we can all recall the high profile breaches of Sony, Target and Home Depot of days gone by.
Cyber is on the political agenda this time, however, because it can actually affect the candidates’ outcome, not only through the voter’s opinions, but through direct interferences with political parties’ IT systems and manipulation of the voting process.
US officials have formally accused Russia of cyber-attacks against the Democratic Party (http://www.bbc.com/news/election-us-2016-37592684), which resulted in massive leak of sensitive documents and emails, now being used to rail against the democratic candidate by it’s opponents. Even more severe than hacking a particular party, are attempts to launch cyberattacks on Florida, Illinois and Arizona’s election systems, which may have exposed the personal data of hundreds of thousands of voters, according to US officials (http://edition.cnn.com/2016/10/12/politics/florida-election-hack/ ). These hacking attempts have also been attributed to Russia.
Such attempts have highlighted the processes’ poor security; security company Symantec has demontrated that the voting process can be manipulated using only a cheap device and some basic programming skills (http://www.in.techradar.com/news/You-can-hack-the-US-Presidential-Elections-with-a-15-Rasberry-Pi/articleshow/54933148.cms). It is therefore not unlikely that less capable actors such as cyber-criminals, hacktivists and cyber-terrorists might also try to interfere with, or manipulate, the voting process. The motivation for such hacks can be criminal/commercial (to exploit user details in subsequent crime schemes such as phishing or political extortion), hacktivist (we can think of several anarchist entities who would be delighted to obstruct the election process) and political, or diplomatic reasons.
It isn’t, in fact, even necessary to hack the actual election process in order to effect the result. It could be sufficient to hack into a media outlet and report false preliminary results (http://www.politico.com/story/2016/10/media-vulnerable-to-election-night-cyber-attack-229956),
or to use fake or stolen media accounts to control the discourse on election day - something which Anonymous hacktivists have been discussing for a while (see the ongoing activity of OpTrump or OpHillary).
Whatever the motivation for meddling with the elections, and whatever the ultimate impact it will have on these elections, one thing is certain: cybersecurity has great influence on the political agenda, and voters minds. Considering this, it is essential that the next US president devise a new cybersecurity strategy to confront the growing threat of cybercrime upon the United States.
This post was written by IntSights CEO, Guy Nizan
Stay up to Date!
Subscribe to the blog to stay up to date with all the latest industry news and updates from IntSights.